Programming with Microsoft Visual C++.NET 6ed [Electronic resources] نسخه متنی

IIS

IIS is a high-performance Internet/intranet server that takes advantage of underlying Windows NT features such as I/O completion ports, the Win32 function TransmitFile, file-handle caching, and CPU scaling for threads.

When you install Windows NT 2000/XP, you're given the option of installing IIS. If you selected IIS at setup, the server will be running whenever Windows NT is running. IIS is a special kind of Win32 program called a service (actually three services—HTTP, FTP, and SMTP/NNTP—in one program called inetinfo.exe), which doesn't appear on the taskbar. You can control IIS from the Services icon in Control Panel, but you'll probably want to use the Internet Service Manager program instead.

Internet Service Manager

You can run Internet Service Manager from Control Panel using Administrative Tools. From the Start menu, choose Settings, Control Panel. In Control Panel, select Administration. Then select Internet Information Services. On Advanced Server, you can also get to the IIS manager by choosing All Programs, Administrative Tools from the Start menu and then selecting Internet Information Services.

Figure 30-1 shows the Internet Service Manager screen with the World Wide Web (WWW) default site running and FTP services stopped.

Figure 30-1: The Internet Service Manager screen.

You can select a service by clicking on its icon at the left. The Start Item and Stop Item toolbar buttons (triangle and square, respectively) allow you to turn the selected service on or off.

IIS Security

Now that a throng of users can potentially get to your Web site through the Internet, security becomes a big deal. To configure IIS security, right-click on the Web site you want to control and then choose Properties from the shortcut menu to display the Web site's property sheet. Then select the Directory Security property page, as shown in Figure 30-2. Click the Edit button in the Anonymous Access And Authentication Control panel, and you'll see the Authentication Methods property sheet (shown in Figure 30-3). When a client browser requests a file, the server will impersonate a local user for the duration of the request, and that username will determine which files the client can access. Which local user will the server impersonate? Usually the one you see in the Username field, as shown in Figure 30-4. (Click the Edit button in the Authentication Methods dialog box to display the Anonymous User Account dialog box.)

Figure 30-2: The IIS Directory Security property page.

Figure 30-3: The IIS Authentication Methods property sheet.

Figure 30-4: The Anonymous User Account dialog box.

Most Web page visitors don't supply a username and password, so they're considered anonymous users. They have the same rights they'd have if they had logged on to your server locally as IUSR_<MYMACHINENAME>. That means IUSR_<MYMACHINENAME> must appear in the list of users that's displayed when you run User Manager or User Manager For Domains (from the Administrative Tools menu), and the passwords must match. (Note that the MMC snap-in is named Computer Management.) The IIS Setup program normally defines this anonymous user for you. You can define your own WWW anonymous username, but you must be sure that the entry in the Anonymous User Account dialog box matches the entry in the computer's (or Windows NT domain's) user list.

Note also the Authenticated Access options in the Authentication Methods property sheet. IIS uses this username to get a security token when it runs a Web site that offers anonymous access. For the time being, stick to the Anonymous Access option only, which means that all Web users will be logged on as IUSR_<MYMACHINENAME.>

IIS Directories

Remember Consolidated Messenger's Web site from Chapter 28? If you requested the URL http://consolidatedmessenger.com/newproductsl, the newproductsl file would be displayed from the consolidatedmessenger.com home directory. Each server needs a home directory, even if that directory contains only subdirectories. The home directory does not need to be the server computer's root directory, however. As shown in Figure 30-5, the WWW home directory is really C:\WebHome, so clients read the disk file C:\WebHome\newproductsl.

Figure 30-5: The \WebHome WWW home directory property page.

Your server could get by with a home directory only, but the IIS virtual directory feature might be useful. Suppose Consolidated Messenger wants to allow Web access to the directory \BF on the D drive. IIS lets you create a virtual directory, such as /BugsFixed, and map it to a real directory, such as D:\BF. Clients can then access files in the D:\BF directory with a URL similar to this: http://consolidatedmessenger.com/BugsFixed/file1l.

As described in Chapter 28, browsers can issue a blind request. The Documents tab of the property sheet shown in Figure 30-5 lets you specify the file that a blind request selects, usually

Default . If you select the Directory Browsing option on the Home Directory page of the Web site's property sheet, browser clients can see a hypertext list of files in the server's directory instead.

IIS Logging

IIS is capable of making log entries for all connections. You control logging from the Web Site property page of the Web site's property sheet. You can specify text log files, or you can specify logging to an SQL/ODBC database. Log entries consist of date, time, client IP address, file requested, query string, and so forth.

Testing IIS

It's easy to test IIS with a browser or with any of the Ex30a clients. Just make sure that IIS is running and that the Ex30a server is not running. The default IIS home directory is \Winnt\System32\inetsrv\wwwroot (\inetpub\wwwroot on Windows XP), and some HTML files are installed there. If you're running a single machine, you can use the localhost host name. For a network, use a name from the Hosts file. If you can't access the server from a remote machine, run ping to make sure the network is configured correctly. Don't try to build and run ISAPI DLLs until you have successfully tested IIS on your computer.