Cool new IIS7 Features and APIs
IIS7 is a major upgrade of IIS, and will ship in both Windows Vista as well as Windows Longhorn Server. It includes a ton of new functionality, including some very rich integration with ASP.NET. This includes:
1) The ability to now have HttpModules and HttpHandlers participate in all requests to a server. You no longer need to map requests to the ASP.NET ISAPI in order to write managed modules that participate in requests. This makes building modules for flexible authentication, authorization, logging, url-rewriting, auditing, etc. super easy with .NET. You could even now have an ASP.NET HttpModule provide forms-authentication to a PHP or JSP page (in addition to .htm files and static files like images and movies).
2) Integration of the ASP.NET configuration system with IIS. IIS now uses the same web.config configuration model as ASP.NET, which means you can have both ASP.NET and IIS configuration settings in the same file together. You can now set things like default pages, IIS security, logging, etc within a web.config file and xcopy/ftp it to a server. This should simplify deployment and installation of applications considerably. It also enables "delegated administration" for hosting scenarios -- where a hoster provides the application developer the ability to configure certain settings in their web.config file without requiring full admin privledges.
3) An integrated Admin UI tool that manages both IIS and ASP.NET settings together. Included within this rich GUI is support for things like the Membership, Roles and Profile providers (so you can create/delete users directly within the GUI tool -- regardless of what provider is configured). The admin tool also supports remote delegated admin over http -- which means you can point the rich-client admin tool at a shared hoster server and manage your users/roles/profile settings remotely over http (which is pretty cool).
4) Much better request auditing and error debugging. We have a new feature we call "Failed Request Event Buffering" (affectionately known as "FREB"), which allows administrators to configure applications to automatically save request information anytime an error occurs during a request, or if a request takes longer than a specified amount of time to complete (note: if the request completes ok this information can then be just thrown away -- and so doesn't fill up your disk log). This allows you to easily go in after the fact and see what exactly happened during a request that failed, as well as analyze any error exceptions. This can even capture tracing messages generated within ASP.NET or within any component or class library that uses System.Diagnostics -- which makes it much easier for developers and admins to instrument and analyze what is going on with systems at runtimes.
5) Much better configuration APIs and command-line tools. In addition to new config and admin APIs (including a nifty one that you can use to get a listing of all "active" requests being processed by the server -- as well as what state they are in), we now have a great command-line admin story that you can use to set/modify/retrieve all configuration information as well as manage the server (start/stop individual apps, lookup their health state, register new apps, refresh SSL certs, etc). The command-line tool and APIs are also extensible, so you can plug in your own providers and extensions to them.
Carlos from the IIS7 team wrote a nice blog entry a few days ago about some of the new admin APIs that are coming. You can read it here.
As you can see in this article, there is now an easy .NET way to perform a lot of common tasks (much easier than doing it via ADSI or WMI). My favorite one is this code-snippet:
ServerManager iisManager = new ServerManager();
foreach(WorkerProcess w3wp in iisManager.WorkerProcesses) {
Console.WriteLine("W3WP ({0})", w3wp.ProcessId);
foreach (Request request in w3wp.GetRequests(0)) {
Console.WriteLine("{0} - {1},{2},{3}",
request.Url,
request.ClientIPAddr,
request.TimeElapsed,
request.TimeInState);
}
}
In case you are wondering what it does, it is a simple command-line program that uses the new .NET APIs to query IIS7 to get a collection of all active worker processes on the computer, and then print out a list of all current requests being proceeded in each one -- outputting the request's URL, the client-IP address of the remote user, as well as how long it has been executing, and how long it has been in its current state (for example: is it in the authentication module, authorization module, executing within the page, etc).
If you are every wondering "what is going on with this app or server right now" (for example: does it seem to be running slow), you can now run the above code to easily find out in real-time and/or figure out what applications or requests are taking a lot of time -- and then activate FREB on those applications to drill into why.
Hope this helps,
Scott
P.S. I'll be doing a lot more IIS7 posts over the next few months once the beta is more broadly available with Windows Vista. I'm super proud of the team and all they've delivered -- it is really going to rock.