Skip to main content

2-3 Tier Architecture Conversion with IIS

  

Windows 2-3 Tier Architecture Conversion with IIS

In a previous blog post, we explored the transformation of legacy two-tier architecture applications into three-tier architecture using Oracle's OHS server. Today, we'll delve into achieving the same result using Microsoft's IIS server. 


Introduction

Unlocking Security Layers with IIS:

If you've been managing IIS-based applications and wish to bolster their security by introducing a third layer for the web, we have a solution for you. This involves IIS serving as a Reverse Proxy, akin to the role OHS played in our previous example. 



Process

There is no need to create a Web Portal containing only wrapper calls to the APP server where all your business logic lies in the form of API based application. You can create a robust application with direct DB calls hosted on the APP server and then showcase the same application without any coding expertise to a Web Layer. And then every end user will be using the web interface only without any direct access to the App Layer making it shielded by your web layer.

You web layer will act as a contained for forwarding all your requests from the web layer to app layer and then responding back the responses received from app layer to the end user from web layer. And the best part is, the end user will still be working the URL/Address provided by the web layer and not the app layer.


What makes it more secure is that you can change the communication ports between the WEB and APP layer to some non-standard port service number which will again make it difficult to directly access the APP/DB layer from the Web Layer.

Also, if you want, you can use the SSL offloading facility also so that the communication between Web and App layer can be worked out on NON-SSL port also.

Benefits of using IIS over OHS

Firstly, Details regarding setting up the IIS as we layer is more freely available in the open domain. Which makes it easy to troubleshoot issues with IIS in comparison to OHS.

Secondly, most of the settings are available with GUI interface in IIS. So, User Friendliness.

Thirdly, as IIS is handing the requests over App also, so it will be easy for your developer to cope up with Web Layer again as it is also going to be on IIS server only.

Moving forward, you can make multiple rules with URL rewrite here to forward request to any node on the app layer as you require. This makes it easy to handle multiple requests from different app layer applications from one web layer application in front. User will always be having One Stop Solution for all the application usage on the Web Layer in spite of having multiple back-end applications at the app layer.

Let's go step by step!!

So, how do we make it possible. You may follow the given below steps for the same:

Step 1. You host your IIS based Application over the APP layer. How do you do it. 

You create a Folder on your APP server. Put down the published ASP.NET, ASP.NET MVC or PHP or any application hostable on IIS there. Then you go to INETMGR (IIS Manager Application on your windows server) and Create a Website for e.g. AppLayer

This AppLayer website's virtual path on the IIS server will be / (root).

Then you host your web application within this AppLayer website by create multiple child folders as in picture below where your actual WebApplication/APIs lies:





 


Step 2. You need to Install IIS over the Web Layer now from Server Manager. 

Step 3. After you install the IIS over the Web Layer, move to the ARR installation. ARR stands for Application Request Routing. It will be available from this link to download. 


Step 4. After installation, close the IIS server Manager over Web Layer and reopen it to see the ARR application in the IIS on the right middle pane. Now, open it and enable the proxy routing rule from the right most action pane. And do not write any URL rewrite rule there. Use the application rewrite rules over Web Sites instead on the Server itself, as that will route all the request coming over to the server to the location, where you put the proxy server URL.

Step 5. Now, create a website with 443 port and SSL binding on the Web Layer and use the URL rewrite module (if you do not have it you can download it from below and then restart IIS Server Manager application) to route all requests that come to your Web Layer over:

https://webLayer.in/MyApps/ (Incoming Request Inbound Rule)

to

https://appLayer.in/MyApps/ (Incoming Request Rewrite Rule)


Now, the user will be able to access all the website hosted on App Layer 

as 

WebApp1

WebApp2 

from the same URL https://webLayer.in/MyApps/ typing in below URLs in the browser

https://webLayer.in/MyApps/WebApp1

https://webLayer.in/MyApps/ WebApp2


P.S. https://webLayer.in is the domain name for the IIS hosted Website over Web Layer

Comments

Post a Comment

Provide your valuable feedback, we would love to hear from you!! Follow our WhatsApp Channel at
https://whatsapp.com/channel/0029VaKapP65a23urLOUs40y

Popular posts from this blog

Working with OAuth Tokens in .NET Framework 4.8

  Working with OAuth Tokens in .NET Framework 4.8 OAuth (Open Authorization) is a widely used protocol for token-based authentication and authorization. If you're working with .NET Framework 4.8 and need to integrate OAuth authentication, this guide will walk you through the process of obtaining and using an OAuth token to make secure API requests. Step 1: Understanding OAuth Flow OAuth 2.0 typically follows these steps: The client requests authorization from the OAuth provider. The user grants permission. The client receives an authorization code. The client exchanges the code for an access token. The client uses the token to access protected resources. Depending on your use case, you may be implementing: Authorization Code Flow (for web applications) Client Credentials Flow (for machine-to-machine communication) Step 2: Install Required Packages For handling HTTP requests, install Microsoft.AspNet.WebApi.Client via NuGet: powershell Copy Edit Install-Package Microsoft.AspNet.W...
Post a Comment
Read more

Changing the Default SSH Port on Windows Server 2019: A Step-by-Step Guide

Changing the Default SSH Port on Windows Server 2019: A Step-by-Step Guide By default, SSH uses port 22 for all connections. However, for enhanced security or due to policy requirements, it may be necessary to change this default port. In this guide, we'll walk you through how to change the SSH port on Windows Server 2019 . Changing the default port not only reduces the chances of brute-force attacks but also minimizes exposure to potential vulnerabilities. Let's get started! Why Change the Default SSH Port? Changing the default SSH port can offer several advantages: Security : Automated scripts often target the default SSH port (22). Changing it can prevent many basic attacks. Compliance : Certain compliance regulations or internal policies may require the use of non-standard ports. Segregation : If multiple services are running on the same server, different ports can be used for easier management and separation. Prerequisites Before proceeding, ensure that you: Have administ...
Post a Comment
Read more

Understanding Microservices: What They Are and How They Differ from Traditional Services and APIs

  Understanding Microservices: What They Are and How They Differ from Traditional Services and APIs In recent years, microservices have become one of the most popular architectural styles for building modern applications. But what exactly are they, and how do they differ from traditional services or APIs? In this blog, we’ll break down what microservices are, their key features, and how they differ from the more traditional service-oriented architectures (SOA) or simple APIs. What Are Microservices? In the simplest terms, a microservice is a way of designing software as a collection of small, independent services that each handle a specific task or business function. Imagine you're building an online shopping application. Rather than having a massive, monolithic (one big block of) application that handles everything—user management, product catalog, payment processing, etc.—you can break it down into smaller services. For example: User Service : Manages user accounts, login...
Post a Comment
Read more