We are facing a strange issue with ASP.net Application using Windows Authentication and required some expert advice for resolution. Below is the detail scenario
1- Application-1: deployed on IIS on its own App.pool, Call the default page and provided the User ID and Password on IIS windows login screen. It successfully logged in=>No Issues.
2- Application-2: Create a new virtual directory on Same IIS and copy the web content of Application-1. Call default page and provided the User ID and Password on IIS windows login screen, It fails and Keep prompting Login screen
3- Rename the web.config in Application 2 to anything. e.g web123.config.
4- Call the Default Page of Application 2. It shows error which is obvious as IIS unable to find the web.config.
5- Reverse the name of web config from web123.config to web.config in Application 2.
6- Now call the application 2 again as per step 4, and it works.
It seems the IIS is overwriting some thing once we call the application with no web config as in step-4. But What and why it is not working at Step 2, where as technically we did not change any thing in web.config.
I'm not sure why renaming the web.config makes this work for you, but I have had this issue with duplicate websites on the same server having conflicting cookies. Without renaming the web.config can you do this and change the cookie name and see if anything changes?
Related
I am working on an ASP.NET webforms application that is being deployed to one of our internal IIS servers.
When I run the website on my machine using IISExpress it runs fine, can access the admin directory, however whenever I deploy to the server I can no longer access the admin directory and it just redirects me to the login page.
I have no code anywhere that should redirect me to the login page, even going so far as to delete the directory and it still redirecting, which would lead me to believe its a browser caching issue. After clearing the browser cache same thing happens, redirects you to the login page.
Another weird thing is that it only does it based on your website login account, when I log in using my actual account it allows me in, but whenever I use a test account with different roles it then redirects me.
I have checked all the usual culprits, HTTP Redirect, Output caching, temp ASP.NET files, master config and the sites own web.config to no avail. I have tried restarting the website and the application pool to no avail, and I can't restart the actual server/iis instance since there are other websites running that cannot be shutoff.
EDIT - Upon renaming the admin folder to admin2 it is now working without issue, so its definitely something to do with IIS. There be ghosts.
I am working on ASP.Net MVC-4 application. I have to implement windows authentication.
I have set authentication mode as 'Windows' in web.config file as shown below.
<system.web>
<authentication mode="Windows" />
</system.web>
In controller I try to get username as below.
string userName = User.Identity.Name;
but every time I am getting empty value.
Please let me know for any suggestions.
Thanks in advance.
Windows authentication is performed by IIS to establish our managed code User.Identity. Therefore, you need to enable Windows Authentication in your IIS, and in order to force the user to authenticate before being able to access our application, you need to disable Anonymous Authentication
With the given information, it looks like you've configured your project correctly but haven't actually authenticated the user yet.
First some background. There is a simplified tutorial on asp.net where, in between the lines, the following statement is mentioned:
By default, the ASP.NET Development Web Server executes all pages in the context of the current Windows account (whatever account you used to log into Windows).
This means that when you run your project with F5, it executes everything under your currently logged in user account. However, it isn't yet authenticated for the application and therefor your User.Identity.* is not set yet.
In order to verify if this is the case, you should add the [Authorize] attribute on the first controller (or Action) that is called in you ASP.NET MVC project. Most likely you'll be confronted with a "HTTP Error 401.0 - Unauthorized" exception. In this case, you should enable your webserver to authenticate first. The above mentioned tutorial will help you with this.
I have publish my website at visual studio . and i try to setup a website by IIS .
What i have done is :
I click Add New Website in ' Sites ' folder in the IIS and when i browse my physical path and pool , there is always the error saying cannot verify access to path , while my pool authentication passed .
this is my first time publishing a site , i want to host my site on localhost so whenever i type localhost it will be my site without running through visual studio . Can anyone help me with the IIS error on cannot verify acess to path ?
this is the look of my error :
I have just spent a long time trying to get to grips with this myself, and I believe I can offer an answer that may help anyone else who comes across this question in future. I think the problem stems from the terminology that is used in IIS, and the fact that you are just trying to deploy one website to localhost in order to test it.
In IIS, a 'Website' (i.e. what you are adding if you right-click Sites and then "Add Website...") is not really what you would commonly refer to as a website. It is just a folder on disk, with a URL binding. The Default Web Site, for example, has the folder \inetpub\wwwroot, and the binding "http:*:80:" which means that any http request (port 80) will go to this "Website". Your website that you have published is not what IIS refers to as a "Website".
In IIS, an individual website is called an "Application". A "Website" in IIS can hold a number of Applications, and you can add them by right-clicking the Default Web Site and choose "Add Application...".
In other words, the Default Web Site in IIS can contain many websites. For example:
http://localhost/eStellar
http://localhost/otherWebsite
http://localhost/thirdWebsite
all of which may be completely unrelated. I would say that the 3 sites above are 3 different websites, but in IIS these are three "Applications" contained within the "Default Web Site".
In IIS, each "Website" must have a unique binding. As you want your website to be accessible from
http://localhost/eStellar
(which is port 80) you should use the IIS Default Web Site, because it has the binding already to port 80 and you cannot create another "Website" in IIS with that same binding.
So right-click on the Default Web Site, and choose "Add Application...". In the dialog box that appears, the Alias is the name that you want to use in the URL after localhost, so in your case this is "eStellar". The Application Pool can be anything, but just choose the DefaultAppPool for now (the choice of Application Pool is another issue entirely). In the Physical Path, enter the place where you published the website to (i.e. what you have in the Physical Path box in the image in your question).
I also get the same "Cannot verify access to path" warning that you show in your image, but this does not affect my ability to access the page at
http://localhost/eStellar
It appears to be saying that it "cannot verify" whether you have access, not that it definitely cannot access the site. This warning was a bit of a red herring for me, as it actually has nothing to do with why I could not set up the site with the same method as you state in your question.
Hopefully now you can access your site at localhost.
These are the steps that need to be done on IIS 7
Right click your default website
Click on add application.
a dialogue will appear you need to give alias and folder path to your application here. along with application pool.
and you are good to go.
Regarding your error, give your login user rights, And if you are using connect as provide the user name and password of your machine to see if your test is successful.
I use this simple line of code inside my HttpHandler:
Directory.CreateDirectory(#"\\srv-001\dev\folderToCreate\");
I receive an UnauthoridezAccessException telling me that the access to the path is denied.
From here, I create a little Dos application in C# doing the same thing and I was able to create the folder. So, I thought that it might be that IIS is running on a different user than myself. I went to IIS and changed the Application pool to a Custom user, myself. But, unfortunately, I got the same exception.
I have try to create a Share folder on my computer and I can create directory. Also, when debugging I can see that System.Threading.Thread.CurrentPrincipal.Identity have its AuthenticationType to "", IsAuthenticated to false and name to "".
So, with all those tests I can conclude that the HttpHandler that receive the file cannot create a directory because of some security access.
How can I grand access to my HttpHandler to be able to create a directory (and files) to a network folder?
actually, i thought of one other thing to check. not only is there the app pool identity, but there is also an identity associated with anonymous authentication. if you are on iis 7/7.5, you should be able to see the authentication icon for the web application and doubleclick that. selecting anonymous authentication and then clicking edit will reveal a dialog that gives you the option of specifying a user or the app pool user. i bet if you choose app pool user, that will fix it.
if you are on iis 6, i don't recall as clearly, but i'll give it a shot. don't have iis 6 in front of me to verify, but i remember there being an anonymous access button you can click that would bring up a dialog where you could specify the user. don't think you had the option there of using the app pool identity and had to specify the account explicitly.
I finished my very first C# project in VS 2008 and it is working well now. But now I need to publish this project onto my new website. This project is a web application that interacts with my SQL Server 2008 Adventureworks database on this same computer(XP Professional OS). I am running IIS 6.0 Manager, but I am a newbie to both IIS 6.0 and VS 2008.
I began by right-clicking the application in VS and selecting "Publish", but I've just selected File System, cause choosing Local IIS forces me to enter Username and password.
The problem is that I can't open this website from IIS without it prompting me for username and password. I have modified machine.config file several times in the processModel section, by setting username="D610-M\ASPNET", password="AutoGenerate". But this makes me enter built-in password when I try to view it. And I don't know what built-in ASPNET password is. When I cancel this password popup, it returns:
HTTP 401.1 "You are not authorized to
view this page."
And I've reset the ASPNET password several times. First I tried setting it to a password I knew, then I ran the aspnet_regiis command to reinitialize it. I also tried substituting other usernames and passwords, but none of them have worked. I even tried entering "SYSTEM" for username and AutoGenerate password, but even this prompts me to enter password. I have added the ASPNET user Read/Write/List permissions to all relevant folders. And I tried to create a new website pointing to http://localhost/[AppName], but this forces me to enter password. So no getting around that password.
I have modified Properties for Default Website in IIS: Home Directory pointing to my application in VS 2008 folder and Application Protection = Low. On Directory Security tab, I set username to D610-M\IUSR_D610-M and I checked "Enable anonymous access." I unchecked the Allow IIS to control password.
And I have read alot of MS URL's and other websites to see if I could answer these problems myself, but none of their helps worked either. This should be simple. I'm just trying to add my web application to my website. I know that my website works cause I installed a default website with basic HTML and it works.
What else can I try in order to add this web app to my website?
One important limitation to remember is that you are only allowed one website on IIS6 on XP.
If you have edited your machine.config you have introduced too many new variables into the equation to properly troubleshoot the problem (not that editing machine.config in itself is harmful, but it's an indication that there's a bit of shotgun approach to the problem).
You need to start out by wiping your slate clean and making sure that you have an otherwise working system. Browsing an HTML page does not prove much as running HTML and running ASP.NET are like apples and bicycles.
The best that I know of for doing this is uninstalling and reinstalling IIS and whatever .NET framework you are on. If you are on 3.5 you should do this for both two and three point five. If you can you need to put machine.config and every version of web.config (except the one in your web app itself) back to their defaults. There is nothing there you should need to edit run an ordinary ASP.NET app.
Once you think you have a tabla rasa and can browse an html page, then change its extension to .aspx and see if you can still browse it.
My last suggestion for today is:
As a poster above said set your ACLs on the folder where your website is (typically c:\inetpub\wwwroot) so that the group "Everyone" has "Full Access". Don't leave it this way, even on your own machine, but it takes file permissions out of the equation. If you are still having problems let me know, but basically you need to start from a "known good" state if you ever hope to get this problem resolved.
I am not sure if this is it, but.... I have seen this error myself and it is usually caused by not having the ASP.NET version set to 2.0 in your Website properties under the ASP.NET tab. This setting is often defaulted to ASP.NET 1.1 which would cause this error to occur. Note, that even though you are using Visual Studio 2008 the ASP.NET Version is still needs to be 2.0 in IIS. I would double check this setting.
Usually, I recommend the initial build to be to a location in C:\ (example being C:\MyFirstApplication). You also need to make sure the "Network Service" has permissions to that folder. Placing the application in the projects (or whatever) folder in your personal documents list is asking for permissions and access issues. Try that and see if it works!
You need to set root level folder permissions on your web site. Navigate to the folder that holds your web site, right click, permissions, security tab. Make sure that you have asp.net, anonymous user, Internet Guest Account (computer\iuser_{something}) and network service in the allowed roles.
As an aside I suggest that you pre-compile your site before posting it to your web server. This is a security precaution and a performance booster. Getting into this habit will be a good thing for you in the long run. It keeps people from tweaking the code on the server. There is a good utility here to make this easier: http://www.west-wind.com/tools/aspnetcompiler.asp
I believe this is pretty much the same as the question posed by him earlier here