Tuesday, October 23, 2012

Hosting RavenDB on IIS 7.5

Hosting RavenDB on IIS 7.0 is simple and well-documented, but you may find yourself running into a few issues.  It will also take some additional work if you want to secure your database and restrict access.  The following tips will get you up and running.

Word on IIS Configuration

If you haven't used IIS before or are starting this installation from scratch you may be wondering, where is IIS?  Assuming your version of Windows has IIS, you'll need to go to the Turn Windows features on or off menu from within the Control Panel.  From here, you can enable Internet Information Services.  It is important that you explicitly enable ASP.NET and any security features that you want to use.  This article will demonstrate how to set-up Basic Authentication.

Selecting IIS Features
One more thing to keep in mind. You may need to install ASP.NET from the command line using the aspnet_regiis.exe -i command. 

ASP.NET Installation

Accessing The Management Studio from the Web

RavenDB comes equipped with a nice Silverlight-based management interface.  Accessing it via the web in convenient and, more importantly, let's you know that your database is operational.  To set-up:
  • Download RavenDB and extract the Web folder.
  • Create a new web site with the physical path set to the Web folder just extracted.
At this point, going to localhost will bring up the Default instance of your RavenDB.  However, you won't be able to access it from any other machines on your network.
  • Add an inbound rule to your machine's firewall allowing communication over the port (TCP) assigned to you RavenDB installation.  By default, the port is 8080.
Now you will be able so get to the database from any machine with in your network.  A step in the right direction for sure, but you still won't be able to access it from outside your network.  To allow this you will need to configure any hardware, such as a router, sitting between the machine hosting RavenDB and the Internet proper.
  • Configure your network firewall to allow communiction over the same port as defined on your machine's firewall.
To verify that everything is working as expected, use your external IP address to get to RavenDB's Management Studio.

Securing RavenDB with Basic Authentication

It's great that you can access your RavenDB from anywhere, but maybe not so great that this also applies to everyone else.  To secure your database:
  • Create a Local User account.  This account will be used specifically to provide credentials for accessing RavenDB.
  • Add the new user account to the IIS_IUSRS group.  This will provide the user access to resources required to use the database.
  • In IIS, disable Anonymous Authentication and enable Basic Authentication for the RavenDB website set-up earlier.
That's it.  Now a username and password will be required to access The Management Studio.

References

Installing IIS 7
RavenDB - Deploying as an IIS application
What is my IP address?
Posted by at
Labels: , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)