The \Windows\System32\inetsrv\config\ApplicationHost.CONFIG file contains a number of settings that don't appear in the individual Web.CONFIG files. The Web.CONFIG files normally contain managed settings, while the ApplicationHost.CONFIG
file contains native code settings of various sorts. For example, when
you use basic or digest authentication, the settings appear in the ApplicationHost.CONFIG file, rather than the Web.CONFIG file, as shown in Figure 1.
Even though the file appears quite complex, you can break the ApplicationHost.CONFIG
file into five major areas. Once you know which area to view for a
particular kind of data, working with the file becomes considerably
easier. The following list describes each of the major areas.
configSections
The configSections
element defines the sections within the configuration file. You'll
never need to change anything in this element because IIS depends on a
specific configuration to accomplish tasks and you'll use other means to
configure custom applications.
configProtectedData
The configProtectedData
element contains the security provider information for the system. You
normally won't need to change this information unless you obtain a
third-party provider (there aren't any available for IIS 7 at the time
of this writing). If you do obtain a third-party provider, it's likely
that the provider's installation program will make all of the
appropriate entries for you. In sum, you probably won't need to change
the settings in this element.
system.applicationHost
The system.applicationHost
element is a configured section—one that doesn't necessarily have to
appear by default, but you'll normally see it. This element contains a
number of interesting configuration options that include the application
pools, custom metadata, listener adapters, log file settings, and some
Web site settings. A number of these settings are impossible to set
using the graphical utilities. For example, you can't set the log file
settings using the graphical interface, but you can set them quite
easily using the settings in this file. The Web site settings include
the Web site bindings, failed request logging, and application location
information.
system.webServer
The system.webServer
element is a configured section—one that doesn't necessarily have to
appear by default, but you'll normally see it. Many of these entries
look like they came directly from the graphical interface. For example,
you'll find the CGI settings here, as well as the default Web page and
directory browsing settings for the Web server as a whole. Some settings
aren't available from the graphical interface. For example, you can set
up ODBC logging using elements contained within this element. One of
the performance options you'll want to check is caching. You can enable
or disable caching for the Web server as a whole or for the kernel.
location
Every time you create a new location in IIS, IIS creates a new location element to hold it. The location element contains a path
attribute as a minimum that describes the location. For example, you'll
find an entry for the Default Web Site in the list. Every application,
virtual directory, or folder with special settings appears in the list. A
common child element is system.webServer.
This element may contain any number of child elements or no child
elements at all. The elements you see depend on the special settings for
the location. When working with an application, it's common to see
elements for setting the security, default directory, and handlers.
1. Working with the Administration.CONFIG File
The \Windows\System32\inetsrv\config\Administration.CONFIG
file contains administrative settings for the server. For example,
you'll configure the actual list of administrators here and define the
list of administrator providers you want to use, as shown in Figure 2. As with the ApplicationHost.CONFIG file, the Administration.CONFIG file contains a number of required entries that you probably won't change, including the configSections element.
The main item of interest is the moduleProviders
element. It contains a list of modules that IIS uses to perform useful
work. You can't access these providers from the graphical interface—they
affect IIS at a relatively low level. IIS sorts them by server and
ASP.NET modules. As with the security profiles, the modules you use must
appear in the GAC. You can add new modules by registering the module in
the GAC using the GACUtil utility and then adding the appropriate entry
to the moduleProviders element.
Simply adding an add element to the moduleProviders
element won't make the provider accessible to the server. You must link
the provider to a particular location, which is where the locationelement comes into play in this file. When you open the location element, you'll find that it contains a modules element that has a list of modules for that location. You simply refer to the name of the element you created in the moduleProviders
element. When you remove an element from this list, the server no
longer uses the module provider for that particular location, but it
remains configured for use later. The default IIS setup only includes
one location, the Web server itself.