/// <summary> /// Creates if needed dedicated iisAppObject pools and assigns to specified site iisAppObject pool according to /// selected ASP.NET version. /// </summary> /// <param name="site">WEb site to operate on.</param> /// <param name="createAppPools">A value which shows whether iisAppObject pools has to be created.</param> private void SetWebSiteApplicationPool(WebSite site, bool createAppPools) { var aphl = new WebAppPoolHelper(ProviderSettings); // Site isolation mode var sisMode = site.DedicatedApplicationPool ? SiteAppPoolMode.Dedicated : SiteAppPoolMode.Shared; // Create dedicated iisAppObject pool name for the site with installed ASP.NET version if (createAppPools && site.DedicatedApplicationPool) { // Find dedicated app pools var dedicatedPools = Array.FindAll<WebAppPool>(aphl.SupportedAppPools.ToArray(), x => aphl.isolation(x.Mode) == SiteAppPoolMode.Dedicated); // Generate dedicated iisAppObject pools names and create them. foreach (var item in dedicatedPools) { // Retrieve .NET Framework version var dotNetVersion = aphl.dotNetVersion(item.Mode); // var enable32BitAppOnWin64 = Enable32BitAppOnWin64; // Force "enable32BitAppOnWin64" set to true for .NET v1.1 if (dotNetVersion == SiteAppPoolMode.dotNetFramework1) enable32BitAppOnWin64 = true; // var poolName = WSHelper.InferAppPoolName(item.Name, site.Name, item.Mode); // Ensure we are not going to add an existing app pool if (webObjectsSvc.IsApplicationPoolExist(poolName)) continue; // using (var srvman = webObjectsSvc.GetServerManager()) { // Create iisAppObject pool var pool = srvman.ApplicationPools.Add(poolName); pool.ManagedRuntimeVersion = aphl.aspnet_runtime(item.Mode); pool.ManagedPipelineMode = aphl.runtime_pipeline(item.Mode); pool.Enable32BitAppOnWin64 = enable32BitAppOnWin64; pool.AutoStart = true; // Identity pool.ProcessModel.IdentityType = ProcessModelIdentityType.SpecificUser; pool.ProcessModel.UserName = GetQualifiedAccountName(site.AnonymousUsername); pool.ProcessModel.Password = site.AnonymousUserPassword; // Commit changes srvman.CommitChanges(); } } } // Find var siteAppPool = Array.Find<WebAppPool>(aphl.SupportedAppPools.ToArray(), x => x.AspNetInstalled.Equals(site.AspNetInstalled) && aphl.isolation(x.Mode) == sisMode); // Assign iisAppObject pool according to ASP.NET version installed and isolation mode specified. site.ApplicationPool = WSHelper.InferAppPoolName(siteAppPool.Name, site.Name, siteAppPool.Mode); }
private void FillAspNetSettingsFromIISObject(WebVirtualDirectory vdir) { // Read ASP.NET settings if (String.IsNullOrEmpty(vdir.ApplicationPool)) return; // try { // using (var srvman = webObjectsSvc.GetServerManager()) { var appool = srvman.ApplicationPools[vdir.ApplicationPool]; // var aphl = new WebAppPoolHelper(ProviderSettings); // ASP.NET 2.0 pipeline is supposed by default var dotNetVersion = SiteAppPoolMode.dotNetFramework2; // #region Iterate over managed runtime keys of the helper class to properly evaluate ASP.NET version installed foreach (var k in WebAppPool.AspNetVersions) { if (k.Value.Equals(appool.ManagedRuntimeVersion)) { dotNetVersion = k.Key; break; } } #endregion // Detect pipeline mode being used if (appool.ManagedPipelineMode == ManagedPipelineMode.Classic) dotNetVersion |= SiteAppPoolMode.Classic; else dotNetVersion |= SiteAppPoolMode.Integrated; // var aspNetVersion = String.Empty; #region Iterate over supported ASP.NET versions based on result of the previous runtime version assesement foreach (var item in WebAppPoolHelper.SupportedAppPoolModes) { if (item.Value == dotNetVersion) { // Obtain ASP.NET version installed aspNetVersion = item.Key; // break; } } #endregion // Assign the result of assesement vdir.AspNetInstalled = aspNetVersion; } } catch (Exception ex) { Log.WriteError(String.Format("Failed to read ASP.NET settings from {0}.", vdir.Name), ex); // Re-throw throw (ex); } }
private void DeleteDedicatedPoolsAllocated(string siteName) { try { WebAppPoolHelper aphl = new WebAppPoolHelper(ProviderSettings); // var dedicatedPools = Array.FindAll<WebAppPool>(aphl.SupportedAppPools.ToArray(), x => aphl.isolation(x.Mode) == SiteAppPoolMode.Dedicated); // cleanup app pools foreach (var item in dedicatedPools) { using (var srvman = webObjectsSvc.GetServerManager()) { // string poolName = WSHelper.InferAppPoolName(item.Name, siteName, item.Mode); // ApplicationPool pool = srvman.ApplicationPools[poolName]; if (pool == null) continue; // srvman.ApplicationPools.Remove(pool); // srvman.CommitChanges(); } } } catch (Exception ex) { Log.WriteError(ex); throw (ex); } }
/// <summary> /// /// </summary> /// <exception cref="System.ArgumentNullException" /> /// <exception cref="System.ApplicationException" /> /// <param name="siteId"></param> public override void InstallSecuredFolders(string siteId) { // if (String.IsNullOrEmpty(siteId)) throw new ArgumentNullException("siteId"); // WebsitePanel.IIsModules works for apps working in Integrated Pipeline mode #region Switch automatically to the app pool with Integrated Pipeline enabled var webSite = webObjectsSvc.GetWebSiteFromIIS(siteId); // if (webSite == null) throw new ApplicationException(String.Format("Could not find a web site with the following identifier: {0}.", siteId)); // var aphl = new WebAppPoolHelper(ProviderSettings); // Fill ASP.NET settings FillAspNetSettingsFromIISObject(webSite); // var currentPool = aphl.match_webapp_pool(webSite); var dotNetVersion = aphl.dotNetVersion(currentPool.Mode); var sisMode = aphl.isolation(currentPool.Mode); // AT least ASP.NET 2.0 is allowed to provide such capabilities... if (dotNetVersion == SiteAppPoolMode.dotNetFramework1) dotNetVersion = SiteAppPoolMode.dotNetFramework2; // and Integrated pipeline... if (aphl.pipeline(currentPool.Mode) != SiteAppPoolMode.Integrated) { // Lookup for the opposite pool matching the criteria var oppositePool = Array.Find<WebAppPool>(aphl.SupportedAppPools.ToArray(), x => aphl.dotNetVersion(x.Mode) == dotNetVersion && aphl.isolation(x.Mode) == sisMode && aphl.pipeline(x.Mode) == SiteAppPoolMode.Integrated); // webSite.AspNetInstalled = oppositePool.AspNetInstalled; // SetWebSiteApplicationPool(webSite, false); // using (var srvman = webObjectsSvc.GetServerManager()) { var iisSiteObject = srvman.Sites[siteId]; iisSiteObject.Applications["/"].ApplicationPoolName = webSite.ApplicationPool; // srvman.CommitChanges(); } } #endregion #region Disable automatically Integrated Windows Authentication PropertyBag winAuthBag = winAuthSvc.GetAuthenticationSettings(siteId); // if ((bool)winAuthBag[AuthenticationGlobals.Enabled]) { // using (var srvman = webObjectsSvc.GetServerManager()) { Configuration config = srvman.GetApplicationHostConfiguration(); ConfigurationSection windowsAuthenticationSection = config.GetSection( "system.webServer/security/authentication/windowsAuthentication", siteId); // windowsAuthenticationSection["enabled"] = false; // srvman.CommitChanges(); } } #endregion // using (var srvman = webObjectsSvc.GetServerManager()) { // Configuration appConfig = srvman.GetApplicationHostConfiguration(); // ConfigurationSection modulesSection = appConfig.GetSection(Constants.ModulesSection, siteId); // ConfigurationElementCollection modulesCollection = modulesSection.GetCollection(); // ConfigurationElement moduleAdd = modulesCollection.CreateElement("add"); // moduleAdd["name"] = Constants.WEBSITEPANEL_IISMODULES; moduleAdd["type"] = SecureFoldersModuleAssembly; moduleAdd["preCondition"] = "managedHandler"; // modulesCollection.Add(moduleAdd); // srvman.CommitChanges(); } }
/// <summary> /// Installs the provider. /// </summary> /// <returns>Error messsages if any specified.</returns> public override string[] Install() { List<string> messages = new List<string>(); string[] cfgMsgs = webObjectsSvc.GrantConfigurationSectionAccess(INSTALL_SECTIONS_ALLOWED); // if (cfgMsgs.Length > 0) { messages.AddRange(cfgMsgs); return messages.ToArray(); } try { SecurityUtils.EnsureOrganizationalUnitsExist(ServerSettings, UsersOU, GroupsOU); } catch (Exception ex) { Log.WriteError(ex); messages.Add(String.Format("Could not check/create Organizational Units: {0}", ex.Message)); return messages.ToArray(); } // Create web group name. if (String.IsNullOrEmpty(WebGroupName)) { messages.Add("Web Group can not be blank"); } else { try { // create group if (!SecurityUtils.GroupExists(WebGroupName, ServerSettings, GroupsOU)) { SystemGroup group = new SystemGroup(); group.Name = WebGroupName; group.Members = new string[] { }; group.Description = "WebsitePanel System Group"; SecurityUtils.CreateGroup(group, ServerSettings, UsersOU, GroupsOU); } } catch (Exception ex) { Log.WriteError(ex); messages.Add(String.Format("There was an error while adding '{0}' group: {1}", WebGroupName, ex.Message)); } } // Setting up shared iisAppObject pools. try { WebAppPoolHelper aphl = new WebAppPoolHelper(ProviderSettings); // Find shared pools var sharedPools = Array.FindAll<WebAppPool>(aphl.SupportedAppPools.ToArray(), x => aphl.isolation(x.Mode) == SiteAppPoolMode.Shared); // foreach (var item in sharedPools) { using (var srvman = webObjectsSvc.GetServerManager()) { // Local variables bool enable32BitAppOnWin64 = (aphl.dotNetVersion(item.Mode) == SiteAppPoolMode.dotNetFramework1) ? true : false; // if (srvman.ApplicationPools[item.Name] == null) { ApplicationPool pool = srvman.ApplicationPools.Add(item.Name); // pool.ManagedRuntimeVersion = aphl.aspnet_runtime(item.Mode); pool.ManagedPipelineMode = aphl.runtime_pipeline(item.Mode); pool.ProcessModel.IdentityType = ProcessModelIdentityType.NetworkService; pool.AutoStart = true; pool.Enable32BitAppOnWin64 = enable32BitAppOnWin64; // srvman.CommitChanges(); } } } } catch (Exception ex) { Log.WriteError(ex); // messages.Add(String.Format("There was an error while creating shared iisAppObject pools: {0}", ex.Message)); } // Ensure logging settings are configured correctly on a web server level try { webObjectsSvc.SetWebServerDefaultLoggingSettings(LogExtFileFlags.SiteName | LogExtFileFlags.BytesRecv | LogExtFileFlags.BytesSent | LogExtFileFlags.Date); } catch (Exception ex) { Log.WriteError(ex); // messages.Add(String.Format(@"There was an error while configure web server's default logging settings. Reason: {0}", ex.StackTrace)); } // Ensure logging settings are configured correctly on a web server level try { webObjectsSvc.SetWebServerDefaultLoggingSettings(LogExtFileFlags.SiteName | LogExtFileFlags.BytesRecv | LogExtFileFlags.BytesSent | LogExtFileFlags.Date); } catch (Exception ex) { Log.WriteError(ex); // messages.Add(String.Format(@"There was an error while configure web server's default logging settings. Reason: {0}", ex.StackTrace)); } return messages.ToArray(); }
/// <summary> /// Gets virtual iisDirObject description that belongs to site with supplied id and has specified name. /// </summary> /// <param name="siteId">Site's id that owns virtual iisDirObject.</param> /// <param name="directoryName">Directory's name to get description for.</param> /// <returns>virtual iisDirObject description that belongs to site with supplied id and has specified name.</returns> public override WebVirtualDirectory GetVirtualDirectory(string siteId, string directoryName) { WebAppPoolHelper aphl = new WebAppPoolHelper(ProviderSettings); // WebVirtualDirectory webVirtualDirectory = webObjectsSvc.GetVirtualDirectory(siteId, directoryName); // this.FillVirtualDirectoryFromIISObject(webVirtualDirectory); this.FillVirtualDirectoryRestFromIISObject(webVirtualDirectory); // webVirtualDirectory.DedicatedApplicationPool = !aphl.is_shared_pool(webVirtualDirectory.ApplicationPool); // CheckEnableWritePermissions(webVirtualDirectory); // ReadWebManagementAccessDetails(webVirtualDirectory); // return webVirtualDirectory; }
/// <summary> /// Updates virtual iisDirObject settings. /// </summary> /// <param name="siteId">Site's id that owns supplied iisDirObject.</param> /// <param name="iisDirObject">Web iisDirObject that needs to be updated.</param> public override void UpdateVirtualDirectory(string siteId, WebVirtualDirectory directory) { if (this.webObjectsSvc.SiteExists(siteId)) { WebAppPoolHelper aphl = new WebAppPoolHelper(ProviderSettings); // bool dedicatedPool = !aphl.is_shared_pool(directory.ApplicationPool); // SiteAppPoolMode sisMode = dedicatedPool ? SiteAppPoolMode.Dedicated : SiteAppPoolMode.Shared; // directory.ParentSiteName = siteId; // string origPath = webObjectsSvc.GetPhysicalPath(directory); // remove unnecessary permissions // if original folder has been changed if (String.Compare(origPath, directory.ContentPath, true) != 0) RemoveWebFolderPermissions(origPath, GetNonQualifiedAccountName(directory.AnonymousUsername)); // set folder permissions SetWebFolderPermissions(directory.ContentPath, GetNonQualifiedAccountName(directory.AnonymousUsername), directory.EnableWritePermissions, dedicatedPool); // var pool = Array.Find<WebAppPool>(aphl.SupportedAppPools.ToArray(), x => x.AspNetInstalled.Equals(directory.AspNetInstalled) && aphl.isolation(x.Mode) == sisMode); // Assign to virtual iisDirObject iisAppObject pool directory.ApplicationPool = WSHelper.InferAppPoolName(pool.Name, siteId, pool.Mode); // webObjectsSvc.UpdateVirtualDirectory(directory); // this.FillIISObjectFromVirtualDirectory(directory); this.FillIISObjectFromVirtualDirectoryRest(directory); } }
public override WebSite GetSite(string siteId) { WebAppPoolHelper aphl = new WebAppPoolHelper(ProviderSettings); // WebSite site = webObjectsSvc.GetWebSiteFromIIS(siteId); // site.Bindings = webObjectsSvc.GetSiteBindings(siteId); // FillVirtualDirectoryFromIISObject(site); // FillVirtualDirectoryRestFromIISObject(site); // check frontpage site.FrontPageAvailable = IsFrontPageSystemInstalled(); site.FrontPageInstalled = IsFrontPageInstalled(siteId); //check ColdFusion if (IsColdFusionSystemInstalled()) { if (IsColdFusion7Installed()) { site.ColdFusionVersion = "7"; site.ColdFusionAvailable = true; } else { if (IsColdFusion8Installed()) { site.ColdFusionVersion = "8"; site.ColdFusionAvailable = true; } } if (IsColdFusion9Installed()) { site.ColdFusionVersion = "9"; site.ColdFusionAvailable = true; } } else { site.ColdFusionAvailable = false; } site.CreateCFVirtualDirectories = ColdFusionDirectoriesAdded(siteId); //site.ColdFusionInstalled = IsColdFusionEnabledOnSite(GetSiteId(site.Name)); // check sharepoint site.SharePointInstalled = false; // site.DedicatedApplicationPool = !aphl.is_shared_pool(site.ApplicationPool); // CheckEnableWritePermissions(site); // ReadWebManagementAccessDetails(site); // site.SecuredFoldersInstalled = IsSecuredFoldersInstalled(siteId); // site.SiteState = GetSiteState(siteId); // return site; }
public void EnforceDelegationRulesRestrictions(string siteName, string accountName) { var moduleService = new DelegationRulesModuleService(); // Adjust web publishing permissions to the user accordingly to deny some rules for shared app pools var webSite = webObjectsSvc.GetWebSiteFromIIS(siteName); // var fqUsername = GetFullQualifiedAccountName(accountName); // Instantiate application pool helper to retrieve the app pool mode web site is running in WebAppPoolHelper aphl = new WebAppPoolHelper(ProviderSettings); // Shared app pool is a subject restrictions to change ASP.NET version and recycle the pool if (aphl.is_shared_pool(webSite.ApplicationPool) == true) { // moduleService.RestrictRuleToUser("recycleApp", "{userScope}", fqUsername); moduleService.RestrictRuleToUser("appPoolPipeline,appPoolNetFx", "{userScope}", fqUsername); } // Dedicated app pool is not a subject for any restrictions else { // moduleService.AllowRuleToUser("recycleApp", "{userScope}", fqUsername); moduleService.AllowRuleToUser("appPoolPipeline,appPoolNetFx", "{userScope}", fqUsername); } }
/// <summary> /// Enables Helicon Ape module & handler on the web site or server globally. /// </summary> /// <param name="siteId"> /// Web site id or empty string ("") for server-wide enabling /// </param> public override void EnableHeliconApe(string siteId) { if (null == siteId) { throw new ArgumentNullException("siteId"); } if ("" != siteId) { // prepare enabling Ape for web site WebSite webSite = null; using (ServerManager srvman = webObjectsSvc.GetServerManager()) { // Helicon.Ape.ApeModule works for apps working in Integrated Pipeline mode // Switch automatically to the app pool with Integrated Pipeline enabled webSite = webObjectsSvc.GetWebSiteFromIIS(srvman, siteId); if (webSite == null) throw new ApplicationException( String.Format("Could not find a web site with the following identifier: {0}.", siteId)); // Fill ASP.NET settings FillAspNetSettingsFromIISObject(srvman, webSite); } // var aphl = new WebAppPoolHelper(ProviderSettings); var currentPool = aphl.match_webapp_pool(webSite); var dotNetVersion = aphl.dotNetVersion(currentPool.Mode); var sisMode = aphl.isolation(currentPool.Mode); // AT least ASP.NET 2.0 is allowed to provide such capabilities... if (dotNetVersion == SiteAppPoolMode.dotNetFramework1) dotNetVersion = SiteAppPoolMode.dotNetFramework2; // and Integrated pipeline... if (aphl.pipeline(currentPool.Mode) != SiteAppPoolMode.Integrated) { // Lookup for the opposite pool matching the criteria var oppositePool = Array.Find<WebAppPool>(aphl.SupportedAppPools.ToArray(), x => aphl.dotNetVersion(x.Mode) == dotNetVersion && aphl.isolation(x.Mode) == sisMode && aphl.pipeline(x.Mode) == SiteAppPoolMode.Integrated); // webSite.AspNetInstalled = oppositePool.AspNetInstalled; // SetWebSiteApplicationPool(webSite, false); // using (var srvman = webObjectsSvc.GetServerManager()) { var iisSiteObject = srvman.Sites[siteId]; iisSiteObject.Applications["/"].ApplicationPoolName = webSite.ApplicationPool; // srvman.CommitChanges(); } } #region Disable automatically Integrated Windows Authentication using (var srvman = webObjectsSvc.GetServerManager()) { PropertyBag winAuthBag = winAuthSvc.GetAuthenticationSettings(srvman, siteId); // if ((bool) winAuthBag[AuthenticationGlobals.Enabled]) { Configuration config = srvman.GetApplicationHostConfiguration(); ConfigurationSection windowsAuthenticationSection = config.GetSection( "system.webServer/security/authentication/windowsAuthentication", siteId); // windowsAuthenticationSection["enabled"] = false; // srvman.CommitChanges(); } } #endregion #region Disable automatically Secured Folders if (IsSecuredFoldersInstalled(siteId)) { UninstallSecuredFolders(siteId); } #endregion } using (var srvman = webObjectsSvc.GetServerManager()) { if (!IsHeliconApeEnabled(srvman, siteId)) { Configuration appConfig = srvman.GetApplicationHostConfiguration(); // add Helicon.Ape module ConfigurationSection modulesSection = appConfig.GetSection(Constants.ModulesSection, siteId); ConfigurationElementCollection modulesCollection = modulesSection.GetCollection(); // <add name="Helicon.Ape" /> ConfigurationElement heliconApeModuleEntry = modulesCollection.CreateElement("add"); heliconApeModuleEntry["name"] = Constants.HeliconApeModule; heliconApeModuleEntry["type"] = GetHeliconApeModuleType(siteId); // this way make <clear/> and copy all modules list from ancestor //modulesCollection.AddAt(0, heliconApeModuleEntry); // this way just insert single ape module entry modulesCollection.Add(heliconApeModuleEntry); // add Helicon.Ape handler ConfigurationSection handlersSection = appConfig.GetSection(Constants.HandlersSection, siteId); ConfigurationElementCollection handlersCollection = handlersSection.GetCollection(); // <add name="Helicon.Ape" /> ConfigurationElement heliconApeHandlerEntry = handlersCollection.CreateElement("add"); heliconApeHandlerEntry["name"] = Constants.HeliconApeHandler; heliconApeHandlerEntry["type"] = GetHeliconApeHandlerType(siteId); heliconApeHandlerEntry["path"] = Constants.HeliconApeHandlerPath; heliconApeHandlerEntry["verb"] = "*"; heliconApeHandlerEntry["resourceType"] = "Unspecified"; handlersCollection.AddAt(0, heliconApeHandlerEntry); srvman.CommitChanges(); } } }
private void RemoveDelegationRulesRestrictions(string siteName, string accountName) { WebSite webSite = null; using (ServerManager srvman = webObjectsSvc.GetServerManager()) { webSite = webObjectsSvc.GetWebSiteFromIIS(srvman, siteName); } var moduleService = new DelegationRulesModuleService(); // Adjust web publishing permissions to the user accordingly to deny some rules for shared app pools var fqUsername = GetFullQualifiedAccountName(accountName); // Instantiate application pool helper to retrieve the app pool mode web site is running in WebAppPoolHelper aphl = new WebAppPoolHelper(ProviderSettings); // // Shared app pool is a subject restrictions to change ASP.NET version and recycle the pool, // so we need to remove these restrictions if (aphl.is_shared_pool(webSite.ApplicationPool) == true) { // moduleService.RemoveUserFromRule("recycleApp", "{userScope}", fqUsername); moduleService.RemoveUserFromRule("appPoolPipeline,appPoolNetFx", "{userScope}", fqUsername); } }
private bool IsHeliconApeEnabled(ServerManager srvman, string siteId) { if (!string.IsNullOrEmpty(siteId)) { // Check the web site app pool in integrated pipeline mode WebSite webSite = null; webSite = webObjectsSvc.GetWebSiteFromIIS(srvman, siteId); if (webSite == null) throw new ApplicationException( String.Format("Could not find a web site with the following identifier: {0}.", siteId)); // Fill ASP.NET settings FillAspNetSettingsFromIISObject(srvman, webSite); var aphl = new WebAppPoolHelper(ProviderSettings); var currentPool = aphl.match_webapp_pool(webSite); if (aphl.pipeline(currentPool.Mode) != SiteAppPoolMode.Integrated) { // Ape is not working in not Integrated pipeline mode return false; } } var appConfig = srvman.GetApplicationHostConfiguration(); var modulesSection = appConfig.GetSection(Constants.ModulesSection, siteId); var modulesCollection = modulesSection.GetCollection(); foreach (var moduleEntry in modulesCollection) { if ( String.Equals(moduleEntry["name"].ToString(), Constants.HeliconApeModule, StringComparison.InvariantCultureIgnoreCase) || String.Equals(moduleEntry["name"].ToString(), Constants.HeliconApeModulePrevName, StringComparison.InvariantCultureIgnoreCase) ) return true; } // return false; }