Web Architecture

The World Wide Web uses relatively simple technologies with sufficient scalability, efficiency and utility that they have resulted in a remarkable information space of interrelated resources, growing across languages, cultures, and media. In an effort to preserve these properties of the information space as the technologies evolve, this architecture document discusses the core design components of the Web. They are identification of resources, representation of resource state, and the protocols that support the interaction between agents and resources in the space. We relate core design components, constraints, and good practices to the principles and properties they support.

HTTP Protocol
The Hypertext Transfer Protocol (HTTP) is an application protocol for distributed, collaborative, hypermedia information systems. HTTP is the foundation of data communication for the World Wide Web.

HTTP functions as a request-response protocol in the client-server computing model. In HTTP, a web browser, for example, acts as a client, while an application running on a computer hosting a web site functions as a server. The client submits an HTTP request message to the server. The server, which stores content, or provides resources, such as HTML files, or performs other functions on behalf of the client, returns a response message to the client. A response contains completion status information about the request and may contain any content requested by the client in its message body. A web browser (or client) is often referred to as a user agent (UA). Other user agents can include the indexing software used by search providers, known as web crawlers, or variations of the web browsers such as voice browsers, which present an interactive voice user interface. HTTP is designed to permit intermediate network elements to improve or enable communications between clients and servers. High-traffic websites often benefit from web cache servers that deliver content on behalf of the original, so-called origin server, to improve response time. HTTP proxy servers at network boundaries facilitate communication when clients without a globally routable address are located in private networks by relaying the requests and responses between clients and servers. HTTP is an Application Layer protocol designed within the framework of the Internet Protocol Suite. The protocol definitions presume a reliable Transport Layer protocol for host-to-host data transfer. The Transmission Control Protocol (TCP) is the dominant protocol in use for this purpose. However, HTTP has found application even with unreliable protocols, such as the User Datagram Protocol (UDP) in methods such as the Simple Service Discovery Protocol (SSDP). HTTP Resources are identified and located on the network by Uniform Resource Identifiers (URIs)or, more specifically, Uniform Resource Locators (URLs)using the http or https

URI schemes. URIs and the Hypertext Markup Language (HTML), form a system of inter-linked resources, called hypertext documents, on the Internet, that led to the establishment of the World Wide Web in 1990 by English computer scientist and innovator Tim Berners-Lee. The original version of HTTP (HTTP/1.0) was revised in HTTP/1.1. HTTP/1.0 uses a separate connection to the same server for every request-response transaction, while HTTP/1.1 can reuse a connection multiple times, to download, for instance, images for a just delivered page. Hence HTTP/1.1 communications experience less latency as the establishment of TCP connections presents considerable overhead.

Static Vs Dynamic websites - what's the difference?

What are static and dynamic websites? Static website:

There are many static websites on the Internet, you wont be able to tell immediately if it is static, but the chances are, if the site looks basic and is for a smaller company, and simply delivers information without any bells and whistles, it could be a static website. Static websites can only really be updated by someone with knowledge of website development. Static websites are the cheapest to develop and host, and many smaller companies still use these to get a web presence.
Advantages of static websites

Quick to develop Cheap to develop Cheap to host

Disadvantages of static websites

Requires web development expertise to update site Site not as useful for the user Content can get stagnant

Dynamic Websites:
Dynamic sites on the other hand can be more expensive to develop initially, but the advantages are numerous. At a basic level, a dynamic website can give the website owner the ability to simply update and add new content to the site. For example, news and events could be posted to the site through a simple browser interface. Dynamic features of a site are only limited by

imagination. Some examples of dynamic website features could be: content management system, e-commerce system, bulletin / discussion boards, intranet or extranet facilities, ability for clients or users to upload documents, ability for administrators or users to create content or add information to a site (dynamic publishing).
Advantages of dynamic websites

Much more functional website Much easier to update New content brings people back to the site and helps in the search engines Can work as a system to allow staff or users to collaborate

Disadvantages of dynamic websites

Slower / more expensive to develop Hosting costs a little more

Summary

Many sites from the last decade are static, but more and more people are realizing the advantages of having a dynamic website. Dynamic websites can make the most of your site and either use it as a tool or create a professional, interesting experience for your visitors.

Introduction to ASP What is ASP?

ASP stands for Active Server Pages ASP is a Microsoft Technology ASP is a program that runs inside IIS IIS stands for Internet Information Services IIS comes as a free component with Windows 2000 IIS is also a part of the Windows NT 4.0 Option Pack The Option Pack can be downloaded from Microsoft PWS is a smaller - but fully functional - version of IIS PWS can be found on your Windows 95/98 CD

ASP Compatibility

To run IIS you must have Windows NT 4.0 or later To run PWS you must have Windows 95 or later ChiliASP is a technology that runs ASP without Windows OS InstantASP is another technology that runs ASP without Windows

What is an ASP File?

An ASP file is just the same as an HTML file An ASP file can contain text, HTML, XML, and scripts Scripts in an ASP file are executed on the server An ASP file has the file extension ".asp"

How Does ASP Differ from HTML?

When a browser requests an HTML file, the server returns the file When a browser requests an ASP file, IIS passes the request to the ASP engine. The ASP engine reads the ASP file, line by line, and executes the scripts in the file. Finally, the ASP file is returned to the browser as plain HTML

What can ASP do for you?

Dynamically edit, change, or add any content of a Web page Respond to user queries or data submitted from HTML forms Access any data or databases and return the results to a browser Customize a Web page to make it more useful for individual users The advantages of using ASP instead of CGI and Perl, are those of simplicity and speed Provide security - since ASP code cannot be viewed from the browser Clever ASP programming can minimize the network traffic

Benefits of ASP

ASP was designed as a faster and easier alternative to CGI scripting using Perl or C. It provides an easy-to-learn scripting interface (including native support for VBScript and JScript), along with a number of predefined objects that simplify many development tasks, such as maintaining user state and defining global variables within an application. ADO components can be used to perform additional functions, including accessing ODBC-compliant databases, and outputting data to text files. Java components and XML can be used to extend ASP scripts. Additional benefits include the following:

ASP runs as a service of the Web server, and is optimized for multiple threads and multiple users. This means that ASP is fast and easy to implement. ASP enables you to separate the design of your Web page from the details of programming access to databases and applications, allowing programmers and Web designers to focus exclusively on what they do best. Server-side ASP scripts can be used to store HTML form information in a database, personalize Web sites according to visitor preferences, or use different HTML features

based on the browser. Because scripts can run on the server rather than on the client, the Web server can do much of the work involved in generating the HTML pages sent to browsers. Server-side scripts cannot be readily copied because only the result of the script is returned to the browser; users cannot view the script commands that created the page they are viewing. For the HTML author, ASP is an easy way to begin creating Web applications. To process user input on the Web server with CGI applications, a programming language such as Perl or C must be learned. With ASP, however, you can collect HTML form information and pass it to a database by using simple server-side scripts written in VBScript of JScript that are embedded directly in your HTML documents. ASP is language-neutral, so if youre skilled at a scripting language such as VBScript or JScript, you already know how to use ASP. If you develop Web applications by using a programming language such as Java, Visual Basic, or C++, you will appreciate the flexibility of ASP. In addition to using scripts to create an engaging HTML interface for your application, you can also use Java components to encapsulate your application's business logic into reusable modules that can be called from a script, from another component, or from another program.

About IIS Introduction

IIS 7.0 feature delegation will interest you if you are one of the following:

A server administrator and you are not the primary person providing content on your server. A developer and you want your server administrator to give you more control over IIS 7.0 configuration for your application.

This article contains:

Configuration Section Locking [appcmd] Configuration Section Locking [IIS Manager] IIS Manager Creating Site and Application Administrators IIS Manager Enabling Site and Application Administrators to Connect Testing

Of interest to server administrators is the fact that by default on IIS 7.0, developers / site owners can put configuration for default documents, directory browsing, HTTP response headers, HTTP redirects, handlers and modules into their web.config files. This allows a developer to configure "start.aspx" to be their default document, and change the site URL structure so that all requests to www.contoso.com/techcareers/ are redirected to www.contoso.com/careers/technical/ - without the assistance of the server administrator.

You can accomplish this by unlocking more configurations. For example, unlock custom errors configuration so that developers can specify that all 404s be redirected to www.contoso.com/NotFound.aspx, or unlock failed request tracing configuration so that developers can trace 500 requests to pages *.axd that return a status 500. For developers and site owners, the new IIS 7.0 configuration eliminates the need for modifying the metabase. Config changes can be made directly in web.config alongside ASP.NET configuration. This solves issues such as needing to write an MSI for your applications to make custom IIS 7.0 configuration changes; having a set of manual instructions for setting up your applications; or, trying to remember a year later the configuration details of an application on a production server. IIS 7.0 feature delegation means managing:

Configuration section locking to control what configuration can be set in web.config (generally, one IIS 7.0 configuration section equals one IIS module). The set of site and application users that are permitted to use IIS 7.0 Manager to view configuration and set configuration for features with unlocked configuration sections.

Configuration Section Locking [appcmd]

Note: The terms "configuration lock" or "configuration locking" in this article refer to overrideMode on configuration sections. Also, configuration locking alone cannot secure your configuration system you must set ACL configuration files appropriately. Locking and setting file ACLs together make a complete configuration security plan. Configuration locks can be managed using either IIS 7.0 Manager or appcmd. We start with appcmd. The first step in the command prompt when working with appcmd is to add the inetsrv directory to the path so that you can use appcmd from anywhere. Note: Run these commands in an elevated cmd window if you are not running as the built-in Administrator account:
set path=%path%;%windir%\system32\inetsrv

Appcmd does not show the current lock state for configuration sections (you must use IIS 7.0 Manager for this) it only allows you to manipulate the locking. Here is how to unlock the custom errors configuration for all sites: appcmd unlock config section:httpErrors Users new to IIS 7.0 may ask how they know that httpErrors is the configuration section for custom errors. First, use this reference article that maps core server modules to their configuration. Second, find all IIS 7.0 configuration settings in %windir%\system32\inetsrv\config\schema\IIS_schema.xml.

Open the schema file in notepad, CTRL+F for Find, and type in a known config property or word that you associate with the feature. Try "customerror" first. If that does not find anything, try "errors" -- this finds the section "system.webServer\httpErrors" on the third try. If you want to unlock the custom errors configuration for just one site instead of for all sites, the appcmd command below specifies that "Default Web Site" is what you are unlocking the configuration for:
appcmd unlock config "Default Web Site" section:httpErrors

One more aspect on the basics: suppose you want to unlock custom errors configuration for all sites except a site called "UntrustedSite". When you do this, everyone who publishes content to all your sites will be able to put custom error configuration in their web.config files, except for the person who publishes to UntrustedSite. This is accomplished by:
appcmd unlock config section:httpErrors

appcmd lock config "UntrustedSite" section:httpErrors

VirtualDirectory Properties
The VirtualDirectory type exposes the following members.
Properties

Name Attributes

Description Gets a configuration attribute collection that contains the list of attributes for this element. (Inherited from ConfigurationElement.) Gets all the child elements of the ConfigurationElement.) Gets the XML tag ConfigurationElement.) name of the current element. (Inherited from

ChildElements

ElementTagName

current

element.

(Inherited

from

IsLocallyStored

Gets a value indicating whether the configuration element is stored in a particular configuration file. (Inherited from ConfigurationElement.)

Item

Gets or sets an attribute ConfigurationElement.)

with

the

specified

name.

(Inherited

from

LogonMethod

Gets or sets the authentication method that the virtual directory uses to access the configured physical location. Gets a collection of methods for the configuration element. (Inherited from ConfigurationElement.) Gets or sets the password that the virtual directory uses to access its configured physical location. Gets or sets the virtual path of the virtual directory relative to its parent. Gets or sets the physical location of the virtual directory to use. Gets the raw attribute names and values for the current configuration element. (Inherited from ConfigurationElement.) Gets the schema for the current element. (Inherited from ConfigurationElement.) Gets or sets the user name that the virtual directory uses to access its configured physical location.

Methods

Password Path PhysicalPath RawAttributes Schema UserName

ASP Requirements (Need of ASP)

ASP.NET is supported on Windows 2000 (Professional, Server, and Advanced Server), Windows XP Professional, and the Windows Server 2003 family for both client and server applications. In addition, to develop ASP.NET server applications, the following software is also required:

Windows 2000 Server or Advanced Server with Service Pack 2, Windows XP Professional or 64-Bit Edition, or one of the Windows Server 2003 family products. MDAC 2.7 for Data Internet Information Services Note XML Web services created using ASP.NET support the same platforms supported by ASP.NET. XML Web service clients, however, are supported by all platforms supported by the Microsoft .NET Framework.

For more information, see .NET Framework System Requirements.

On the Microsoft Windows Server 2003 family, ASP.NET is installed as a role on the operating system. To deploy ASP.NET Web applications to a production server, you must enable the ASP.NET and IIS roles on the production server before you distribute the application. On Microsoft Windows XP and Windows 2000 Server, ASP.NET is installed with the .NET Framework, whether alone or as a part of Visual Studio .NET. To deploy ASP.NET Web applications to a production server, you must be sure that Internet Information Services (IIS) is installed and running on that server before you install the .NET Framework.