Washington, September 15-18, 1999 – London, November 21-24, 1999

What's New in IIS 5 and ASP 3.0

Alex Homer

This session overviews the main changes between Windows NT4 and Windows 2000, concentrating on those that affect Web developers. In the main, the specific changes and new features are concentrated in three areas:

Ø ASP 3.0 - new features and changes from ASP 2.0

Ø New features and changes to Internet Information Server 5.0

Ø Changes to the Windows 2000 Operating System

Alex Homer
Alex is a software consultant and developer living and working in the UK. He is the CEO of Stonebroom Software, a company specializing in office integration and Internet related development that produces a range of vertical application software. Alex has worked with Wrox Press on several projects, including Professional ASP 2.0, IE5 XML Programmer's Reference, Professional ASP Techniques for Webmasters and Professional MTS MSMQ Programming with VB and ASP.

In more detail, the new features or topics that have changed are:

ASP 3.0 - new features and changes from ASP 2.0

Ø New Features in ASP 3.0

Ø Changed Features in ASP 3.0

Ø Changes to the Default Scripting Engines

Ø New Installable Components

New features in ASP 3.0

New Flow Control Capabilities

Up to now, if you wanted to transfer execution to another page in ASP, you had to use the Response.Redirect statement. This works by sending a response to the client that instructs them to load the new page. However, this is both expensive with a round-trip to the client, and can cause spurious messages that are generated by a proxy server at the client end. ASP 3.0 adds two new methods to the Server object, Server.Execute and Server.Transfer, to allow page transfers to be made on the server without requiring a new client request.

Error Handling and the New ASPError Object

Configurable error handling is now available by providing a custom ASP page that is automatically called with the Server.Transfer method. In that page, Server.GetLastError can be used to return an instance of the new ASPError object, which contains more details about the error that occurred—for example the error description and the relevant line number.

Scriptless ASP

ASP now processes .asp pages that do not contain any script much faster. If you are creating a site or Web application where the files may eventually use ASP, you can assign these files the .asp file extensions, regardless of whether they contain server–side script or only static (HTML and text) content.

Server Scriptlets

ASP 3.0 supports a powerful new scripting technology called server scriptlets. These are XML-format text files that are hosted on the server and become available to ASP as normal COM objects (i.e. Active Server Components). This makes it much easier to implement (or just prototype) your Web application's business logic script procedures as reusable components, as well as using them in other COM compliant programs.

Changed features in ASP 3.0

Improved Performance

A great deal of work has been done to improve performance and scalability of ASP and IIS. This includes self-tuning features in ASP, which detect blocking situations and automatically increase the number of available process threads. ASP now senses when requests that are executing are being blocked by external resources, and automatically provides more threads to simultaneously execute additional requests and to continue normal processing. If the CPU becomes overloaded, however, ASP reduces the number of available threads to minimize the thread switching that occurs when too many non-blocking requests are executing simultaneously.

Server-side Include File Security

Server-side Include files are often used for sensitive information, such as database connection strings or other access details. A virtual path (i.e. the URL rather than the full physical disk file path) can be used to specify these files. Previous versions of ASP did not check the user's credentials against the security settings for the file. In other words, the authenticated user or anonymous Web server account was not compared to the Access Control List (ACL) entries for the file. In ASP 3.0 on IIS 5.0, these credentials are now checked, and can be used to prevent unauthorized access.

Components Run Out of Process by Default

In earlier versions of ASP, all components created within the context of an ASP page ran in process by default, i.e. within the memory space of the Web server. In IIS 4.0, the ability to create a virtual application allowed components to be run out of process. In IIS 5.0 and ASP 3.0, components are now instantiated out of process by default. This is controlled by the metabase property AspAllowOutOfProcComponents, which now has a default value of 1. Setting it to zero changes the default back to that of IIS 4.0. For best performance in ASP, where there are often multiple concurrent requests, components should be Both-Threaded (Single Threaded Apartment - STA and Multi-Threaded Apartment - MTA) and support the COM Free-Threaded Marshaller (FTM). Both-Threaded COM objects that do not support the Free-Threaded Marshaller will fail if stored in the ASP Application state object.In IIS 5.0, instantiated objects or components are now released earlier. In IIS 4.0, COM objects were only released when ASP finished processing a page. In IIS 5.0, when the reference count for the object reaches zero, it is released before processing of the current page completes.

Buffering is On by Default

ASP has offered optional output buffering for some time, and since IIS 4.0 this has provided much faster script execution as well as the ability to control the output that is streamed to the browser. In ASP 3.0 and IIS 5.0, this improved performance has been reflected by changing the default setting of the Response.Buffer property to True, so that buffering is on by default. This means that the final output will be sent to the client only at the completion of processing, or when the script calls the Response.Flush or Response.End method. Note that you should turn buffering off, by setting the Response.Buffer property to False, when sending XML formatted output to the client to allow the XML parser to start work on it as it is received. You may also want to use Response.Flush to send sections of very large pages, so that the user sees some output arrive quickly.

New Default Session Timeout Value

One of the major overheads on a busy ASP-based site is the retention of each visitor's Session object for the complete length of the Session.Timeout period, unless the session is explicitly ended with the Session.Abandon method. The default timeout for each session in ASP 1.0 and 2.0 was 20 minutes, which generally proved to be too long. In ASP 3.0, this has been reduced to 10 minutes, though setting the Session.Timeout property to a different value still changes this.

Changes to (or the repair of) Response.IsClientConnected

The Response.IsClientConnected property can now be read before any content is sent to the client. In ASP 2.0, this only returned accurate information after at least some content had been sent. This can help to resolve the problem of IIS responding to every client request, even though the client might have moved to another page or site. Also, if the client is no longer connected after 3 seconds, the complete output that has been created on the server is dumped.

COM Object Security

IIS uses the new cloaking feature provided by COM so that local server applications instantiated from ASP can run in the security context of the originating client. In previous versions, the security context assigned to the local server COM object depended on the identity of the user who created the instance.

Configurable Entries Moved to the Metabase

In IIS 5.0, the registry entries for ProcessorThreadMax and ErrorsToNTLog have been moved into the metabase. All configurable parameters for ASP can be modified in the metabase via Active Directory and the Active Directory Service Interface (ADSI).

Changes to the Scripting Engines

Encoded Scripts

ASP script and client-side script can now be encoded using BASE64 encryption, and higher levels of encryption are planned for future releases of ASP. (Note that this feature is implemented by the VBScript 5.0 and JScript 5.0 scripting engines, and requires these to be present on the client for the decoding to work). Encoded scripts are decoded at run time by the script engine, so there's no need for a separate utility. Although not a secure encryption method, it does prevent casual users from browsing or copying scripts.

Setting Locales

The new GetLocale and SetLocale methods can be used in VBScript and JScript to read and change the current locale of the script engine for the current page:

strCurrentLocale = GetLocale

SetLocale("en-gb")

VBScript Now Supports Classes

The full Visual Basic Class model is implemented. You can create classes within your script, which make their properties and methods available to the remainder of the code in your page. For example:

Class MyClass

Private m_HalfValue 'local variable to hold value of HalfValue

Public Property Let HalfValue(vData) 'executed to set the HalfValue property

If vData >= 0 Then m_HalfValue = vData

End Property

Public Property Get HalfValue() 'executed to return the HalfValue property

HalfValue = m_HalfValue

End Property

Public Function GetResult() 'implements the GetResult method

GetResult = m_HalfValue * 2

End Function

End Class

Set objThis = New MyClass

objThis.HalfValue = 21

Response.Write "Value of HalfValue property is " & objThis.HalfValue & "<BR>"

Response.Write "Result of GetResult method is " & objThis.GetResult & "<BR>"

...

Seen in the browser, this is the result:

Value of HalfValue property is 21

Result of GetResult method is 42

VBScript: The 'With' Construct

The With construct is now supported, allowing more compact scripts to be written where the code accesses several properties or methods of one object.

...

Set objThis = Server.CreateObject("this.object")

With objThis

.property1 = "this value"

.property2 = "another value"

theResult = .someMethod()

End With

...

VBScript: String Evaluation

The Eval function (long available in JavaScript and JScript) is now supported in VBScript 5.0. This allows you to build a string that contains script code, and then execute it to obtain a result:

...

strScript = "datYourBirthday = " & Now()

If Eval(strScript) Then

Response.Write "Happy Birthday!"

Else

Response.Write "Have a nice day!"

End If

...

VBScript: Statement Execution

The new Execute function allows script code in a string to be executed, in much the same way as the Eval function but without returning a result as is usually the case with the Eval statement. It can be used to dynamically create procedures that are executed later in the code For example:

...

strCheckBirthday = "Sub CheckBirthday" & vbCrlf _

& "datTheDate = Now()" & vbCrlf _

& "datYourBirthday = Request.Form(txtBirthday)" & vbCrlf _

& "If datTheDate = datYourBirthday Then" & vbCrlf _

& " Response.Write "Happy Birthday!" & vbCrlf _

& "Else" & vbCrlf _

& " Response.Write "Have a nice day!" & vbCrlf _

& "End If" & vbCrlf _

& "End Sub" & vbCrlf _

Execute strCheckBirthday

...

Either a carriage return (as shown) or a colon character ':' can be used to delimit the individual statements within the string.

VBScript: Regular Expressions

VBScript 5.0 now supports regular expressions (again, long available in JavaScript and JScript). The RegExp object is used to create and execute a regular expression. For example:

strTarget = "test testing tested attest late start"

Set objRegExp = New RegExp 'create a regular expression

objRegExp.Pattern = "test*" 'set the search pattern

objRegExp.IgnoreCase = False 'set the case sensitivity

objRegExp.Global = True 'set the scope

Set colMatches = objRegExp.Execute(strTarget) 'execute the search

For Each Match in colMatches 'iterate the colMatches collection

Response.Write "Match found at position " & Match.FirstIndex & ". "

Response.Write "Matched value is '" & Match.Value & "'.<BR>"

Seen in the browser, this is the result:

Match found at position 0. Matched value is 'test'.

Match found at position 5. Matched value is 'test'.

Match found at position 13. Matched value is 'test'.

Match found at position 22. Matched value is 'test'.

VBScript: Setting Event Handlers Client-side

While not applying directly to ASP scripting techniques, this new feature is useful when writing client-side VBScript. You can now assign a reference to a function or subroutine obtained with the GetRef method to an event dynamically. For example, given a function named MyFunction(), you can assign it to a button's ONCLICK event using:

Function MyFunction()

...

'function implementation code here

...

End Function

...

Set objCmdButton = document.all("cmdButton")

Set objCmdButton.onClick = GetRef("MyFunction")

This provides similar functionality to that existing in JavaScript and JScript, where functions can be assigned as properties of an object dynamically.

VBScript: On Error Goto 0

Although this technique was not documented previously, it does in fact work in existing versions of VBScript (as those of you with a VB background and an inquisitive mind will have already discovered. It is now documented, and can be used to 'turn off' custom error handling in a page after an On Error Resume Next has been executed. The result is that any subsequent errors will raise a browser-level or server-level error and the appropriate dialog/response.

JScript: Exception Handling

The Java-style try and catch constructs are now supported in JScript 5.0. For example:

function GetSomeKindOfIndexThingy() {

try {

// If an exception occurs during the execution of this

// block of code, processing of this entire block will

// be aborted and will resume with the first statement in its

// associated catch block.

var objSomething = Server.CreateObject("SomeComponent");

var intIndex = objSomething.getSomeIndex();

return intIndex;

}

catch (exception) {

// This code will execute when *any* exception occurs during the

// execution of this function

alert('Oh dear, the object didn’t expect you to do that');

}

The built-in JScript Error object has three properties that define the last run-time error. We can use these in a catch block to get more information about the error:

...

catch (exception) {

alert(Error.number); // gives the numeric value of the error number

// AND the result with 0xFFFF to get a 'normal' error number in ASP

alert(Error.description); // gives an error desciption as a string

}

...

If you want to throw your own errors, you can raise an error (or exception) with a custom exception object. However there is no built-in exception object, so you have to define a constructor for one yourself:

// Define our own Exception object

function MyException(intNumber, strDescription, strInfo) {

this.Number = intNumber; // set the Number property

this.Description = strDescription; // set the Description property

this.CustomInfo = strInfo; // set some 'information' property

}

An object like this can then be used to raise custom exceptions within our pages, by using the throw keyword and then examining the type of exception in the catch block:

function GetSomeKindOfIndexThingy() {

try {

var objSomething = Server.CreateObject("SomeComponent");

var intIndex = objSomething.getSomeIndex();

if (intIndex == 0) {

// create a new MyException object

theException = new MyException(0x6F1, "Zero index not permitted", "Index_Err");

throw theException;

}

return intIndex;

}

catch (objException) {

if (objException instanceof MyException) {

// this is one of our custom exception objects

if (objException.Category == "Index_Err") {

alert('Index Error: ' + objException.Description);

else

alert('Undefined custom error: ' + objException.Description);

}

else

// not "our" exception, so display it and raise to next higher routine

alert(Error.Description + ' (' + Error.Number + ')');

throw objException;

}

New and Improved Installable Components

Many of the Active Server Components that come with ASP have been improved to provide better performance or extra functionality. One example is the new Browser Capabilities component. There are also new components included, such as the XML Parser that allows applications to handle XML formatted data on the server. Closer integration between ADO and XML is also provided (through the new version 2.5 of ADO), which opens up new opportunities for storing and retrieving data from a data store in XML format.

Logging Utility Component ("MSWC.IISLog")

This new component allows you to read the HTTP activity log files that IIS generates. The file can be opened and filtered to select a record, and from that record the values of each field can be read. New records can also be added to the file. It must be instantiated by a script that is running under an account that has Administrator privileges.

What's new in the ActiveX Data Objects Library?

ADO 2.5 comes with Windows 2000, and contains many extra features for working with XML data (for example, streaming it out of ADO into a file or direct to the browser). It also now supports semi-structured storage for use with Distributed Authoring and Versioning (see later). If you want more information about ADO 2.5, go to Dave Sussman's talk - next session track 2.

New features and changes to Internet Information Server 5.0

Ø New out-of-process component execution features

Ø New properties and settings in Internet Services Manager

Ø Distributed Authoring and Versioning (DAV)

Ø Creating references to type libraries

New out-of-process component execution features

IIS now supports three settings for component isolation in virtual applications

Components that are instantiated within an ASP page can be isolated from the Web server by running them out-of-process (the default in IIS5.0). This means that they execute within a separate memory space from IIS, reducing the chance of an error or failure of the component from stopping the Web server or corrupting its memory space. However, running out-of-process is much more expensive on resources that running in process (in the same memory space as IIS), because a cross-process stub/proxy must be used to allow communication between the component and the Web Server.

To better fine-tune the component performance to Web server protection trade-off, you can now choose from the three options for Application Protection in the Properties dialog for a virtual application:

Low (IIS Process) - all application executables and components for ASP virtual applications with this setting are run in the process (i.e. the memory space) of the Web server executable (Inetinfo.exe). Hence the Web server is at risk if any one of the executables or components should fail. This provides the fastest and least resource-intensive application execution option, however.

Medium (Pooled) - (the default) all application executables and components from all ASP virtual applications with this setting are run in the process (i.e. the memory space) of a single shared instance of DLLHost.exe. This protects the Web server executable (Inetinfo.exe) from the risk of any one of the executables or components failing. However, one failed executable or component can cause the DLLHost.exe process to fail, and with it all the other hosted executables and components.

High (Isolated) - all application executables and components for an ASP virtual application with this setting are run in the process (i.e. the memory space) of a single instance of DLLHost.exe, but each ASP application has its own instance of DLLHost.exe which is exclusive to that application. This protects the Web server executable (Inetinfo.exe) from the risk of any one of the executables or components failing, and protects the virtual application from risk if an executable or component from another virtual application should fail. Microsoft suggests that a maximum of ten isolated virtual applications should be hosted on any one Web server.

The recommended configuration is to run mission-critical applications in their own processes, i.e. High (Isolated), and all remaining applications in a shared, pooled process, i.e. Medium (Pooled).

It is also possible to set the Execute Permissions for the scripts and components that make up each virtual application. The three options are:

1. None - no scripts or executables can be run in this virtual application. In effect, this provides a quick and easy way to disable an application if required.

2. Scripts only - allows only script files, such as ASP, IDC or others to run in this virtual application. Executables cannot be run.

3. Scripts and Executables - allows any script or executable to run within this virtual application.

New properties and settings in Internet Services Manager

Script Source Access

In the Properties dialog for each directory is Internet Services Manager is a new checkbox marked 'Script Source Access'. This enables DAV to be used with this directory to provide remote users with read/write/update access, providing the other access options and file permissions are correctly set.

More Intuitive Dialogs and Control Names

A good example is the Authentication Methods dialog for a directory, which now explains the options in plain English. For example 'NTLM/Challenge Response' is now 'Integrated Windows Authentication'.

Distributed Authoring and Versioning (DAV)

This standard created by the IETF and now in version 1.0, allows authors in several locations to concurrently build and maintain Web pages and other documents. It is designed to provide upload and download access, and control versions so that the process can be properly managed. Internet Explorer contains features that integrate with DAV in IIS 5.0. However, in the IETF standard and in the current release of IIS 5.0, the versioning capabilities are not yet implemented.

Creating references to type libraries

In the past, it has been common practice to use a server-side include file to add constants from a type library (such as ADO or MSMQ) to an ASP page. This is necessary as ASP does not create a reference to the type library or component DLL as does, for example, Visual Basic. In IIS 5.0, you no longer need to use include files for constants, instead you can access the type library of a component directly using a new HTML comment-style element:

<!-- METADATA TYPE="typelib"

FILE="C:\Program Files\Common Files\System\ado\msado15.dll"

-->

This makes all the constants in the specified file available within the current ASP page. (Although this is slated as being new in IIS5, it was working but undocumented in IIS4). The full syntax of the METADATA directive is:

<!-- METADATA TYPE="TypeLib"

FILE="path_and_name_of_file"

UUID="type_library_uuid"

VERSION="major_version_number.minor_version_number"

LCID="locale_id"

-->

where:

path_and_name_of_file is the absolute physical path to a type library file (.tlb) or ActiveX DLL. Either this or the type_library_uuid parameter must be provided.

type_library_uuid is the unique identifier for the type library. Either this or the path_and_name_of_file parameter must be provided.

major_version_number.minor_version_number (optional) defines the version of the component required. If this version is not found the most recent version is used.

locale_id (optional) is the locale identifier to be used. If a type library with this locale is not found the default locale for the machine (defined during setup) will be used.

Major Changes to the Windows 2000 Operating System

(or rather, those that concern the ASP Web Developer)

Ø New and Changed Security Features

Ø Active Directory and ADSI

Ø COM+ and Component Environment Issues

Windows 2000 New and Changed Security Features

SID gets the boot and is replaced by Kerberos (kind of)

The name of the Kerberos protocol suggests how it solves the problem of key distribution. Kerberos (or Cerberus) was a figure in classical Greek mythology - a fierce, three-headed dog who guarded the gates of the Underworld. Like Kerberos the guard dog, Kerberos the protocol has three heads: a client, a server, and a trusted third party to mediate between them. The trusted intermediary in the protocol is known as the Key Distribution Center (KDC).

Windows 2000 implements Kerberos version 5, with extensions for public key authentication. The Kerberos client is implemented as a security provider through the Security Support Provider Interface. Initial authentication is integrated with the Winlogon single sign-on architecture. The Kerberos Key Distribution Center (KDC) is integrated with other Windows 2000 security services and uses the domain’s Active Directory as its security account database. The Kerberos protocol is more flexible and efficient than NTLM, and more secure. The benefits gained are:

Ø Faster connections because the server does not need to go to a domain controller to authenticate a client, and clients can reuse their authenticated session with a particular server or service throughout a network logon session.

Ø Mutual authentication. NTLM authentication was designed for a network environment in which servers were assumed to be genuine, so clients and servers cannot authenticate the identity another server. Kerberos allows clients and servers to verify another server.

Ø Delegated authentication. Windows services impersonate clients when accessing resources on their behalf, but where the service or resource is not on the local computer, NTLM cannot impersonate the client. Kerberos protocol has a proxy mechanism that allows a service to impersonate its client when connecting to other services and machines.

Ø Simplified trust management. Because of mutual authentication in Kerberos, trust between all Windows 2000 realms (domains) is by default two-way as servers can authenticate other servers. Explicit trust relationships are not required because in the organization tree credentials issued by the security authority for any realm are accepted everywhere in the tree. If the network includes more than one tree, credentials issued by a domain in any tree are accepted throughout the forest.

Kerberos very briefly:

Ø Administrator creates an account for a user and the Kerberos Key Distribution Center (KDC) creates a long-term key for that user

Ø At logon a client presents a password (or other authentication method), and the KDC uses the long-term key to identify the client

Ø If the client is authenticated, the KDC issues a session ticket containing the session key that has a short (definable) timeout. This allows the KDC to identify this user again without re-authenticating them on future visits. The client keeps the session ticket safe in a ticket store located in volatile system memory, and uses it to access the KDC in the future. This is the ticket-granting part of the service

Ø The KDC also issues each user with a short-lived ticket-granting ticket for the session when they are first or subsequently authenticated

Ø To access a resource or service on the local server, the client checks to see if it already has a service ticket (sometimes also called a session ticket) for that service. If not, the client sends a request to the KDC, together with the ticket-granting ticketthat indicates that the KDC has already accepted and authenticated this user.

Ø The KDC then issues them with a service ticket for the required resource or service, providing that they have the relevant permissions. Through this service ticket, the service or resource is assured of the users identity and can deliver the service or resource required.

Ø To allow access across realm (or domain) boundaries, a referral ticket is used. Each KDC has a unique inter-domain key that can be used to request tickets from other KDCs elsewhere on the network. When a client wants to access a non-local service or resource, for which it doesn't have a referral ticket, it asks the local KDC for one. The KDC uses its inter-domain key to access the target system's KDC and obtain a referral ticket for the resource or service, which it passes to the client.

Ø The client uses the referral ticket to directly access the remote service or resource.

Digital Certificates and the Public Key Infrastructure

Windows 2000 provides a coming-together of several public key security features that have been available in or for use with Windows in earlier versions. The combination is known as the Public Key Infrastructure (PKI). Public Key Encryption is used for:

Creating and validating digital signatures.

This is based on a mathematical transformation that combines the private key with the data to be signed in such a way that:

Ø Only someone possessing the private key could have created the digital signature.

Ø Anyone with access to the corresponding public key can verify the digital signature.

Ø Any modification of the signed data (even changing only a single bit in a large file) invalidates the digital signature.

Digital signatures are themselves just data, so they can be transported along with the signed data that they authenticate, for example as an attachment to an e-mail message, or within a software component download file.

Providing robust distributed authentication services.

A client can challenge a server or another client to prove they are who they say they are. Client A can encrypt some data or random text with client B's public key. Client B decodes this challenge and sends the result back, proving that they know the private key associated with the public key A used to issue the challenge. Alternatively, client A can send a plain text challenge to client B, which they encrypt with their private key.

Secret key agreement via public key permits two parties to agree on a shared secret using a public and non-secure communication network. Basically, both parties generate a random number that forms half of the shared secret key, and encrypt it with the public key of the other party. They are then swapped over the network. Both clients can extract the half of the shared secret that was generated by the other, decode it using their own private key, and combine the two halves to create the shared secret. This shared secret can be used for securing other communications, and is much faster and has less resources use than public key encryption.

Bulk data encryption without prior shared secrets.

As we've mentioned above, existing public key algorithms are computationally intensive when compared to secret-key algorithms. This makes them ill suited for encrypting large amounts of data. To get the advantages of PK cryptography along with efficient bulk encryption, the two technologies are typically combined. The sender of the message (or the server in the case of SSL) generates a random session key (a shared secret) to use for data encryption and encrypts this using the recipient's public key. On receipt the other party can use their public key to decode the shared secret session key and apply it to the data.

IP Security

IP Security is defined by the Internet Engineering Task Force (IETF), and sometimes referred to as just IPSec. It encrypts the content of each IP packet automatically for transit across a network, so that the source can be absolutely identified on receipt and the contents verified. It all happens below the network layer of IP, and requires no design/redesign by application authors. IP Security uses an authentication header (AH) and an encapsulated security payload (ESP). AH provides the source authentication, and guarantees packet data integrity. ESP provides confidentiality, in addition to authentication and integrity. With IP Security, only the sender and recipient know the security key. Windows IP Security extends the IETF IPSec model by mixing public-key and secret-key cryptography and by providing automatic key management.

If the authentication data in a packet is valid, the recipient knows that the data was not modified en-route. It is safe from interception, viewing, or copying by unauthenticated parties. IPSec also uses 'replay protection' to prevent incorrect acceptance by the recipient of a packet that has or will be been re-sent.

Encrypted File System (EFS)

To protect files stored on disk, particularly when the machine is open to theft or attack by booting from a floppy disk, the contents of files and whole directories can be encrypted using public-key encryption. File encryption and decryption are supported on a per-file or entire directory basis. Directory encryption is transparently enforced, in that all files and subdirectories created within a directory that is marked for encryption are automatically encrypted. Each file has a unique encryption key, making it safe for renaming. If you move a file from an encrypted directory to an unencrypted directory on the same volume, the file remains encrypted.

Encryption and decryption can be managed in Windows Explorer, or with command line tools and recovery agents. A file need not be decrypted before use - encryption and decryption are done automatically when bytes travel to and from the disk. EFS automatically detects that a file is encrypted, and locates a user’s key from the system’s key store. Since the mechanism of key storage is based on CryptoAPI, users have the flexibility of storing keys on secure devices such as smart cards.

Security Configuration Tool Set

To replace the User Manager for Domains utility and a host of other utilities such as the Services dialog and the Registry editor security features, Windows 2000 provides the Security Configuration Tool Set. This is a snap-in for MMC, and is required because the current notion of a domain is on the way out as Active Directory defines the whole structured information tree for each organization. In particular the requirements for security configuration are Internet-aware tools that can access and manage enterprise networks and the new distributed services included in the operating system.

The Security Configuration Tool Set provides a single point of administration for Windows NT and Windows 2000–based system security. It allows the administrator to configure security and perform security analysis on one or more computers within an integrated and uniform framework. It allows management of:

Ø Account policies, such as domain or local account lockout policy, and Kerberos policy.

Ø Local policies for user rights and control of resources such as a floppy disk, CD-ROM, etc.

Ø Group memberships for built-in and user-defined account groups.

Ø Windows system services configuration and start-up options.

Ø File and folder sharing for NTFS files and the Redirector service.

Ø System registry security for registry keys and values.

Ø System file store security to set and manage security for local disk files and directory trees.

Ø Directory Security to manage the security of objects residing in the Active Directory.

Active Directory and ADSI

Active Directory

This is a Microsoft implemented directory that is used in Windows 2000 to store information that previously occurred in many different areas of Windows NT and 9x. This includes the system Registry, the Security Account Manager (SAM) database, various INI files, and others. It is based on the metabase format that is used in IIS4 to store the structure and properties of the sites in IIS/MMC. In fact, this metabase also survives in Windows 2000, but becomes a directory and not a metabase.

So, the directories in Microsoft's Active Directory implementation are really just metabases that may have already been present in Windows 2000. They are nothing to do with existing directories like LDAP and NDS. What makes Active Directory exciting is the way that the directories are accessed using ADSI.

Active Directory Service Interfaces

ADSI is a way of abstracting the various different structures, access techniques and capabilities of any directory service that is installed on the machine, or on another machine on the network. ADSI is a unifying technology that presents the programmer with a standardized set of interfaces as COM objects to access all and any directories. ADSI places these objects within separate sub-trees called namespaces, for example WinNT, LDAP, IIS, NDS, etc. All the namespaces are then combined into a single globally accessible object that is the root of the ADSI directory access tree - named ADs.

Each namespace is typically the root of a specific directory for a network operating system or system service (such as WinNT and IIS. Administrators and developers can use ADSI services to enumerate and manage the resources in a directory service, no matter which network environment contains the resource, providing that they have relevant access permissions. For example the WinNT sub-tree can be used to perform common administrative tasks such as adding new users and managing printers.

Terminology note: ADSI objects are standard COM objects that represent the persistent objects in an underlying directory service. The contents of the directory are manipulated using the ADSI objects, which act as a transforming layer to convert between the native format of the directory service and the standard programming interface of ADSI. Hence, the term ADSI Provider that defines the ADSI namespace object and the set of dependent objects for a particular namespace.

As an example, the LDAP provider for Windows 2000 automatically exposes the contents of an Exchange Server directory. This is implemented within Exchange as a Jet-style database named public.edb. However, the entire content is exposed through ADSI using the standard COM objects. When you program the objects to read and write values, you are actually writing to the Exchange directory through ADSI. This might seem difficult to grasp at first - the promotion by Microsoft of 'Active Directory' makes it seem like they have moved everything to a new store. In the case of the WinNT namespace this is true, but the really important and fun stuff is in ADSI not Active Directory. Think of it like ADO - we deal with the ADO Provider for whatever data store we want to access, and get back the data in a standard recordset format irrespective of its internal storage format. With the ADSI Provider, we're only doing the same kind of thing.

Another terminology note: ADSI is one component of the Windows Open Services Architecture (WOSA) Open Directory Service Interfaces (ODSI), in other words - ADSI is part of WOSA ODSI. And WOSA ODSI is probably a Scandinavian goatherd.

COM+ and Component Environment Issues

Component Services

COM+ is the next step in the evolution of COM and MTS. It handles many of the resource management tasks you had to program yourself, such as thread allocation and security. It makes applications more scalable by automatically providing:

Ø Thread pooling

Ø Object pooling

Ø Just-in-time object activation

Ø Role-based security

Ø Asynchronous object execution

It also provides support for transactions that span multiple components and/or data sources, including distributed transactions that occur over a WAN. It's the next logical step for creating component-based, distributed applications. This combination of COM and MTS, together with operating system support for other component utilization features such as:

Ø - Dynamic load balancing

Ø - Queued component execution support

Ø - In-Memory Database (IMDB)

Ø - Transactional Shared Property Manager (TSPM)

Together, all this is termed the Component Services.

New Threading Model

COM+ implements a new threading model called neutral threaded apartment (NTA), which allows a component to have serialized access like normal apartment threaded (STA/MTA) components, but also execute on any thread like a free-threaded component.

Where did MTS Go?

If you have used MTS, you'll recognize many of the features of COM+ as being those introduced in MTS. For example MTS, and now COM+, provides these familiar features:

Role-based Security

In a role-based security model, access to resources (such as components and services) is based on the logical group or role that the caller has been assigned (such as sales, accounts, administration, etc.). This is automatic once security has been enabled. It is also possible to check a caller's role programmatically.

Object Pooling

Object pooling allows objects that have been created in an application to be pooled after use ready for re-use. Pooling deactivated objects like this saves on system resources and provides better scalability. You can pool almost any kind of object (as long as it's written in C++ at present).

Automatic Transactions

COM+ supports all the MTS 2.0 features and is backward compatible with existing applications. However, it adds a new feature called Auto-done, which allows the system to automatically call SetAbort if an exception is triggered, or SetComplete if not.

Object Context

Each ASP page or component running in IIS (since version 4) has a context associated with it, via the ObjectContext object. We can get a reference to this object using the GetObjectContext method, and through it access the ASP integral objects such as Request and Response. We also use this object to control transactions, with the SetComplete and SetAbort methods. ObjectContext also provides access to methods that are used to manage security programmatically.

All these features are still available, but are now supported by COM+ rather than the separately visible and separately installed MTS.

Other New COM+ Features

Load Balancing

Load balancing distributes the server's workload among all the available resources. When an application requires a remote object to be created, the request can be handled by a special router service that directs the request to an appropriate server. At present, the response times are analyzed for component requests, allowing the routing service to select the best option. Future releases of COM+ will (according to Microsoft) support other load balancing schemes.

Queued Components

Not to be confused with message queuing, this feature allow components to be built that can execute immediately if the client and server are connected, or have the request deferred if the client and server are not connected. It is an ideal approach in enterprise-level n-tier business applications, because it allows asynchronous and queued transactions to take place at component level in conjunction with Message Queuing Services (formerly MSMQ), rather than through custom programming.

In-Memory Database

The IMDB is a transient, transactional database-style cache that resides in memory. It is designed to provide extremely fast access to data on the machine where it resides, through an OLE DB provider compatible with ADO.

Application and Component Administration

In COM+, a new highly optimized registration database called RegDB stores the metadata that describes components installed on the system, and is used instead of the system Registry. This metadata is also available through a transactional and scriptable interface called the Catalog. There is also a new Component Services administration tool provides a fully scriptable UI for both developers and administrators to manage components as well as deploy both client side and server side applications.

Useful Sources of Information

The Wrox Web Developer Site (http://webdev.wrox.co.uk/)

The main site for sample code for all the Web-developer books we publish. Run the samples on-line or download code to run on your own server. Also contains chapters and extracts from our books, industry news, and a series of useful reference tools and other resources.

ASPToday (http://www.asptoday.com/)

Read focused and useful articles on ASP and other Web programming techniques from a range of experts and industry gurus. A new article is available every day of the week, and you can search the archives for previous ones.

15 Seconds Free Resources Center (http://www.15seconds.com/)

Free resource for developers working with Microsoft Internet Solutions. 15 Seconds proclaims to be the biggest IIS and ASP development resource in the world, with over 2300 pages.

Active Server Pages Resources Site (http://www.activeserverpages.com/)

This site specializes in Active Server Pages programming issues. Maintained by Charles Carroll, it contains online programming tutorials, references, and links to a wide range of resources and articles.

Allin ASP Message Board (http://www.allin.co.uk/)

This is a site dedicated to the discussion of all things to do with Microsoft Active Server Pages. The site is contains a wealth of useful information.

ASP 101 Resources Site (http://www.asp101.com/)

The purpose of this site is to provide both expert and novice developers with useful and timely information on the emerging technology of Active Server Pages.

ASP Forums (http://www.aspforums.com/)

This site provides a range of forums and discussion groups for ASP related topics, plus lists of related companies and their software designed for use with ASP.

ASP Hole IIS and ASP Guide (http://www.asphole.com/)

Intended to help the Active Server Pages professional locate ASP-related and IIS-related resources quickly and efficiently. A huge range of various resources is available.

ASP Toolbox (http://www.tcp-ip.com/)

Here you'll find a range of tutorials and other ASP-related information to help in developing your dynamic Web sites.

Aspin.com - The ASP Resource Index (http://www.aspin.com/)

All the Active Server Pages (ASP) Resources you need in one place, including ASP components, applications, code snippets, references, and books.

JavaScript Source (http://javascript.internet.com/)

An excellent JavaScript resource with tons of cut & paste JavaScript examples for your Web pages.

Microsoft's NT Server and BackOffice Site (http://www.microsoft.com/backoffice/)

This site is the main page for the Microsoft BackOffice products, including NT Server, SQL Server, Exchange, and other components.

PowerASP Active Server Pages (http://powerasp.com/)

This site offers code snippets, hints & tips, a discussion board, a chat room and newsletters—all related to ASP and general Web development topics.

Ultimate ASP (http://www.ultimateasp.com/)

An ever-expanding wealth of information for building dynamic web pages.

Website Abstraction (http://www.wsabstract.com/)

This site is a webmaster's learning center featuring tutorials on all aspects of JavaScript and Web site construction. It has been featured in many prestigious sources such as the LA Times and Vancouver Province newspapers.

World Wide Web Consortium (http://www.w3.org/)

The home of the Web. W3C is the main body that sets and agrees the standards for HTML and Web-related technologies.

Wynkoop BackOffice Pages (http://www.swynk.com/)

Maintained by Steve Wynkoop, this site covers all Microsoft BackOffice technologies. Ideal for those who want to combine ASP and corporate databases.