If you host multiple ASP.NET Web applications on a shared Web server, you need to consider application isolation. For example, how can you ensure that individual applications will not affect one another at runtime? How can you prevent a single rogue or badly written application from consuming critical system level resources on the server that keeps other applications from running properly?
The issue is particularly significant for Internet Service Providers (ISPs) who host large numbers of applications from different companies. In a hosting scenario, it is essential to ensure that the installation of a new application cannot adversely impact the operation of existing applications.
There are a number of ways in which application isolation can be achieved. The available options vary depending on the version of the .NET Framework and the version of the operating system that you run on the Web server. If you are running version 1.1 of the .NET Framework, you can use the resource constraint model provided by code access security to provide one level of application isolation. This application isolation is achieved by restricting an application from to access different types of resources such as the file system, registry, event log, Active Directory, databases, network resources, and so on.
In addition, Windows Server 2003 provides process isolation through Internet Information Services 6.0 (IIS 6) application pools that enable multiple applications to run in separate IIS worker process instances. Process isolation is not possible on Windows 2000 because all Web applications run in a single instance of the ASP.NET worker process, with application domains providing isolation.
The Table 20.1 summarizes the various options for application isolation that are available on Windows 2000 and Windows Server 2003.
Isolation Feature | Windows 2000 | Windows Server 2003 |
---|---|---|
Process isolation | No | Yes (IIS 6 App Pools) |
Application domain isolation | Yes | Yes |
Multiple thread identities | Yes | Yes |
Code access security resource constraint | Yes(.NET Framework version 1.1) | Yes(.NET Framework version 1.1) |
Windows Server 2003 running version 1.1 of the .NET Framework is the recommended platform for hosting multiple ASP.NET applications because it supports process isolation and provides the richest range of options for application isolation.