ASP.NET Architecture on Windows Server 2003

Previous page
Table of content
Next page

On Windows Server 2003, the architecture changes because IIS 6 allows multiple processes to be used to host separate Web applications. This is shown in Figure 20.2.

click to expand
Figure 20.2: ASP.NET architecture on Windows Server 2003 with IIS 6
Note  

IIS 6 supports a backwards compatibility mode that, in turn , supports the IIS 5 ASP.NET worker process model.

Compared to the ASP.NET architecture under Windows 2000, the primary difference in Windows Server 2003 is that separate IIS worker process instances (W3wp.exe) can be used to host Web applications. By default, these run using the NT Authority\NetworkService account, which is a least privileged local account that acts as the computer account over the network. A Web application that runs in the context of the Network Service account presents the computer's credentials to remote servers for authentication.

Configuring ACLs for Network Service

Configuring an access control list (ACL) for the Network Service account varies for local and remote machines. If you want to grant access to the Network Service account on the local machine, add the Network Service account to an ACL. If you want to grant access to the Network Service account on a remote machine, add the DomainName\MachineName$ account to an ACL.

Note  

Do not confuse the Network Service account with the Network built-in group , which includes users who were authenticated across the network.

The main components of the architecture depicted by Figure 20.2 are summarized in Table 20.3.

Table 20.3: Components of the Windows Server 2003 ASP.NET Architecture

Component

Description

Aspnet_isapi.dll

Queues requests for processing by the managed code ASP.NET engine and performs health monitoring.

Aspnet_filter.dll

A lightweight ISAPI filter used only to support cookie-less session state for ASP.NET applications. Runs inside W3wp.exe.

W3wp.exe

The IIS worker process that contains the managed code ASP.NET processing engine. The URL space can be arbitrarily divided among different W3wp.exe instances using IIS 6 application pools. A Web garden mode is also supported. Requests are routed to the W3wp.exe process instance directly from Http.sys which runs in kernel mode. By default, the process runs under the Network Service account but can be configured.

Aspnet_state.exe

An optional Windows service used to store session state for ASP.NET applications. It can run on the Web server or on a remote machine (required for Web farm scenarios). Runs under the Network Service account but can be configured using the Services snap-in.



Previous page
Table of content
Next page
Improving Web Application Security. Threats and Countermeasures
Improving Web Application Security: Threats and Countermeasures
ISBN: 0735618429
EAN: 2147483647
Year: 2003
Pages: 613
Authors: Microsoft Corporation
BUY ON AMAZON
Identifying and Managing Project Risk: Essential Tools for Failure-Proofing Your Project
Cisco IP Communications Express: CallManager Express with Cisco Unity Express
Building Web Applications with UML (2nd Edition)
Introduction to 80x86 Assembly Language and Computer Architecture
Cisco IOS Cookbook (Cookbooks (OReilly))
Google Maps Hacks: Tips & Tools for Geographic Searching and Remixing
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy