MSDN Magazine: Enhance Your Applications with ASP.NET Integrated Pipeline!

This month, the Enhance Your Apps With the Integrated ASP.NET Pipeline article is finally out in MSDN Magazine.  I just got several copies in the mail (thanks Howard!).

****** UPDATE: Scott Hanselman presents the demos from this article at CodeMash 2008 ******

To be honest, I am VERY excited about this article.  I’ve been talking and writing about the ASP.NET Integrated pipeline in IIS 7.0 for a long time, but I feel that this is really the first in-depth look at how it can be used to add value to existing applications.  I think this article really nails the two big bottom-line benefits of the platform: the ability to use ready-made ASP.NET features to improve existing apps right away, and the ability to develop custom modules with ASP.NET to enhance those apps.

Enhance Your Apps with the Integrated ASP.NET Pipeline
(be sure to click on Figure links when reading the article, because most of the code samples and the performance data isnt shown in the main text)

This article also gave me a chance to show off my other baby, the FastCGI support in IIS 7.0.  The demo app that gets spruced up is a PHP image gallery, set up to work using FastCGI and the latest binaries with Windows enhancements. 

But, even though the article uses a PHP application, it is really not about PHP.  In fact, I don’t show or change a single line of PHP code in the whole article (for my foray into PHP development that ties into the Integrated pipeline extensibility, see my IIS authentication plugin for WordPress).

Instead, the article shows off how the ASP.NET Integrated pipeline can be used to apply the richness of the .NET Framework and ASP.NET services to any application framework technology.  It really doesn’t matter what the front-end application framework technology is.  You can keep your existing applications, be they written with ASP, PHP, Perl, or Ruby on Rails, and continue to leverage existing developer know-how with those technologies.

To recap without spoiling the article, here are some highlights:

·         Deploy the PHP app using FastCGI.  No-brainer, FastCGI is built-in in Windows Server 2008 and Windows Vista SP1.

·         Secure the PHP gallery using the super-famous ASP.NET access control trio: Login controls, Forms Authentication, and Membership backend using a portable Sql Express database.  The whole thing is done in just a few steps, all from the new IIS Manager console.  Gotta love the integration!

·         Write a custom URL rewriting module to support Search Engine Friendly (SEF) URLs for the image gallery, instead of the built-in “ugly” querystring URLs.

·         Write a custom response filter to on-the-fly replace the hyperlinks to use SEF URLs. After this, the app is now using SEF urls through-and-through, without a single change in PHP code.

·         Throw in a custom module that sets up a custom output caching scheme that boosts performance from 93 RPS for the stock app with FastCGI, to 1386 RPS with all the feature fixins.  So, basically after adding all the features the app is 14X times faster.

Be sure to read the article and download the attached source code. Be sure to click on figure links because most code samples and performance results are not shown on the article page.

When you are done, come back to read about:

building your own modules and handlers to enhance your applications using ASP.NET Integrated pipeline.

breaking changes your existing ASP.NET applications may experience in Integrated mode, and how to work around them.




  1. Anonymous

    В последнее время я большу пишу в другой блог . Однако, подумал и решил сюда публиковать абсолютно технологические

  2. Anonymous

    I’m trying to work through the article. I get to the point where I’ve modified the web.config and created the login.aspx file, but when I access the site, no redirection to the login page.

    Any suggestions for debugging?

  3. Mike Volodarsky

    Hi Greg,

    You may have missed the following note: “In actuality, I only need to allow anonymous access to the login page and require authentication for the rest of the content. I can do this by configuring declarative authorization rules in configuration. The complete configuration in my web.config file is shown in Figure 3.”

    Be sure to either disable anonymous authentication for your website (except for login page) using InetMgr, or use the authorization rules shown in Figure 3 to deny access to anonymous users (the latter requires that you install the IIS URL Authorization feature from Windows Setup). See Figure 3 for complete web.config using the latter approach.



  4. Anonymous

    Ok, I’m not getting it.

    I’m using Win2008 – build 6001. I run INetMgr, select my site, select Authentication, and see where I can disable anonymous authentication. I don’t understand the part about ‘except for login page’.

    Additionally, my web.config looks exactly like the one in Figure 3.

    I don’t know how to determine if IIS URL Authorization is installed, or how to install it if it isn’t.

    Any suggestions?


  5. Mike Volodarsky


    Go to Server Manager, Web Server(IIS) role, add role services, and make sure that “Security URL Authorization” is installed.

    If you are using the web.config in figure 3, you do not need to change authentication settings separately.



  6. Anonymous

    After almost 5 years at the company, I am both sad and excited to say that I’ll be leaving the IIS team and Microsoft at the end of this week. Looking back, I can say that my experience at Microsoft has been truly amazing

  7. Anonymous

    I am new to I am creating an intranet application which needs the windows loginname. I have unchecked the Anonymous login in inetmgr and in web.config, identity impersonate=”true”. I got the login name from System.Security.Principal.WindowsIdentity.GetCurrent.Name. It worked fine in my localhost machine. But the problem is that when I am trying to access the site from another machine, it requests for windows login. Then I checked the Anonymous login in inetmgr. At that time the login was not there but the windows login user name is not getting properly. It is showing the anonymous access’s username. How can I solve this problem? How can I get the windows login username while accessing the site from another machine?

    Please help me..

    Thanks in advance.
    Cibi Jacob
    [email protected]

  8. Anonymous

    Майк, молодец! Мне очень нравица твой блог. В отличие от многих походящих на него, он написан простым человеческим языком! Так держать!

    Миша из Chicago

  9. Anonymous

    Согласен с Мишой из чикаго. Нормальный блог без туфты и все понятно.

Leave a Reply

Your email address will not be published. Required fields are marked *