We have recently implemented a two way domain trust between Company A and Company B.
A classic asp/asp.net application runs on a single instance of IIS6 (running on win server 2003) within Company A's domain. The application is configured to use Integrated Windows Authentication.
When testing from company B machine, the application can be accessed fine.
The issue that we have identified is with custom error pages configured in IIS.
For example:
Company B clicks on a link to '/non_existent_page.asp', it hangs for a bit and then we eventually receive a user/passwd prompt. We then receive the following error in event viewer
Event Type: Error
Event Source: .NET Runtime 2.0 Error Reporting
Event Category: None
Event ID: 1000
Date: 13/08/2014
Time: 16:00:11
User: N/A
Description:
Faulting application w3wp.exe, version 6.0.3790.3959, stamp 45d6968e, faulting module kernel32.dll, version 5.2.3790.5295, stamp 52f3551e, debug? 0, fault address 0x0000bf93.
This temporarily makes the site unavailable for all users.
The user receives the following error in browser:
You do not have permission to view this directory or page using the
credentials that you supplied because your Web browser is sending a
WWW-Authenticate header field that the Web server is not configured
to accept.
When we enter the same URL directly into the browser's address bar, there is no issue and the custom 404 page is displayed.
The site has been added to the 'Local Intranet' trusted zone.
Broken links to aspx pages are handled by the web.config - so no problem there.
As a work around, we remove the custom 404 page in IIS and use the default file version found in windows\help\iishelp\common - This resolves the issue, but we'd really like to use our own page for these errors.
Any ideas on how we could resolve/debug this would be greatly appreciated.
You might need to have a look at the Edit Custom Error Page under IIS.
IIS --> App --> ErrorPages --> Error Codes that you want to modify
Related
I am getting an exception usually at night on a new project of mine. It is deployed to a hosting provider and visable to everyone.
My exception is:
Session state can only be used when enableSessionState is set to true, either in a configuration file or in the Page directive. Please also make sure that System.Web.SessionStateModule or a custom session state module is included in the <system.web><httpModules> section in the application configuration.
In my web.config there is:
<pages validateRequest="false" enableSessionState="true"
enableViewStateMac="true" enableEventValidation="true"
viewStateEncryptionMode="Always">
The exception is happening while getting Session.SessionID within one of my modules. This module is present on all pages in the application.
The application runs fine when I am here at work - but a night when I am not here this happens. I also never got this error while running application on my local dev machine. So I suspect a bot. Or possibly, hosting company shutting down services for some reason?
Is there any way to prevent this from happening? Like
if(Session.Isavailable)
or something I can add to my function in programmatically?
Recently I developed a asp.net core 2.0 web app in my company and in debug mode works perfect, however when I deployed in our testing server into IIS and we try to execute from a client machine it ran into a problem:
An unhandled exception occurred while processing the request.
CryptographicException: The key {0851ad3b-df33-4cf7-8c3a-5c637adaa713} was not found in the key ring.
Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingBasedDataProtector.UnprotectCore(Byte[] protectedData, bool allowOperationsOnRevokedKeys, out UnprotectStatus status)
InvalidOperationException: The antiforgery token could not be decrypted.
Microsoft.AspNetCore.Antiforgery.Internal.DefaultAntiforgeryTokenSerializer.Deserialize(string serializedToken)
The problem starts when I submmit login page. I investigated links with same problems here and other blogs, but I found that has to be with ValidateAntiForgeryToken and solution is related with Microsoft.AspNetCore.DataProtection. I added nuget package Microsoft.AspNetCore.DataProtection.Redis to my project and I added in ConfigureServices of startup class following code:
var redis = ConnectionMultiplexer.Connect("192.168.10.151:80");
services.AddDataProtection().PersistKeysToRedis(redis, "DataProtection-Keys");
services.AddOptions();
Our testing server ip is 192.168.10.151, however app throws following exception:
RedisConnectionException: It was not possible to connect to the redis server(s); to create a disconnected multiplexer, disable AbortOnConnectFail. InternalFailure on PING
¿Why it doesn't connect since is resolving in the same web app server?
¿Where is DataProtection-Keys database located?
as a workaround, I changed method by using PersistKeysToFileSystem as follows:
services.AddDataProtection()
.SetApplicationName("myapp-portal")
.PersistKeysToFileSystem(new System.IO.DirectoryInfo (#"c:\ProgramData\dpkeys"));
However running app in test server 192.168.10.151, when login form is submitted, goes back to login page. Checking stdout log file, only shows:
Hosting environment: Production
Content root path: C:\inetpub\wwwroot\OmniPays
Now listening on: http://localhost:30064
Application started. Press Ctrl+C to shut down.
Checking network messages by chrome's developers tools I noticed something:
Request URL: http://192.168.10.151/OmniPays/Account/Login
Request Method: POST
Status Code: 302 Found
Remote Address: 192.168.10.151:80
Referrer Policy: no-referrer-when-downgrade
and then ...
Request URL: http://192.168.10.151/OmniPays/Home/Main
Request Method: GET
Status Code: 302 Found
Remote Address: 192.168.10.151:80
Referrer Policy: no-referrer-when-downgrade
AccountController's Login action redirect request to HomeController's Main action only if authentication succeded, and Main action has [Authorize] attribute. For some reasons I can't achieve understand, Main action fails and return to Login page. URL in chrome shows: http://192.168.10.151/OmniPays/Account/Login?ReturnUrl=%2FOmniPays%2FHome%2FMain
I'm using Microsoft Identity. In debug mode works fine and if I deploy app in my local PC on IIS also works fine. ¿Maybe any SDK is missing in the server?
Please need help!!
Solution was found! the cause of problem was not in IIS neither the Server, connection to the server is using http rather than https, no certifies involved to validate secure connection, however testing in differents servers app works ok, so I felt really disappointed. Solution was to remove cookies an any data related with this URL pointing to Development Server (failing) in all browsers, data that was previously stored, and voila!!, now app works perfect. By default, as bhmahler comments data protection is made in memory and I left configuration by default, I mean, not explicitly persistence in redis nor PersistKeysToFileSystem and works fine, however is important to set DataProtection to strong data sensitive protection.
I'm newbie about these topics and It's unbelievable such a simple thing caused on me that waste of time. Thanks to all!.
Explanation
In production and locally, the 404 page for my site works fine for the most part. A URL such as http://localhost:43424/gibberish_r3hjjnwef will return the well designed 404 HTML page that is in the website folder, and pointed to by IIS.
However when I change the this URL to http://localhost:43424/gibberish_r3hjjnwef... it gives the following "hard" error, whilst still claiming to be a 404.
Server Error in '/' Application.
The resource cannot be found.
Description: HTTP 404. The resource you are looking for (or one of its dependencies) could have been removed, had its name changed, or is temporarily unavailable. Please review the following URL and make sure that it is spelled correctly.
Requested URL: /gibberish_r3hjjnwef...
Version Information: Microsoft .NET Framework Version:4.0.30319; ASP.NET Version:4.7.2110.0
I'd rather it still gave the 404 HTML page.
I thought maybe it was an outright invalid URL, but both http://www.bbc.co.uk/news/fdisdhfdu and http://www.bbc.co.uk/news/fdisdhfdu... give the BBC's nice 404 page.
Question
Is there anything I can do to improve this?
Relevant Information (happy to provide more if necessary)
Microsoft .NET Framework Version: 4.0.30319
ASP.NET Version: 4.7.2110.0
Language/Framework:C#/Classic .ASP
I'm not sure whether this is what you are referring to, but maybe try this out:
Go to IIS Manager -> Site -> IIS Error pages. On the right hand panel, there's a setting "Edit Feature Settings...".
The options there mean:
Custom error pages: Use the 'IIS error pages' as fallback for all failed requests (e.g. your 404 page set up the list behind)
Detailed error pages: In case of an Asp.Net error, shows the 'Asp.Net error page' ("Server Error in '/' Application." etc.)
Detailed errors for local requests etc.: Show the 'IIS error page' for remote requests, for local requests show the 'Asp.net error page' ("Server error in '/' etc.)
This is in place to effectively hide the detailed Asp.net error page (with the stack trace etc.) from external callers as you may not want to give them the details of your application. This is the default setting, where you should only see the 'Asp.net error page' when you call the invalid URL on 'localhost', but the 'IIS error page' (404) when you call the page from a different computer.
So, what you may want to try is to select the "Custom error pages" option ('IIS error pages' for all failed requests).
Using the C#/.NET Google+ sign-in quick start project, I'm hitting problems with IIS6. Here are the steps I followed:
downloaded the project from Github
modified the index.html and signin.ashx files to contain my Client ID and Client Secret
running the project on my machine (using the built in web server for Visual Studio 2010) works fine
published to Windows 2003 server with IIS6
added "index.html" as a default document for the web site
set the web site to use an app pool configured for the 4.0 .NET framework
attempted to access the page from Chrome
Accessing the site with no page specified on the URL (https://myserver.com/gplussample/) brings up the Google+ signin button. This works great and I'm taken to the page with my profile photo, circles, etc.
However, when I click the "disconnect" button, nothing happens. Using Chrome DevTools to examine the process, I see this error:
POST https://myserver.com/gplussample//disconnect 404 (Not Found)
The problem is the //disconnect - there's no page name (I believe it should be signin.ashx, as that's what works when I'm running the app on the dev web server with Visual Studio 2010).
I then attempted to access the site with a page name specified:
https://myserver.com/gplussample/signin.ashx
That results in a blank page and again, looking at the Chrome DevTools, I see a 400 Bad Request error for the .ashx handler. I searched and searched for solutions for .ashx handlers and "bad request" errors, with no success in this particular case.
Thinking IIS6 was the culprit, I published the site to an IIS7 instance.
With no page name specified on the URL (http://localhost/gplusoriginal/), I encountered the same error with the "disconnect" button - no action and a 404 error.
When I changed the URL to http://localhost/gplusoriginal/signin.ashx, I received this error:
Could not create type 'GPlus_ServerSideFlow.Signin'.
Again, back to Google and checking on .ashx handlers and issues with IIS7. I found a post about the web.config and specifying the handler there, so I tried that.
<system.webServer>
<handlers>
<add name="GPlus_ServerSideFlow.Signin" path="*.ashx" verb="*"
type="GPlus_ServerSideFlow.Signin" resourceType="Unspecified" />
</handlers>
</system.webServer>
Adding this snippet to the web.config resolved the "could not create type" error, but resulted in another 400 Bad Request error.
So, my questions are: What has to be done with II6 or IIS7 to get this sample project working? Are there additional steps in configuring IIS that need to be completed? Or something missing from the project code?
Thank you
The way that the sample works is that the RESTful endpoints are intercepted by an ashx handler, signin.ashx.cs. The handler can't be directly addressed so routes are setup in global.ashx.cs to map endpoints (/, /connect, /disconnect, etc) to that route handler.
As the sample ships, it assumes the built-in web server running on the root port. When moving to IIS, you need to change the path matchers from Equals to EndsWith in order to match the virtual directory you are deploying to:
// Redirect base path to signin.
if (context.Request.Path.EndsWith("/"))
{
context.Response.RedirectPermanent("signin.ashx");
}
// This is reached when the root document is passed. Return HTML
// using index.html as a template.
if (context.Request.Path.EndsWith("/signin.ashx"))
{
Apologies for the delay on this... but hopefully that fixes it! This fork of the C# starter has the changes in it, tested with IIS, and this update may end up getting merged back into the official sample soon.
I want to create virtual directory in my DNN website and make new database for this site , for this I go to IIs manager and click add virtual directory and browse that site it shows error
HTTP Error 500.19 - Internal Server Error The requested page cannot be
accessed because the related configuration data for the page is
invalid.
Module IIS Web Core Notification BeginRequest
Handler Not yet determined
Error Code 0x800700b7
Config Error Cannot add duplicate collection entry of type 'add' with
unique key attribute 'name' set to 'LogoffHandler*'
Config File \?\C:\Website\dnndev.me\web.config
Requested URL http://www.dnndev.me:80/VirtualDnn Physical
Path C:\Website\dnndev.me Logon Method Not yet determined
Logon User Not yet determined Config Source 116:
117:
118:
Please tell me how can i resolve this problem ........
Thanks
You might need to add
<location inheritInChildApplications="false">
To your web.config file so that DotNetNuke stops handling requests to that virtual directory.
Something along the lines of what is mentioned in this answer https://stackoverflow.com/a/782277/21362
An old blog post I wrote might also help
http://www.dotnetnuke.com/Resources/Blogs/cid/135153/DotNetNuke-Tip-15-Running-a-webservice-inside-of-a-DNN-site.aspx