3. Configuring IIS 8 Website Properties
In the not-so-recent past,
right-clicking a website or the Default Web Site in IIS Manager and
then selecting Properties gave you options for modifying the default
settings and properties for a website. This is no longer the case
because the property pages and tabs have been overhauled starting with
IIS 7 and continuing with IIS 7.5 and now IIS 8. In their place are
feature icons in the Central Details pane and tasks in the Actions
pane. For simplicity, this section describes only the feature icons
associated properties pages in IIS 8.
The Features View tab is located in the
Central Details pane. Some of the feature icons are connected to this
tab for the purpose of configuring properties associated with a
website. From here, you can control everything associated with
application development, HTTP features, health, diagnostics,
performance, and security. The specific features available in the
Central Details pane depend on the role services installed and on the
object selected in the Connections pane. By default, these options are
organized into the following categories:
• ASP.NET features
• IIS features
• Management features
1. ASP.NET Features
The following feature icons and respective configuration pages are associated with an ASP.NET configuration:
• .NET Authorization Rules—Use
this page to control access to a website and application by configuring
Allow and Deny rules and specifying users, roles, and user groups.
• .NET Compilation—Use
this page to configure ASP.NET configuration settings. Settings are
configured based on the following high-level elements: Batch, Behavior,
General, and Assemblies.
• .NET Error Pages—This page is used to configure HTTP error responses for when an error occurs on a website or application.
• .NET Globalization—This
page controls international settings tailored toward local language and
cultural environments. As the world converges and the global reach of
applications grows, this is a great feature to leverage to translate
and format content by reutilizing the existing code and automatically
presenting it to different geographic locations.
• .NET Profile—This feature page contains a list of profile properties is used to track custom data about an application.
• .NET Roles—This page
is used to create predefined roles for managing authorization access
for groups of users. This concept is also known as role-based security.
To leverage this feature, a default provider must be configured. The
two options available are AspNetWindowsTokenRoleProvider and
AspNetSqlRoleProvider.
• .NET Trust Levels—This
page is used to specify the trust level for managed objects, such as
modules, handlers, and applications in the Web.config file.
• .NET Users—This
feature page identifies and manages the identities of users for an
application. The feature controls the identity management behavior for
users defined for an application. When a user is created, the page
displays name, email addresses, date created, and last logon.
• Application Settings—To
manage the variables associated with key/value pairs stored in the
website’s .config file, this feature page is recommended. The
application setting variables and value elements are created by
selecting the Add from the Actions pane. These settings can be accessed
from anywhere within the application.
• Connections Strings—This
page is dedicated to creating and managing connections strings for
managed web applications. By selecting the Add in the Actions pane, you
can create connections strings to SQL Server or other data sources for
database access. Typically, the credentials used to access the database
are Windows Integrated; however, it is possible to specify a SQL Server
account as well.
• Machine Key—Because
IIS 8 is tightly integrated with .NET web services and security is a
primary design factor, this page is available to manage encryption and
hashing keys for applications. You can enter encryption and decryption
methods, including key generations to secure forms-based
authentication, cookie, and page-level view state data.
• Pages and Controls—This
page manages how the setting of ASP.NET pages and controls are compiled
on the web server. New controls can be registered by selecting the task
from the Actions pane. Additional elements can be configured, such as
the behavior, user interface, view state, compilation, general, and
services.
• Providers—This
feature page is used to manage and administer a list of providers the
web server can leverage. Providers are available for .NET Roles, .NET
Users, and .NET Profiles. Default providers include
AspNetSqlRoleProvider and AspNetWindowsTokenRoleProvider role
providers, AspNetSqlMembershipProvider user provider, and
AspNetSqlProfileProvider profile provider. In addition, providers can
be added by users by selecting Add from the Actions pane.
• Session State—This page, as displayed in Figure 3,
is leveraged when it is necessary to control the behavior of
information across browser sessions. It is possible to enable or
disable a session state or store a session state in the web browser or
in a SQL Server database. Additional elements include defining how
cookies are processed when managing session states. Options are Auto
Detect, Use Cookies, Use Device Profile, or Use URI.
Figure 3. The Session State feature page.
• SMTP E-Mail—The final ASP.NET feature is SMTP E-Mail, which uses the System.Net.Mail API. The feature page, as illustrated in Figure 4,
includes properties that need to be specified, such as email address,
SMTP server name, and port to control message-sending functionality
from the web server.
Figure 4. The SMTP E-Mail feature page.
