deploy node web application to IIS

Requirement: Need to deploy node web application to on premise IIS 8.5.

1. Create a App Pool user and assign the user to IIS_IUSRS group. It’s easy to maintain permissions when we work with windows groups. This is a special group created for IIS and it makes life easy when we move applications to different windows servers.
2. Create Virtual directory for your application and give full permissions to IIS_IUSRS on this directory.
3. Now create a website or application for the virtual directory and set the app pool identity created in step 1.
4. Now download IISNode msi here. please pay attention on documentation relation to url rewrite.
5. After you install msi, run the batch file with admin privileges “C:\Program Files\iisnode\setupsamples.bat”.
6. Open IIS manager and expand default website, you should see samples are deployed under node application. This gave me pretty good understanding for me.
7. I have two different node web applications
Node application is serving both static and Api.
Node application is serving api only and static files are served by IIS.

Node Serving both static file and APi

Create web.config file in the virtual directory and add these settings.
rewrite: Any request comes to web site will be served by app.js
handlers: iisnode is a http handler which will execute app.js using node.

Note: what if don’t have app.js in the root directory? please see next section.
Please remove any hardcode port number from the index.js. port should passed from process “server.listen(process.env.PORT);”

Node Serving APi and IIS serving static content

Create web.config file in the virtual directory and add these settings.
default document: IIS serves default document from subfolder (new). index.html will load all css and other files.
rewrite: url that ends with api will be served by index.js which is under subfolder (server).

Note: Please remove any hardcode port number from the index.js. port should passed from process “server.listen(process.env.PORT);”

Hope this helps.

Asp.Net Web API 2 Customize Token Expiration

Problem Statement: We need our Web API  to issue bearer tokens with different expiration based on type of the client (Web, Mobile and Desktop).

Solution 1: Let the WEB API always issue token with same expiration for every client. this is straight forward implementation done in application startup.

AccessTokenExpireTimeSpan: you can set this property based on the security needs of your application.

OAuthOptions = new OAuthAuthorizationServerOptions
                TokenEndpointPath = new PathString("/Token"),
                Provider = new ApplicationOAuthProvider(PublicClientId),
                AuthorizeEndpointPath = new PathString("/api/Account/ExternalLogin"),
                AccessTokenExpireTimeSpan = TimeSpan.FromDays(2),
                // In production mode set AllowInsecureHttp = false
                AllowInsecureHttp = true,
                AuthenticationMode = AuthenticationMode.Active,
                AuthenticationType = OAuthDefaults.AuthenticationType

// Enable the application to use bearer tokens to authenticate users

Solution 2: Let the Web API issue token with different expiration times based on the client type. we would give longer expiration for desktop clients.

Provider: we have custom implementation for the ApplicationOAuthProvider as shown in Solution 1. Now for each client id we can set different expiration.
AccessTokenExpireTimeSpan: You need to comment this in start up configuration as shown in solution becuase you are customizing it in provider class.

Note: I didn’t provide full implementation here.

public class ApplicationOAuthProvider : OAuthAuthorizationServerProvider
    public override Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context)
        string clientId;
        string clientSecret;
        //This AuthModel is my custom model that will be passed in OwinContext
        var authModel = new AuthModel();

        if (context.TryGetFormCredentials(out clientId, out clientSecret))
            if (clientId.Equals("appWeb", StringComparison.OrdinalIgnoreCase))
                context.Options.AccessTokenExpireTimeSpan = TimeSpan.FromHours(2);

                context.OwinContext.Set("oauth:client", authModel);
                context.Validated(clientId);// please validate client credentials.
            else if (clientId.Equals("mobile", StringComparison.OrdinalIgnoreCase))
                context.Options.AccessTokenExpireTimeSpan = TimeSpan.FromDays(3);
                authModel.ClientSecret = clientSecret;

                context.OwinContext.Set("oauth:client", authModel);
                context.Validated(clientId); // please validate client credentials.
                context.SetError("invalid_client", "Client credentials are invalid.");
            context.SetError("invalid_client", "Client credentials are invalid.");

        return Task.FromResult(0);

Happy Coding!

Parse IIS Logs with Log Parser.

Requirement: Need some statistical data from IIS logs

Log parser: This is from Lizard Labs and it’s not free tool. This is very powerful tool with amazing GUI. Log Parser From Lizard Labs

Log Parser(Command Line): This is from Microsoft and it’s free. Download

I have used this command line interface to process the log files into database. I can run multiple reports once the data is in database.


  1. Copy all the logs into separate directory.
  2. Open command prompt and go to “C:\Program Files (x86)\Log Parser 2.2”.
  3. Run the this statement to process logs and insert data into Sql Server.

LogParser "SELECT * INTO tablename FROM D:\Logs\*" -i:W3C -o:SQL -server:servername -database:databasename -driver:"SQL Server" -username:sa -password:**** -createTable:ON

Hint: you can find examples by running this command “logparser -h examples”.

Thank You