Monday, February 5, 2007

Internet Information Server, basic setting

There is LAMP on Internet as No.1, but inside firms is space for MS IIS. For using IIS as intranet server speaks one ability and this is magic formula Single Sign On. Practically it means, that intranet log in forms totally fall away and the only one log in form is that one we use at start up system. This capability I regard as totally fundamental and therefore I dedicate separate article to this method.

If you want to experiment with intranet and you do not have installed IIS yet on your machine, you can try that. Installation is straight: select menu Start / Setting / Add Remove Programs / Windows Components / Service IIS. I strongly recommend leave out installation of component Front Page Extensions. Some days ago at installation of .NET framework, Front Page Extensions were installed without asking and problems started. In fact, that it was the only one problems with security and problems at all, which I ever had with IIS.

You start intranet applications from address line of browser. In case that you are developing application on your own station:

http://localhost/application-name/default.asp

in case of intranet server you start application with address:

http://server-name/application-name/default.asp

where server-name is domain name of your intranet server. That name, you see in neighbourhood computers. Further aplication-name is name of application (directory) in wwwroot tree. Just to be sure I repeat: We don't use classical Internet address (www.something.com), we use only domain name of intranet server and application name. According to these names browser recognizes, that it is running on intranet and in case of IE sets corresponding security zone, permits JavaScript and Activex. default.asp is your script name.

IIS console

For new application we have to prepare some place at first. In root directory of web server (physical address C:\Inetpub\wwwroot) we create directory named as our new application. It proved to me to create another two subdirectories. The first subdirectory is for scripts which are supposed to actively work with database, it means data editing or creating new records (Edit). We will set security for this directory later, so as we could prove identity of user and make possible to use Single Sign On. The second subdirectory will be used for pictures (Img).

Application setting is done in console for IIS management. We click right button of mouse on This Computer, from context menu, select item Manage and console Computer Management opens. Other way how to open console is over menu: Start / Setting / Control Panel / Tools for repair / Manage This Computer. In console we open item Services and Applications, here we select item Internet Information Services, further Default Web Site. Here we can see our application directory. Clicks at this with right button of mouse and select Properties.

aplication setting

In window, which appeares, select card Directory in line Application name click on button Create (application). In the picture application is already created, so that you see button Remove. Application name retain according to directory name. In application you will be able to use global variables (e.g. path to database), or variables stored into session. You can distinguish bettwen standard directory and application directory by icon in IIS console. Application icon looks like open box. Other items of forms have of such setting, just as proved to me by ages. Log visits may be useful temporarily, as far as your log files does not allocate all the rest of disk and IIS hangs up.

On card Documents check correct setting of default pages. These pages will start if in address line is only server name and application name and no script is specified. There you would find at least following list: default.htm for static pages, default.asp for dynamic pages.

Card Directory Security is described in detail in article Single Sign On. I remind here that home directory of application is set to anonymous access usually.

On card Custom Errors will you can replace standard error messages of web server with your own.

content expiration

Last card is HTTP headers, where we can set expiration time of your pages. Most of intranet applications work with database, or with data from real time process, therefore we would force scripts to Expire Immediately. Then at each page request, the response is assembled over again.

Application directory setting is inherited to the subdirectories, therefore at first we set up home directory of application, only then we set up subdirectories.

While for scripts we have set up immediate expiration, this is not optimal for subdirectory Img, where we will store pictures (icons, backgrounds, buttons). Pictures have long life and there's no need always download them from server and they can stay in cashe at client. I recommend to set expiration time


http://swatelier.info/at/articles/IIS.htm