Share via

2.1.1.2.1 Web Topology

  • Article

In IIS, a web application acts as both a container for websites and a process isolation boundary. A deployment of SharePoint Products and Technologies includes three types of web applications in IIS:

  • A Central Administration site web application that handles the administration of websites and of the farm running SharePoint Products and Technologies.

  • A service application web application that enables key services spanning multiple websites.

  • Zero or more run-time web applications that handle user requests.

A functioning farm includes at least one run-time web application. Such a web application is necessary for creating websites for user content and applications. In a common usage scenario, a browser accesses each web application via an independent TCP/IP port. For example, the Central Administration site web application might function over port 1002 and be accessed via the http://myserver:1002 URL. The run-time web application might function over TCP/IP port 80, which is the default for HTTP.

This separation among the web applications provides both simplicity and security:

  • Simplicity for users who do not need to see the complexity that is associated with administration and service applications.

  • Security, because the user content, service applications, and Central Administration site all run in separate processes with separate permissions and authentication.

The following figure shows the configuration of web applications in IIS.

Configuration of web applications in IIS

Figure 2: Configuration of web applications in IIS

In this configuration, the run-time web applications render all of the user content and contain one or more site collections. The architecture of SharePoint Products and Technologies allows for a large number of site collections in a single deployment. A single deployment can also support more than one run-time web application. Groups of site collections can thus be organized onto separate process boundaries, which in turn can be useful for supporting different modes of authentication and for separating content into different levels of security on the front-end Web server.