Appendix D
Administration and Management
You have almost reached the end of this book. At this point, you have been introduced to ASP.NET 4.5. However, with all advancement comes complexity, as is the case in the areas of ASP.NET configuration and management. The good news is that the ASP.NET development team realized this and provided tools and APIs that enable developers to configure and manage ASP.NET–based applications with reliability and comfort.
This appendix covers these tools in great detail in an effort to educate you about some of the options available to you. It explores two powerful configuration tools: the ASP.NET Web Site Administration Tool, a web-based application, and the IIS Manager, which is used to configure your ASP.NET applications.
When ASP.NET was first released, it introduced the concept of an XML-based configuration file for its web applications. This web.config file is located in the same directory as the application itself. It is used to store a number of configuration settings, some of which can override configuration settings defined in the machine.config file or in the root server’s web.config file. Versions of ASP.NET before ASP.NET 2.0, however, did not provide an administration tool to make it easy to configure the settings. Because of this, a large number of developers ended up creating their own configuration tools to avoid having to work with the XML file manually.
The ASP.NET Web Site Administration Tool enables you to manage website configuration through a simple, easy-to-use web interface. It eliminates some of the need for manually editing the web.config file. If no web.config file exists when you use the administration tool for the first time, it creates one. By default, the ASP.NET Web Site Administration Tool also creates a LocalDB file in the App_Data folder of your website to store application data. The changes made to most settings in the ASP.NET Web Site Administration Tool take effect immediately. You find them reflected in the web.config file.
The default settings are inherited automatically from any configuration files that exist in the root folder of a web server. The ASP.NET Web Site Administration Tool enables you to create or update your own settings for your web application. You can also override the settings inherited from up-level configuration files, if an override for those settings is allowed. If overriding is not permitted, the setting appears dimmed in the administration tool.
The ASP.NET Web Site Administration Tool is installed automatically during installation of the .NET Framework version 4.5. To use the administration tool to administer your own website, you must be logged in as a registered user of your site and have read and write permissions to the web.config file.
You cannot access the ASP.NET Web Site Administration Tool remotely or even locally through IIS. Instead, you access it with Visual Studio 2012, which, in turn, uses its integrated web server (IISExpress) to access the administration tool.
To access this tool through Visual Studio 2012, open the website or web application and click the ASP.NET Configuration menu option found under the top menu named Website or Project, respectively. Another way to launch this tool is to select ASP.NET Configuration from the Website option in the main Visual Studio menu. Figure D-1 shows the ASP.NET Web Site Administration Tool’s welcome page.
The ASP.NET Web Site Administration Tool (WSAT) features a tabbed interface that groups related configuration settings. The following sections describe the tabs and the configuration settings that they manage.
The Home tab (shown previously in Figure D-1) is a summary that supplies some basic information about the application you are monitoring or modifying. It provides the name of the application and the current user context in which you are accessing the application. In addition, you see links to the other administration tool tabs that provide you with summaries of their settings. To make any changes to your web application, you simply click the appropriate tab or link.
Remember that most changes to configuration settings made using this administration tool take effect immediately, causing the web application to be restarted and currently active sessions to be lost if you are using an InProc session. The best practice for administrating ASP.NET is to make configuration changes to a development version of your application and later publish these changes to your production application. That’s why this tool can’t be used outside of Visual Studio.
Some settings (those in which the administration tool interface has a dedicated Save button) do not save automatically. You can lose the information typed in these windows if you do not click the Save button to propagate the changes you made to the web.config file. The ASP.NET Web Site Administration Tool also times out after a period of inactivity. Any settings that do not take effect immediately and are not saved will be lost if this occurs.
As extensive as the ASP.NET Web Site Administration Tool is, it manages only a few of the basic configuration settings that are available for your web application. All other settings require modification of configuration files manually, by using Visual Studio to manually edit the files, by using the Internet Information Services (IIS) Manager, or by using the Configuration API.
You use the Security tab to manage access permissions to secure sections of your web application, user accounts, and roles. From this tab, you can select whether your web application is accessed on an intranet or from the Internet. If you specify the intranet, Windows-based authentication is used; otherwise, forms-based authentication is configured. The latter mechanism relies on you to manage users in a custom data store, such as SQL Server database tables. The Windows-based authentication employs the user’s Windows logon for identification.
User information is stored in a database by default. The database is created automatically in the App_Data folder of the web application. Storing such sensitive information in a more secure location, such as using a database on a separate server, is recommended. Changing the data store might mean that you also need to change the underlying data provider. To accomplish this, you simply use the Provider tab to select a different data provider. The Provider tab is covered later in this appendix.
You can configure security settings on this tab in two ways: Select the Setup Wizard, or simply use the links provided for the Users, Roles, and Access Management sections. Figure D-2 shows the Security tab.
You can use the wizard to configure initial settings. Later, you learn other ways to create and modify security settings.
The Security Setup Wizard provides a seven-step process ranging from selecting the way the user will be authenticated to selecting a data source for storing user information. This is followed by definitions of roles, users, and access rules.
Follow these steps to use the Security Setup Wizard:
The ASP.NET Web Site Administration Tool’s Security tab provides ways to manage users without using the wizard and is very helpful for ongoing maintenance of users, roles, and access permissions.
To create a new user, simply click the Create New User link on the main page of the Security tab (shown in Figure D-10). The Create User screen, shown in Figure D-11, appears, enabling you to provide username, password, confirmation of password, e-mail, and the security question and answer. You can assign a new user to any number of roles in the Roles list; these are roles currently defined for your web application. Use this tool to create users named Admin, HRUser, and SalesUser and assign them the corresponding roles.
You can manage existing users by clicking the Manage Users link on the Security tab. A new screen displays a list of all existing users (see Figure D-10). A search option is available, which makes finding a specific user easier if the list is long.
Find the user you want to manage, and then you can update his information, delete the user, reassign roles, or set the user to active or inactive.
Two links are provided in the Security tab for managing roles: Disable Roles and Create or Manage Roles. Clicking Disable Roles does just that — disables role management in the web application; it also dims the other link.
Click the Create or Manage Roles link to start managing roles and assigning users to specific roles. A screen displays all roles you have defined so far. You have options to add new roles, delete existing roles, or manage specific roles.
Click the Manage link next to a specific role, and a screen shows all the users currently assigned to that role (see Figure D-12). You can find other users by searching for their names, and you can then assign them to or remove them from a selected role.
The Security tab provides options for creating and managing access rules. Access rules are applied either to an entire web application or to specific folders inside it. Clicking the Create Access Rules link takes you to the Add New Access Rule screen, where you can view a list of the folders inside your web application (see Figure D-13). You can select a specific folder, select a role or a user, and then choose whether you want to enable access to the selected folder.
Clicking Manage Access Rules on the Security tab takes you to the Manage Access Rules screen, which shows all existing access rules (see Figure D-14).You can remove any of these rules and add new ones. You can also readjust the list of access rules if you want to apply them in a specific order.
The Application tab provides a number of application-specific configurations, including the configuration of <appSettings>, SMTP mail server settings, debugging and trace settings, and starting/stopping the entire web application.
The left side of the screen shows links for creating and managing application settings. The settings are stored in the <appSettings> section of the web.config file. Most ASP.NET programmers are used to modifying this tag manually in previous versions of ASP.NET. Figure D-15 shows the Application tab.
Clicking the Create Application Settings link takes you to a screen where you can provide the name and the value information. Clicking Manage Application Settings takes you to a screen where you can view existing settings and edit or delete them. You can also create a new setting from this screen.
Click the Configure SMTP E-Mail Settings link to view a screen like the one shown in Figure D-16. The configure SMTP mail settings feature is useful if your web application can send auto-generated e-mails. Instead of denoting SMTP server configuration in the code, you can spell it out in the configuration file by entering values here in the administration tool.
Specify the server name, port, sender e-mail address, and authentication type.
Clicking the Application tab’s Configure Debugging and Tracing link takes you to a screen (see Figure D-17) where you can enable or disable tracing and debugging. Select whether you want to display trace information on each page. You can also specify whether to track just local requests or all requests, as well as trace sorting and caching configuration.
To configure default error pages, you simply click Define Default Error Page on the screen you saw in Figure D-15. This takes you to a screen where you can select a URL that is used for redirection in case of an error condition (see Figure D-18).
You can take your entire web application offline simply by clicking the Take Application Offline link (again, refer to Figure D-15). The link stops the app domain for your web application. This feature is useful if you want to perform a scheduled maintenance for an application.
The final tab in the ASP.NET Web Site Administration Tool is Provider, shown in Figure D-19. You use it to set up additional providers and to determine the providers your application will use.
The Provider page is simple, but it contains an important piece of information: the default data provider with which your application is geared to work. In Figure D-19, the application is set up to work with the default data provider.
The two links on this tab let you set up either a single data provider or a specific data provider for each feature in ASP.NET that requires a data provider. If you click the latter, the screen shown in Figure D-20 appears. It enables you to pick the available providers separately for Membership and Role management.
As you can see from the screenshots and brief explanations provided here, you could now handle a large portion of the necessary configurations through a GUI. You no longer have to figure out which setting must be placed in the web.config file. This functionality becomes even more important as the web.config file grows. In ASP.NET 1.0/1.1, the web.config file was a reasonable size, but with all the features provided by ASP.NET 2.0 or 3.5, the web.config file became very large. Again, like ASP.NET 1.0/1.1, the web.config file in ASP.NET 4.5 is now quite small by default. These GUI-based tools are an outstanding way to configure some of the most commonly needed settings. However, many settings cannot be modified with the Web Server Administration Tool, so you will still need to edit the web.config file in many cases.
If you are using IIS as the basis of your ASP.NET applications, you will find that configuring the ASP.NET application directly through the Internet Information Services (IIS) Manager is quite easy if you are using Windows 8. To access the ASP.NET configurations, open IIS and expand the Sites folder, which contains all the sites configured to work with IIS. Remember that not all your websites are configured to work in this manner because it is also possible to create ASP.NET applications that make use of the ASP.NET built-in web server.
After you have expanded the IIS Sites folder, right-click one of the applications in this folder; the options available to you for configuration appear in the IIS Manager (see Figure D-21).
The options available to you enable you to completely configure ASP.NET or even configure IIS itself. The focus of this appendix is on the ASP.NET section of the options. In addition to the options you can select from one of the available icons, you can also configure some basic settings of the application by clicking the Basic Settings link in the Actions pane on the right side of the IIS Manager. When you click the Basic Settings link, the Edit Site dialog box appears, as shown in Figure D-22.
This dialog box enables you to change the following items:
The sections that follow review some of the options available to you through the icons in the IIS Manager.
You use the Application tab to make changes that are more specific to the pages in the context of your application. From the .NET Compilation dialog box (accessible via the IIS Manager) shown in Figure D-23, you can change how your pages are compiled and run. You can also make changes to global settings in your application.
This section of the IIS Manager deals with compilation of the ASP.NET application and how some of the pages of the application will behave. The Batch section deals with the batch compilation of the application — first, whether or not it is even supported and then, details on batch sizes and the time it takes to incur the compilation.
The Behavior section deals with whether or not the compilation produces a release or debug build; you will also find some Visual Basic–specific compilation instructions on whether Option Explicit or Option Script are enabled across the entire application.
The General section focuses on the assemblies that are referenced as well as your code subdirectories if you are going to break up your App_Code folder into separate compiled instances (required for when you want to incorporate Visual Basic and C# code in the same application). You can also specify the default language that is used in the compilation process, such as VB or C#.
The .NET Globalization option in the IIS Manager enables you to customize how your ASP.NET application deals with culture and the encoding of the requests and responses. Figure D-24 shows the options available in this dialog box.
In addition to picking a specific Culture or UI Culture setting, you can also select Auto Detect, which will pick up the culture of the client if it is available. By default, you can also see that the encoding of the requests and the responses are set to utf-8, which will work fine for most Latin-based languages.
The IIS Manager.NET Profile options enable you to customize how your ASP.NET application deals with the ASP.NET personalization system. This system was discussed earlier in Chapter 18. Figure D-25 shows the dialog box that is provided when you add a new profile to the personalization system.
In this case, as presented in Figure D-25, you can specify the name of the personalization property, the data type used, its default value, how it is serialized, and whether it is read-only or available for anonymous users. To better understand these settings, it is important to review Chapter 18.
In addition to building properties to use in the personalization system, you can also specify the provider that is used by the system as a whole. By default, it uses the AspNetSqlProfileProvider, as illustrated in Figure D-26. You can get to this dialog box by selecting the Set Default Provider link from the .NET Profile section.
You can enable role-based management by adding roles to your application from the .NET Roles section of the IIS Manager. Figure D-27 shows an example of adding a role called Administrators to the application after clicking the Add link from the Actions section.
Clicking OK adds the role to the system and the role is then shown in a list of roles from the main screen of the section, as illustrated in Figure D-28.
By default, no users are added to the role. You can add users to roles through the .NET Users section, discussed shortly.
The .NET Trust Levels section of the IIS Manager enables you to specify the level of security to apply to your application through the selection of a specific pre-generated configuration file. This is illustrated in the list of options presented in Figure D-29.
By default, your application makes use of the web.config file, but specifying a different trust level causes the application to use a different .config file. You can find all of these .config files at C:\Windows\Microsoft.NET\Framework\v4.0.xxxxx\CONFIG.
Probably one of the easiest ways to work with the ASP.NET membership system (covered in Chapter 19) is to create your users in the .NET Users section of the IIS Manager. Adding a user is easy to do through the dialog boxes provided, as illustrated in Figure D-30.
As shown in Figure D-30, you can provide the username, password, and security question and answer in a simple wizard. Figure D-31 shows the second screen of the wizard.
In this second screen of the wizard, you can assign users to specific roles that are present in the role management system. Because the Administrators role was created earlier in this appendix, I am able to assign the user to this particular role because it exists in the system.
After a user is created, you can then see the entire list of users for this particular application from the main .NET Users screen, as illustrated in Figure D-32.
In the IIS Application Settings section of the IIS Manager, you can click the Add or Edit button, and the Add/Edit Application Setting dialog box opens (see Figure D-33).
After you enter a key and value pair, click OK; the settings appear in the list in the main dialog box. Then you can edit or delete the settings from the application.
In the Connection Strings section of the IIS Manager, you can add a connection string to your application by clicking its Add button. You also can edit or remove existing connection strings. Figure D-34 shows the Edit Connection String dialog box for the default connection string — DefaultConnection.
Figure D-35 shows that adding a brand-new connection is also rather simple.
The Pages and Controls section of the IIS Manager deals with a group of settings that control the overall ASP.NET pages (.aspx) and user controls in the application (.ascx). Figure D-36 shows the available settings for this section.
The Providers section of IIS deals with all the providers that are defined within the application. From the example in Figure D-37, you can see that three providers are defined for the .NET Roles engine: a SQL Server role provider, a Windows Token role provider, and a MySQL role provider.
You can look at all the other engines found in ASP.NET by selecting the option in the drop-down list at the top of the dialog box.
ASP.NET applications, being stateless in nature, are highly dependent on how state is stored. The Session State section of the IIS Manager (see Figure D-38) enables you to change a number of different settings that determine how state management is administered.
You can apply state management to your applications in a number of ways, and this dialog box allows for a number of different settings — some of which are enabled or disabled based on what is selected. The following list describes the items available in the Session State Settings section:
If you need to work with an application that delivers e-mail, you must specify the settings to do this. You define the required settings for sending e-mail using SMTP through the SMTP E-mail section of the IIS Manager (see Figure D-39).
This appendix showed you some of the management tools that are part of ASP.NET. These tools make the web.config file more manageable because they take care of setting the appropriate values in the application’s configuration file.
The IIS Manager console in Windows 8 is a wonderful tool for managing applications that are configured to work with IIS. The ASP.NET Web Site Administration Tool provides even more value to administrators and developers by enabling them to easily manage settings.
