ADMINISTERING THE APPLICATION |
Chapter 24 |
565 |
|
|
|
|
|
6.Specify the location of the log files in the Log file directory text box and the frequency for creating new log files in the New Log Time Period section of the Extended Logging Properties dialog box.
7.Click on OK to close the Extended Logging Properties dialog box. The Default Web Site Properties dialog box will reappear.
8.Click on OK to close the Default Web Site Properties dialog box.
After you complete the preceding steps, IIS creates log files at the specified location. You can retrieve log files from time to time and analyze the performance of your Web application.
Summary
Network administrators can use SQL Server Enterprise Manager to manage databases. You can use the Enterprise Manager to back up databases, review database logs and schedule maintenance tasks.
You can change the default error messages associated with your Web application by designing a new HTML page and associating it with the application by using the Web.Config file. The Web.Config file includes the <customError> element, which in turn includes the <error> element that is used for mapping the error numbers with the error pages of the application.
IIS creates log files to track all Web requests that are processed by the server. You can select from a number of log file formats to create the log file, depending upon where you want to store the logs and how you want to analyze them.
This page intentionally left blank
SECURING THE APPLICATION |
Chapter 25 |
569 |
|
|
|
|
|
able by IIS is automatically incorporated into your Web application.The authentication methods available with IIS are Anonymous authentication, Basic authentication, Integrated Windows authentication, and Digest authentication. Take a look at Table 25-1 to learn more about each of these methods.
Table 25-1 IIS Authentication Methods
Authentication Method |
Description |
Anonymous |
This type of authentication mechanism does not require a user |
|
to provide a user ID or password to browse through a Web |
|
application. In this mechanism, IIS uses a default log on name |
|
and password to request for resources from a Web application. |
|
Therefore, this is the least secure authentication medium avail- |
|
able for accessing Web site resources. |
Basic |
This type of authentication mechanism does not allow a user |
|
to access the resources of a Web application unless the user |
|
provides the user ID and password. However, this authentica- |
|
tion method has one drawback.The user’s password is trans- |
|
mitted over the Internet in an unencrypted form, making it |
|
vulnerable to hackers. |
Integrated Windows |
This type of authentication uses the “hashing to track the user ” |
|
mechanism. In this mechanism,a user need not specify a pass- |
|
word to be authenticated.The user is verified over the network |
|
by using the user ’s Windows account logon credentials.This |
|
mechanism is generally deployed for internal business process- |
|
es of organizations, where the users accessing the application |
|
are few. |
Digest |
This type of authentication mechanism, just like the Basic |
|
authentication mechanism, does not allow a user to access the |
|
resources of a Web application unless he or she provides the |
|
user ID and password.This mechanism ensures greater securi- |
|
ty than the Basic authentication method because the user’s |
|
password is sent over the Internet in an encr ypted form. |
|
|