I coded a simple HttpModule in .net that authenticate user against a database for non .net files.
In IIS 6 I've map the .htm and .pdf extension to be executed by C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll and everything is working well.
Now I wan't to do the same thing for Classic asp pages but the .asp extension is already mapped to C:\WINDOWS\system32\inetsrv\asp.dll and mapping it to C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll is not working because there is no build provider for classic ASP in .net.
Here is how my web.config file look like:
<system.web>
<authorization>
<deny users "?" />
</authorization>
<compilation>
<buildProviders>
<add extension=".asp" type="System.Web.Compilation.PageBuildProvider" />
<add extension=".htm" type="System.Web.Compilation.PageBuildProvider" />
<add extension=".pdf" type="System.Web.Compilation.IgnoreFileBuildProvider" />
</buildProviders>
</compilation>
<httpHandlers>
<add path="*.asp" verb="*" type="System.Web.UI.PageHandlerFactory" validate="false"/>
<add path="*.htm" verb="*" type="System.Web.UI.PageHandlerFactory" validate="false"/>
<add path="*.pdf" verb="*" type="System.Web.StaticFileHandler" validate="false"/>
</httpHandlers>
<httpModules>
<add name="MyAuthenticationModule" type="Authentication.MyAuthenticationModule, Authentication"/>
</httpModules>
</system.web>
Is there a solution?
ASP.Net for the most part will not correctly interpret classic ASP file. If you have a very simple classic ASP page, with perhaps only a few very simple server expressions, such as a <%=Date() %> or two, you might get very lucky and find that the code still works... but I wouldn't count on it.
You can have classic ASP pages live in the same IIS web site as ASP.Net pages, but you still need to have those pages configured so that the classic ASP interpreter is responsible for them. You can also configure authentication to happen at the IIS level, or configure ASP.Net and ASP classic to share an authentication token/cookie, so that a user logs into an ASP.Net site once and the classic ASP pages are still protected by that single authentication event. However, getting this set up and working correctly is not an easy operation.
Related
I am trying to disable access to Sitemap.xml file outside the production environment. currently if user types http://localhost:62777/sitemap.xml it is accessible but i want to restrict it. currently i tried as below but no luck
<location path="sitemap.xml">
<system.web>
<authorization>
<deny users="?"/>
</authorization>
</system.web>
</location>
is there any other way to disable it from outside the production environment? Thanks in advance.
i tried as below also but not working
<httpHandlers>
<add path="sitemap.xml" verb="*" type="System.Web.HttpForbiddenHandler" name="xml (integrated)" preCondition="integratedMode" />
</httpHandlers>
Why in the world do you want to "restrict" it? /sitemap.xml needs to be publicly available or the search engines (which is what it is for) won't read it. See the protocol definition on Sitemaps.org.
That said, if you don't want to use it for some reason (such as rolling your own sitemap solution or if your site is not Internet facing), you can disable it.
<appSettings>
<add key="MvcSiteMapProvider_EnableSitemapsXml" value="false"/>
</appSettings>
you can add in IIS Please see here
Please am fairly new to programming in asp.net and now am following the steps in a textbook to design an e-commerce web application.
I am using UrlRewritingNet dll from http://www.urlrewriting.net/ to create search engine friendly urls on the application. I unzipped the urlrewritingnet zip and copied its dll file to my application's bin folder. I also copied its urlrewritingnet.xsd file to my project folder. The textbook am working from uses the dll from urlrewriter.net with different configurations which I tried in my project but it didn't work. The textbook also uses visual web developer 2005. Am programming in visual studio 2012 (C#). For now am trying to rewrite the url of my catalogs page so as to test if the configuration in my web.config file is correct. I'm doing the configuration in my web.config, not in IIS. I do not want any IIS configurations because am imagining a scenario where I don't have access to the server.
I keep getting an internal server error that displays like this:
HTTP Error 500.22 - Internal Server Error
An ASP.NET setting has been detected that does not apply in Integrated managed pipeline mode.
this is the url which I want to rewrite: http://localhost:1036/Catalog.aspx?DepartmentID=1
This is my config file:
<configuration>
<configSections>
<section name="urlrewritingnet"
restartOnExternalChanges="true"
requirePermission ="false"
type="UrlRewritingNet.Configuration.UrlRewriteSection, UrlRewritingNet.UrlRewriter" />
</configSections>
<urlrewritingnet
rewriteOnlyVirtualUrls="true"
contextItemsPrefix="QueryString"
defaultProvider = "RegEx"
defaultPage = "Default.aspx"
xmlns="http://www.urlrewriting.net/schemas/config/2006/07" >
<rewrites>
<add name="Rule1"
provider="RegEx"
virtualUrl="^.*-d([0-9]+)/?$"
rewriteUrlParameter="ExcludeFromClientQueryString"
destinationUrl="~/Catalog.aspx?DepartmentID=$1"
ignoreCase="true" />
</rewrites>
</urlrewritingnet>
<appSettings>
<add key="MailServer" value="smtp.gmail.com"/>
<add key="MailUsername" value="engr.ejikeeze#gmail.com"/>
<add key="MailPassword" value="keeplooking"/>
<add key="MailFrom" value="engr.ejikeeze#gmail.com"/>
<add key="EnableErrorLogEmail" value="false"/>
<add key="ErrorLogEmail" value="engr.ejikeeze#gmail.com"/>
<add key="ProductsPerPage" value="6"/>
<add key="ProductDescriptionLength" value="60"/>
<add key="SiteName" value="BalloonShop"/>
</appSettings>
<connectionStrings>
<add name="BalloonShopConnection" connectionString="server = (local)\SQLEXPRESS; Database = BalloonShop; User = balloonshop; password=ecommerce" providerName="System.Data.SqlClient"/>
</connectionStrings>
<system.web>
<httpModules>
<add name="UrlRewriteModule"
type="UrlRewritingNet.Web.UrlRewriteModule, UrlRewritingNet.UrlRewriter" />
</httpModules>
<globalization requestEncoding="utf-8" responseEncoding="utf-8" culture="en-US"/>
<customErrors mode="RemoteOnly" defaultRedirect="Oops.aspx" />
<pages theme="BalloonShopDefault">
<controls>
<add src="~/UserControls/DepartmentsList.ascx" tagName="DepartmentsList" tagPrefix="BSUC"/>
</controls>
</pages>
<compilation debug="true" targetFramework="4.5" />
<httpRuntime targetFramework="4.5" />
</system.web>
</configuration>
Pls I need you lovely guys to help me out. Am really stuck. I've searched all round the internet for over 4 days in search of solution but to no avail. Thanks in anticipation.
You can checkout the following link:url-rewriting-in-Asp-Net
I'm creating a custom server control which uploads files asynchronously to the server.
This solution uses flash element that posts the files to Generic Web handler aka ashx which then saves the posted file in a desired location.
It works grate, but with this approach I do need to create ashx file in each project, potentially, to handle the posts from the flash element.
What I would like to achieve is fully encapsulated server control that will use it's own ashx (or whatever can replace it) handler to upload the files.
Is it possible to do? Any ideas would be welcome.
Thanks.
You could include the handler within the class library containing the control and then only register it in web.config using the <httpHandlers> section:
<configuration>
<system.web>
<httpHandlers>
<add verb="*"
path="upload.ashx"
type="MyControl.MyUploadHandler.New, MyControl" />
</httpHandlers>
<system.web>
</configuration>
and if you are using IIS 7 Integrated pipeline mode to the <handlers> section:
<system.webServer>
<handlers>
<add name="UploadHandler"
verb="*"
path="upload.ashx"
type="MyControl.MyUploadHandler.New, MyControl" />
</handlers>
</system.webServer>
And if you are using ASP.NET 4.0 you could checkout the PreApplicationStartMethod infrastructure which allows you to dynamically register handlers:
[assembly: WebActivator.PreApplicationStartMethod(typeof(MyControl.StartUp), "PreApplicationStart")]
i am pretty new to MVC and Routing and i was asked to modify an app to use diffrent url's.
a task that is a bit over me since i have no experience.
ok, lets talk a bit of code:
routes.MapRoute(
"CategoryBySeName", // Route name
"products/{SeName}", // URL with parameters
new { controller = "Catalog", action = "CategoryBySeName" }
);
this works as expected, but then the client wanted ".html" at the end of paths, so i changed:
"products/{SeName}", // URL with parameters
to:
"products/{SeName}.html", // URL with parameters
which fails ( IIS 404 page - MapRequestHandler)
it seems like iis is trying to load a physical file with that name instead of passing it to the application.
Similar: ASP.NET MVC Routing to start at html page (not answered, Not duplicate)
You have to force all request through the ASP.NET pipeline, and you can do that by adding only this single line to the web.config of your application:
<system.webServer>
<modules runAllManagedModulesForAllRequests="true" />
</system.webServer>
You're guess that an IIS handler is probably grabbing the request prior to MVC is likely correct.
Assuming IIS 7:
http://technet.microsoft.com/en-us/library/cc770990(v=ws.10).aspx
You need to edit the .html handler in IIS to use ASP.NET.
You can find it in the website properties under the home directory tab in app configuration in the mappings section in II6.
Something along the lines of (version may be different):
C:\windows\microsoft.net\framework\v4.0.30319\aspnet_isapi.dll is what you need to handle the .html files.
Changing the Application Pool from Classic to Integrated fixed the issue.
thank you guyz for your help.
Just add this section to Web.config, and all requests to the route/{*pathInfo} will be handled by the specified handler, even when there are dots in pathInfo. (taken from ServiceStack MVC Host Web.config example and this answer https://stackoverflow.com/a/12151501/801189)
<location path="route">
<system.web>
<httpHandlers>
<add path="*" type="System.Web.Handlers.TransferRequestHandler" verb="GET,HEAD,POST,DEBUG,PUT,DELETE,PATCH,OPTIONS" />
</httpHandlers>
</system.web>
<!-- Required for IIS 7.0 -->
<system.webServer>
<modules runAllManagedModulesForAllRequests="true" />
<validation validateIntegratedModeConfiguration="false" />
<handlers>
<add name="ApiURIs-ISAPI-Integrated-4.0" path="*" type="System.Web.Handlers.TransferRequestHandler" verb="GET,HEAD,POST,DEBUG,PUT,DELETE,PATCH,OPTIONS" preCondition="integratedMode,runtimeVersionv4.0" />
</handlers>
</system.webServer>
</location>
What kind of purpose do .axd files serve?
I know that it is used in the ASP.Net AJAX Toolkit and its controls. I'd like to know more about it.
I tried Googling for it, but could not find getting basic information.
from Google
An .axd file is a HTTP Handler file. There are two types of .axd files.
ScriptResource.axd
WebResource.axd
These are files which are generated at runtime whenever you use ScriptManager in your Web app. This is being generated only once when you deploy it on the server.
Simply put the ScriptResource.AXD contains all of the clientside javascript routines for Ajax. Just because you include a scriptmanager that loads a script file it will never appear as a ScriptResource.AXD - instead it will be merely passed as the .js file you send if you reference a external script file. If you embed it in code then it may merely appear as part of the html as a tag and code but depending if you code according to how the ToolKit handles it - may or may not appear as as a ScriptResource.axd. ScriptResource.axd is only introduced with AJAX and you will never see it elsewhere
And ofcourse it is necessary
Those are not files (they don't exist on disk) - they are just names under which some HTTP handlers are registered.
Take a look at the web.config in .NET Framework's directory (e.g. C:\Windows\Microsoft.NET\Framework\v4.0.30319\Config\web.config):
<configuration>
<system.web>
<httpHandlers>
<add path="eurl.axd" verb="*" type="System.Web.HttpNotFoundHandler" validate="True" />
<add path="trace.axd" verb="*" type="System.Web.Handlers.TraceHandler" validate="True" />
<add path="WebResource.axd" verb="GET" type="System.Web.Handlers.AssemblyResourceLoader" validate="True" />
<add verb="*" path="*_AppService.axd" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" validate="False" />
<add verb="GET,HEAD" path="ScriptResource.axd" type="System.Web.Handlers.ScriptResourceHandler, System.Web.Extensions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" validate="False"/>
<add path="*.axd" verb="*" type="System.Web.HttpNotFoundHandler" validate="True" />
</httpHandlers>
</system.web>
<configuration>
You can register your own handlers with a whatever.axd name in your application's web.config. While you can bind your handlers to whatever names you like, .axd has the upside of working on IIS6 out of the box by default (IIS6 passes requests for *.axd to the ASP.NET runtime by default). Using an arbitrary path for the handler, like Document.pdf (or really anything except ASP.NET-specific extensions), requires more configuration work. In IIS7 in integrated pipeline mode this is no longer a problem, as all requests are processed by the ASP.NET stack.
An AXD file is a file used by ASP.NET applications for handling embedded resource requests. It contains instructions for retrieving embedded resources, such as images, JavaScript (.JS) files, and.CSS files. AXD files are used for injecting resources into the client-side webpage and access them on the server in a standard way.