Coffeehouse Thread

50 posts

What can we ask from Windows "Longhorn Server" 2006

Back to Forum: Coffeehouse
  • User profile image
    miies

    No offence to anyone in particular,

    But I'm getting a bit tired of all these this vs. that topics of the last few days. Let's remember that the main focus of this site is to have discussion between MS employees and developers. If this site becomes a second /. people will certainly leave, and that would be a shame.

  • User profile image
    sbc

    Doesn't this vs that help though? You could take ideas from popular competing products and implement an improved version. You need something to compare to if you wish to improve a product. Visual Studio for example could probably be a lot better if there was a real alternative. If you only had this, then a product may never really get better.

    XP and in the future Longhorn probably have got some ideas from MacOSX (which is apparently very newbie friendly - not used it though)

    Because there is now credible competition, Windows should get even better (it hasn't really changed much visually since 95 - which IMHO was/is Microsoft's most successful product, completely different to Win 3.11, the big changes being 32bit support and the TCP/IP stack. NT has contributed NTFS and better security.

  • User profile image
    chuawenching

    Hope it can be powerful as freebsd Smiley

  • User profile image
    Jeremy W

    Okay, so what would you like to see IIS have then? Simply saying "Apache's better, look at all these companies that use it" doesn't show how to make IIS better.

    .htaccess. Fair enough, though I honestly find the .config files are more powerful, .htaccess does some things in a much simpler fashion.

    So, beyond .htaccess, what would you improve sbc?

  • User profile image
    sbc

    It would be good if you could use web.config for other files (the only way you an do that is if you associate more file types with web.config - unless you can specify redirection on an arbitrary file, like index.html without creating that file)

    Also password protect any directory (at the moment if you want to protect /root/subdir/foldertoprotect/ you have to set up foldertoprotect as an application - unless there is a way, I do not know how to). The other problem I have found is if you have a dll in /bin/ that you wish to use in /root/subdir/foldertoprotect/ you need to copy it to the bin folder in foldertoprotect - you may want this as it could be a shared dll used on many 'sub applications'

    e.g. I find putting the following into the web.config directory in foldertoprotect does not work

    <authentication mode="Forms">
        <forms name="myapp" loginUrl="login.aspx" />
    </authentication>

    How do you use forms authentication on subfolders?

  • User profile image
    Terry Denham

    sbc,

    To get this scenario to work you would have the web.config file in the root directory. Then in the subdir, if you wanted it to be restricted to certain users or roles, you would add a simplified web.config to this directory. Or you can add <Location> elements to you root web.config to restrict access to subdirectories.


    http://support.microsoft.com/default.aspx?scid=kb;en-us;815174


    http://support.microsoft.com/default.aspx?scid=kb;en-us;307626

  • User profile image
    sbc

    Thanks for that. I now have a web.config that works:

    <?xml version="1.0" encoding="UTF-8" ?>
    <configuration>
        <system.web>
            <authentication mode="Forms">
                <forms name=".ASPXAUTH" loginUrl="admin/login.aspx" />
            </authentication>
            <authorization>
                <allow users="?" />
            </authorization>
        </system.web>
        <location path="admin">
            <system.web>
                <authorization>
                    <deny users="?" />
                </authorization>
            </system.web>
        </location>
    </configuration>

    I assume with this setup you can only have one login page? i.e. you may have a folder called poweruser that is restricted to power users and admin - I assume to do this you use roles?

  • User profile image
    Manip

    Why on earth has Microsoft encoded their config files in XML?!!? That is moronic, that is the only word for it! Are they just trying to make them a pain to edit! This XML trend is really getting out of hand.

    [This has nothing to do with apache.. just my hatred for misuse of XLM! Expressionless]

  • User profile image
    Jeremy W

    Actually it's great if you're trying to manage the config files on various machines. I love the fact that the .config files are in XML. The fact that Apache's aren't drives me up the wall.

  • User profile image
    Manip

    <Directory C:\Windows>
      Order deny, allow
      Deny from all
    </Directory>

    That is all you have to write to block access to windows with apache. No XML, nice simple... I can explain that to anyone in 1min and can write it in even less time. XML == Evil!

    Before you all come back at me about how IIS can use NTFS to secure its files.. so can apache for windows and Apache for Linux if you decide to install ACL.

  • User profile image
    Jeremy W

    Don't worry mate, I know how .htaccess works, but try doing that across multiple servers in multiple farms in multiple countries. The XML configuration of .config files means that I can work with a parser without having to do any find / replace type stuff. It just writes the value I need to whatever server, OS, farm or regional location I require.

    Easy as pie.

    I'm not complaining about .htaccess, because the simplicity is a huge bonus. However, the manageability of the .config files is a huge bonus as well. It's 2 different ways of managing a server. Neither is right or wrong, but it's likely only one will suit your needs Smiley

  • User profile image
    TheTodd

    Manip wrote:
    <Directory C:\Windows>
      Order deny, allow
      Deny from all
    </Directory>

    That is all you have to write to block access to windows with apache. No XML, nice simple... I can explain that to anyone in 1min and can write it in even less time. XML == Evil!

    Before you all come back at me about how IIS can use NTFS to secure its files.. so can apache for windows and Apache for Linux if you decide to install ACL.


    Can you not see that what you wrote is XML?

    From where I stand, XML makes it easy to configure files. I personally like it better than INI files. Besdies if the config file is in XML it's easier to write your own tools to manipulate those configurations than if it was a proprietary binary file, or a text file with no real organization. Also when migrating to a new server, you don't need to export registry settings and then import them, you just copy the XML files. Now if only IIS had an install methodology like Tomcat with its WAR files.

    As for what I'd like to see in the next server version, well I like the path that 2003 took with fewer applications installed by default maybe there are more services and such that don't need to be started by default.

    Also a host firewall turned on by default, or even better an initial install mode where no ports are open to incoming traffic while you patch your system. Today when you install 2000 or 2003 there are dozens of QFE's that you have to install immediately, but because of the way that some worms spread, you don't have time to download the patches before the worm hits you.

    Also, I understand the need to test the Service Packs completely, but they need to happen more frequently. Or at least have rollups more often where you take all the current patches and roll them up into one 36MB download (or whatever it turns out to be). Do this once a quarter, and make these easy to slipstream into the OS install disk.

  • User profile image
    Manip

    TheTodd wrote:

    Besdies if the config file is in XML it's easier to write your own tools to manipulate those configurations than if it was a proprietary binary file, or a text file with no real organization.


    Coming from someone who has never written an single tool no doubt... Yes it is such a challenge looping down a text file and then splitting it by '='. XML is insanely complex to manipulate with tools unless your using a pre-build parser. Dumping things in binary is actually fairly straight forward as are most text formats.

  • User profile image
    Jeremy W

    I thikn we're really getting down to splitting hairs here. Both methods are good, just depends on your preference and how you're going to use it.

  • User profile image
    Karim

    TheTodd wrote:
    Manip wrote: <Directory C:\Windows>
      Order deny, allow
      Deny from all
    </Directory>

    That is all you have to write to block access to windows with apache. No XML, nice simple... I can explain that to anyone in 1min and can write it in even less time. XML == Evil!

    [snip]


    Can you not see that what you wrote is XML?



    You forgot to use the closing </irony> tag.  LOL

  • User profile image
    TheTodd

    Let's not start with the character assassinations. This is a friendly developer forum. The simple fact is this, I prefer XML, I know developers that use the registry for all configuration settings, and I know developers that use a SQL database for the same settings. It all depends on what your program is trying to accomplish. I don't use XML for everything, I just use it when appropriate.

  • User profile image
    Manip

    I disagree with you about XML, but about the Registry and SQl I am in complete agreement. SQL is even worse than XML in my view, but XML is a more wide-spread problem.

  • User profile image
    SMac

    I'd take XML over a zazillion odd xml-like proprietary formats any day..

    what's a better solution.. do tell..

    Frankly, I'm beginning to think you're just against any standard that exists..

Comments closed

Comments have been closed since this content was published more than 30 days ago, but if you'd like to continue the conversation, please create a new thread in our Forums, or Contact Us and let us know.