Internet -->Website Server IIS6 --> Application Server IIS6
Right now when I am on my internal network I can go to http://192.168.1.2 in my web browser and the web based application will open. I know that an address of 192.168.x.x will not work outside of our local network. I want to be able to access the application that is on 192.168.1.2 from the Internet. So, from the outside, I want to be able to go to www.mydomain.com, then have a link on our company website that will point them to the application on the other server. I would like our visitors to stay within our same domain. I can add a virtual directory in IIS on the website server that points to the web folder on the application server. Am I going down the right path with a virtual directory?
Ans -
If you have a separate dns entry for the 2nd application you could use host headers on the main server and have the 2nd domain get redirected to the 2nd server.
Or you could just identify a virtual directory in the main server and put some asp redirect that shuffles everything to the 2nd server.
Or if both computers are on the same lan, you could just let the main server be the only webserver using a virtual directoy mapped to the other server.
__________________
More...
http://forums.devshed.com/iis-97/redirect-to-another-internal-webserver-317863.html
Showing posts with label IIS. Show all posts
Showing posts with label IIS. Show all posts
Monday, September 29, 2008
Monday, September 8, 2008
Securing Your .NET Web Services
By Mike Best
Security has often been the neglected stepchild of software development, but it is increasingly coming under closer scrutiny. As Web Services are deployed in greater numbers, the security of these access points into an organizations business processes can no longer be relegated to backseat status.
Generally, you will have three general security scenarios for a Web Service:
Those that are open to the general population, with no authentication
Those that are open to the general population, but with authentication
Those that are open to a controlled sub-set of users, such as a companys employees
For this article, we'll assume that some sort of security is required. In addition, to simulate the scenario that will be common for many Web Services, we'll assume that the user base of our Web Services will not be confined to those users within our intranet.
At this point it is important to define several terms that are used in the context of IIS and ASP.NET security:
Authentication is the process of determining the identity of the requester, and whether that identity exists within the set of known users.
Authorization is the process of determining if a given identity has the rights to perform a requested action.
Impersonation is the process of accessing resources as another user. In this case, it would be an ASP.NET application or Web Service accessing resources using a users permissions, rather than the default user account under which ASP.NET runs.
Because .NET Web Services are based upon IIS and ASP.NET, the security model for Web Services is inherited from these technologies. However, Web Services will have different considerations than ASP.NET applications when developing a security strategy. Obviously, Web Services do not have user interfaces with which users can interact.
You can think of the available security services as layers (see Figure 1 below). These layers sit upon one another, can be used in various combinations, and are provided by either IIS or the ASP.NET runtime. These various security implementations will be discussed in the next section.
More...
http://dotnetjunkies.com/Tutorial/5D8B6D51-97B7-4825-B919-49A721A3FDF6.dcik
Security has often been the neglected stepchild of software development, but it is increasingly coming under closer scrutiny. As Web Services are deployed in greater numbers, the security of these access points into an organizations business processes can no longer be relegated to backseat status.
Generally, you will have three general security scenarios for a Web Service:
Those that are open to the general population, with no authentication
Those that are open to the general population, but with authentication
Those that are open to a controlled sub-set of users, such as a companys employees
For this article, we'll assume that some sort of security is required. In addition, to simulate the scenario that will be common for many Web Services, we'll assume that the user base of our Web Services will not be confined to those users within our intranet.
At this point it is important to define several terms that are used in the context of IIS and ASP.NET security:
Authentication is the process of determining the identity of the requester, and whether that identity exists within the set of known users.
Authorization is the process of determining if a given identity has the rights to perform a requested action.
Impersonation is the process of accessing resources as another user. In this case, it would be an ASP.NET application or Web Service accessing resources using a users permissions, rather than the default user account under which ASP.NET runs.
Because .NET Web Services are based upon IIS and ASP.NET, the security model for Web Services is inherited from these technologies. However, Web Services will have different considerations than ASP.NET applications when developing a security strategy. Obviously, Web Services do not have user interfaces with which users can interact.
You can think of the available security services as layers (see Figure 1 below). These layers sit upon one another, can be used in various combinations, and are provided by either IIS or the ASP.NET runtime. These various security implementations will be discussed in the next section.
More...
http://dotnetjunkies.com/Tutorial/5D8B6D51-97B7-4825-B919-49A721A3FDF6.dcik
Sunday, August 31, 2008
Security Guidance for IIS
Security Guidance for IIS
Find information on how to improve the security of your Web servers and Web applications with the tools, security hardening guidance, and other resources found here.
http://www.microsoft.com/technet/security/prodtech/IIS.mspx
Find information on how to improve the security of your Web servers and Web applications with the tools, security hardening guidance, and other resources found here.
http://www.microsoft.com/technet/security/prodtech/IIS.mspx
Saturday, August 30, 2008
How to: Install and Configure SMTP Virtual Servers in IIS 6.0
In order to send e-mail from an ASP.NET Web application, you must have the Simple Mail Transfer Protocol (SMTP) service of Internet Information Services (IIS) installed and configured on your server. The IIS SMTP service is a simple component for forwarding e-mail messages to an SMTP server for delivery.
http://msdn.microsoft.com/en-us/library/8b83ac7t.aspx
http://msdn.microsoft.com/en-us/library/8b83ac7t.aspx
How to: Create and Configure Local ASP.NET Web Sites in IIS 6.0
Using Internet Information Services (IIS) Manager, you can create a local Web site for hosting an ASP.NET Web application. This topic explains how you can create a local Web site and configure it to run ASP.NET pages. For more information about how to install and configure IIS, or about how to create a Web site, see the IIS Help or the online IIS product documentation on the Microsoft TechNet Web site.
http://msdn.microsoft.com/en-us/library/33487zw6.aspx
http://msdn.microsoft.com/en-us/library/33487zw6.aspx
Subscribe to:
Posts (Atom)
Posts
