Serveur Internet sous Windows NT

Eric Lapaille

eric@netline.be

(c) 1996

Votre réseauVotre réseau

ClientsClients

The Internet

serveurs Webserveurs Web

Wide Area BandwidthWide Area Bandwidth

GenerationGeneration SpeedSpeed TechnologyTechnology ApplicationApplication

14.414.428.828.8 Modem, SVDModem, SVD Text great,Text great,

Pictures OKPictures OKNarrowbandNarrowband

(Today)(Today)

100-400100-400ISDN, ISDN,

PC cable PC cable modemmodem

Pictures great,Pictures great,Video OKVideo OK

MidbandMidband(1-2 years)(1-2 years)

BroadbandBroadband(2+ years)(2+ years) 1500+1500+ ATMATM Video greatVideo great

(k-baud/sec.)(k-baud/sec.)

Serveurs de données et le WebServeurs de données et le Web MainframeMainframe

DB/2DB/2

SNASNA Server Server

InternetInternetInformationInformation

ServerServer

ReportReportfilefile

<HTML><HTML><HEAD><HEAD>

<A HREF=“http:/starsql.idc?”><A HREF=“http:/starsql.idc?”>Run query</A>Run query</A>

<A HREF=“ftp://user@host.lu/reportFile”><A HREF=“ftp://user@host.lu/reportFile”>Retrieve Report</A>Retrieve Report</A>

ODBC/ODBC/DRDADRDA

FTP/AFTP

Navigateur WebNavigateur Web

Internet

Web Server FunctionalityWeb Server Functionality

Web browser 1

FilesFiles

Web browser n

Server sideServer sideClient sideClient side

HTTPHTTPHTTPHTTP WebWebserverserverWebWeb

serverserver

Web serverWeb serverWeb serverWeb serverC

GI

CG

I

PerlPerl

Web browserWeb browserclientclient

Web browserWeb browserclientclient

Perl scriptsPerl scripts

SimpleSimpleapplicationsapplications

ProcessProcess ProcessProcess

HTTPHTTPAny EXEcutableAny EXEcutableAny EXEcutableAny EXEcutable

Web Server ExtensibilityWeb Server ExtensibilityCGI (Common Gateway Interface)CGI (Common Gateway Interface)

HTTP And CGI/ISAPIHTTP And CGI/ISAPI

Clien

tC

lient

Win

Inet/lib

raryW

inIn

et/library

Sock

etsS

ockets

Net

wor

k (

IP s

tack

)N

etw

ork

(IP

sta

ck)N

etwork

(IP stack

)N

etwork

(IP stack

)

Soc

ket

sS

ock

ets

CG

I/IS

AP

IC

GI/

ISA

PI

Ser

ver

Ser

ver

ClientClient ServerServer

HTTP “GET”HTTP “GET”

ActiveX ServerActiveX ServerFramework Run timeFramework Run time

VolcanoVolcanoPagePage

ProcessesProcesses

PagePage

Invokes ServerInvokes Server

ControlControl

Ad Ad RotatorRotator

HTTP responseHTTP response

Internet Information Server Components• FTP, Gopher, HTTP (WWW) publishing services

• Internet Explorer for Windows® 3.x, Windows NT™, and Windows 95

• Online product tour, documentation, and samples• Support for industry-standard extension mechanisms:

CGI, ISAPI• Internet Database Connector• Internet Service Manager administration application

Internet Information Server Advanced Features• Virtual directories

• Virtual servers

• Log to File, Log to Database

• Internet Server API

• Internet Database Connector

• Grant/deny client-computer access

• Limit network use

• SSL

Internet Server API (ISAPI) Creating Active Servers• Industry-standard Web server extensions: Active

Servers• High-performance (in-process)• Maintain state between requests• ActiveX™ Server applications (ISAPI)

offer forms processing, gateways, dynamic content

• ActiveX Filters (ISAPI) offer request monitoring, statistics gathering, custom authentication, custom request processing, data translations

Windows NT Integration• Security

– User Manager/user-level access control– File Manager/file and directory access control– Challenge/response authentication protocol

• Monitoring– Performance Monitor– SNMP– Event Viewer

• Publish content on network “shares”

Internet Information Server Internet Information Server ArchitectureArchitecture

ATQATQ File openFile open

cachecache

InternetInternetService ManagerService Manager

RPCRPCWindows SocketsWindows Sockets

CGICGI

ISAPIISAPIMicrosoft SQL Server,Microsoft SQL Server,

Microsoft Access, Microsoft Access, ORACLE...ORACLE...

Internet serverInternet server

GopherGopherserviceservice

FTPFTPserviceservice

HTTPHTTPserviceservice

FiltersFilters

TransmitFileTransmitFile

TCP/IPTCP/IP

wininet.dllwininet.dll

ClientClientapplicationapplication

Batch, Perl,Batch, Perl,etc. scriptsetc. scripts

ClientClientapplicationapplication

IDCIDC

Resources• SSL Certificates:

http://www.verisign.com/Microsoft/index.html

• Perl 5 and ISAPI Perl: http://www.perl.hip.com

• ISAPI specifications: http://www.microsoft.com/intdev/inttech/isapi.htm

• Internet Information Server info: http://www.microsoft.com/infoserv

• Windows NT Resource Center: http://www.bhs.com

CGI Application (1 Of 2)CGI Application (1 Of 2)

WebWebserverserverWebWeb

serverserver

URLURLhttp://webserver/scripts/my_app.exe?parametershttp://webserver/scripts/my_app.exe?parameters

URLURLhttp://webserver/scripts/my_app.exe?parametershttp://webserver/scripts/my_app.exe?parameters

my_app.exemy_app.exe(CGI application)(CGI application)

my_app.exemy_app.exe(CGI application)(CGI application)

Possible use of anyPossible use of anyrunning service; e.g.,running service; e.g.,

Microsoft SQL ServerMicrosoft SQL Serveron Windows NTon Windows NT

(on the same or any(on the same or anynetworked machine)networked machine)

Possible use of anyPossible use of anyrunning service; e.g.,running service; e.g.,

Microsoft SQL ServerMicrosoft SQL Serveron Windows NTon Windows NT

(on the same or any(on the same or anynetworked machine)networked machine)

Other processOther process

LaunchedLaunchedprocessprocess

LaunchedLaunchedprocessprocess

Do whateverDo whateverserver workserver workmy_app doesmy_app does

Do whateverDo whateverserver workserver workmy_app doesmy_app does

CGI Application (2 Of 2)CGI Application (2 Of 2)

Why:Why: Designed to extend servers Designed to extend servers beyond simple HTML file servingbeyond simple HTML file serving

What:What: Uniform way to extend servers. Uniform way to extend servers. CGI applications take input from command CGI applications take input from command line, stdin, and environment variables, andline, stdin, and environment variables, andrespond via stdoutrespond via stdout

Why not?Why not? One new process per request One new process per request High overheadHigh overhead Scales poorlyScales poorly No provision for state retentionNo provision for state retention

Reference: Reference: http://hoohoo.ncsa.uiuc.edu/cgi/http://hoohoo.ncsa.uiuc.edu/cgi/

Filter APIsFilter APIsFilter APIsFilter APIs

Application APIs

Windows NT Server,Internet Information ServerC

GI

CG

I

perl.dllperl.dllperl.dllperl.dll

WebWebbrowserbrowser

WebWebbrowserbrowser

Scripts,e.g., Perl

SimpleSimpleapplicationapplication

SimpleSimpleapplicationapplication

ActiveX Serverfilters

ActiveX Server

applications

PerlPerlscriptsscriptsPerlPerl

scriptsscriptsInternetInternetdatabasedatabaseconnectorconnector

(IDC)(IDC)

InternetInternetdatabasedatabaseconnectorconnector

(IDC)(IDC)

ActiveX Server: ISAPIActiveX Server: ISAPI

ISAPI DLLISAPI DLL

Windows NT Server,Windows NT Server,Internet Information ServerInternet Information Server

Windows NT Server,Windows NT Server,Internet Information ServerInternet Information Server

URLURLhttp:// webserver/scripts/ my_app.dll?parametershttp:// webserver/scripts/ my_app.dll?parameters

URLURLhttp:// webserver/scripts/ my_app.dll?parametershttp:// webserver/scripts/ my_app.dll?parameters

my_app.dllmy_app.dll(active server (active server application)application)

my_app.dllmy_app.dll(active server (active server application)application)

Possible use of anyPossible use of anyrunning service;running service;

e.g., SQL Server one.g., SQL Server onWindows NTWindows NT

(on the same or any(on the same or anynetworked machine)networked machine)

Possible use of anyPossible use of anyrunning service;running service;

e.g., SQL Server one.g., SQL Server onWindows NTWindows NT

(on the same or any(on the same or anynetworked machine)networked machine)

Other processOther process

Do whateverDo whateverserver workserver workmy_app doesmy_app does

Do whateverDo whateverserver workserver workmy_app doesmy_app does

Throughput megabits/secondThroughput megabits/second(100% API)(100% API)

MegabitsMegabitsper secondper second

00112233445566

Connections/secondConnections/second(100% API)(100% API)

00

2020

4040

6060

8080

100100

ConnectionsConnectionsper secondper second

Performance: ISAPI Versus CGIPerformance: ISAPI Versus CGI

WebStone 1.1: WebStone 1.1: Internet Information ServerInternet Information Server

ISAPI versus CGIISAPI versus CGI

ISAPIISAPICGICGI

Custom ISAPICustom ISAPIExtensionsExtensions

Custom ISAPICustom ISAPIExtensionsExtensions

ActiveX server framework run timeActiveX server framework run timeProcess isolation, user tracking, application state managementProcess isolation, user tracking, application state management

ActiveX ActiveX server server objectsobjects

ActiveX ActiveX server server objectsobjects

ActiveX server ActiveX server scriptingscripting

ActiveX server ActiveX server scriptingscripting

Internet Internet Database Database

ConnectorConnector

Internet Internet Database Database

ConnectorConnector

Microsoft Microsoft ExchangeExchange

Web ConnectorWeb Connector

Microsoft Microsoft ExchangeExchange

Web ConnectorWeb Connector

Windows NT Server, Internet Information ServerWindows NT Server, Internet Information ServerTransport, security, and managementTransport, security, and management

Windows NT Server, Internet Information ServerWindows NT Server, Internet Information ServerTransport, security, and managementTransport, security, and management

Static contentStatic content(e.g., HTML)(e.g., HTML)Static contentStatic content(e.g., HTML)(e.g., HTML)

Microsoft Microsoft ExchangeExchangeMicrosoft Microsoft ExchangeExchange

Custom applications, Custom applications, legacy systems, etc.legacy systems, etc.

Custom applications, Custom applications, legacy systems, etc.legacy systems, etc.

Active content Active content (e.g., databases)(e.g., databases)Active content Active content

(e.g., databases)(e.g., databases)

ISAPIISAPIISAPIISAPI

““Viper” - transaction processing, coordination, scalabilityViper” - transaction processing, coordination, scalability

The ActiveX ServerThe ActiveX Server

Filter APIs

InternetInternetInformationInformation

ServerServer

InternetInternetInformationInformation

ServerServer

InternetInternetdatabasedatabaseconnectorconnector

InternetInternetdatabasedatabaseconnectorconnector

Application APIsApplication APIs

CG

IC

GI

perl.dllperl.dllperl.dllperl.dll

WebWebbrowserbrowser

WebWebbrowserbrowser

Perl scriptsPerl scriptsPerl scriptsPerl scripts

SimpleSimpleapplicationsapplications

SimpleSimpleapplicationsapplications

ActiveX ServerActiveX Serverfiltersfilters

ActiveX ServerActiveX Serverfiltersfilters

ActiveX ActiveX Server Server

applicationsapplications

ActiveX ActiveX Server Server

applicationsapplications

ActiveX Server ActiveX Server Programming: ISAPIProgramming: ISAPI

Microsoft Exchange Microsoft Exchange Web ConnectorWeb Connector

Web connectorWeb connector

http://www.company.com/scripts/webex.dll/InternetInternetInternetInternet

Microsoft ExchangeServer

MAPIMAPI

ISAPIISAPI

Internet Information ServerInternet Information Server

Web browserWeb browser

San FranciscoSan Francisco New YorkNew York

PublicnetworkSecure pipeSecure pipe

Application Session SecurityApplication Session SecurityWeb clientWeb client

WebWebserverserver

Secure transportSecure transport Connection/session-orientedConnection/session-oriented Application-independent - Web, FTP, TelnetApplication-independent - Web, FTP, Telnet

??Questions Questions