I was given a website (coded in ASP.Net; C#, HTML, CSS, and Javascript) to maintain, and the original creators have no longer been in the company for quite some time. I wanted to move the development over to subversion to allow easy rollback/more than one developer to easily work on the files, and in the process of doing so (for an unrelated reason) the process wasn't succcessful.
I removed the version control temporarialy, and manually copied the original folder back to its original location.
Now, however, when people attempt to access the website a dialog appears requesting their username and password, and only users with administrator accounts can log into the website.
I never so much as opened the IIS manager (on a Windows 2003 server), nor are any of the files different to my knowledge, so I don't know why this change would have occured.
Anyone know what is wrong, or a path to troubleshoot?
Related
I'm developing a web application using MVC which is hosted in web server. Whenever a user accesses the application, it has to fetch the local app data folder from the clients machine.
Is there any possible way to achieve the above mentioned scenario?
I have tried using Environment.Specialfolder, but it is giving the path of web servers local data not the path of client's machine
C# :
string s = Environment.GetFolderPath(
Environment.SpecialFolder.LocalApplicationData);
Server-side code cannot just access files on client's machine. Instead, this functionality should be implemented with client-side scripts.
If you need to let your app persist some data or file on user's machine, and later read that data and send it to the server (or use it on the client), you have plenty of options in the modern browsers:
Cookies
localStorge
IndexedDB
fileSystem API, though it's not part of the standard, so be careful
Fetching an arbitrary file from user's machine is a totally different story, because it has security implications. Here your options are:
Put <input type="file"> on a page and let the user pick a file that will be uploaded to the server.
Use HTML Drag & Drop to let user drag a file onto your page
Develop an accompanying desktop application, which the users will have to install on their machines.
You may also explore the possibility of developing a browser extension, though this will give you very limited access to user's file system, AFAIK. Today the major standards are Web Extensions for mainstream browsers, and Browser Helper Objects for Internet Explorer.
I have configured the .NET SDK in Visual Studio to use IAM credentials (which are being encrypted to the app.configs such as is described here: https://docs.aws.amazon.com/sdk-for-net/v3/developer-guide/net-dg-setup.html I then wrote a call to my S3 server to get a presigned URL so I could display it in my .NET desktop app. When I run the app from my computer (through VS or by clicking the Executable) the pictures load fine from S3. When I move the bin folder files (I copy the Release directory to the 5 client computers) it doesn't work on those machines!
I've thought about trying to run an install (which has several draw backs that stem from my lack of experience creating installers). The only thing I could see this changing, is if the encryption of the IAM key uses a MAC address and the installer re-requests the IAM credentials, then it would work.
The error I get on the other PC's is: "Failed to retrieve credentials from EC2 Instance Metadata Service."
The machines are on a network whose public IP is white listed to another IAM role with FullS3 Permissions but the Group the Security Key is in also has FullS3 permissions so I wouldn't think that would matter either.
I'm more than happy to answer any other questions people have because I really want to get it going! Thank you!
I found this article about 45 minutes after posting and after reading it about 3 times I finally saw it!
"SDK Store profiles are specific to a particular user on a particular host. They cannot be copied to other hosts or other users. For this reason, SDK Store profiles cannot be used in production applications."
and "Using a Credentials File
You can also store profiles in a credentials file, which can be used by the other AWS SDKs, the AWS CLI, and Tools for Windows PowerShell. To reduce the risk of accidentally exposing credentials, the credentials file should be stored separately from any project files, usually in the user's home folder. Be aware that the profiles in a credentials files are stored in plaintext."
So the answer is I have to provide a plaintext file with the credentials and simply put it somewhere I believe to be "safe" on the clients computer, then specify that location in the app.config file.
I built a WPF C# application that map drives to the local machine. However, I'm trying to make it on website. Is it possible to do it?
I'm doing it by open cmd with Process.Start command in c# in my application.
I read about exec() function in PHP, but is it can help to reach my target or I should try something else?
In short, no you can't do what you want from a web application.
A website runs on a remote server and (rightly) has no control over the machine of the end user who views it. All that happens is the user's browser makes a request to the remote website, and the website returns some HTML (essentially HTML is just text in an agreed format) to display inside the browser. JavaScript code can run to manipulate the structure of the page within the browser, and can send/receive more data from the server.
But for security reasons the JavaScript cannot do anything which changes the state of the end-user's machine. It is caged within the browser environment. It also cannot get much useful info about the user's machine, without the user's explicit, manual consent. Think about if it could - malicious websites (or, arguably worse) malicious code injected into legitimate-looking websites) could steal information from your machine, delete files, map unwanted drives (!), change passwords etc etc - without having to ask your permission. The web would be un-usable for all practical purposes.
Motivation
We are developing an Azure website in C# ASP.NET MVC and we want to improve cooperation with our clients/admin users who optionally co-develop "content" of the website with us.
The application generates different outputs based on user defined "parameters" (plain data stored in SQL Database) interpreted trough user defined "fcs templates" ("application specific script source files" currently stored in blob storage).
We manage the C# code in a private repository (GitHub) and regularly deploy the binaries from Visual Studio via web deployment process. This works great.
We manage the "fcs templates" on another GitHub repository which is accessible also by the client and we upload them on demand of us/admin-user to blob storage, where they can be accessed from the application (cached locally in memory and maybe later in local cache/disk).
Later on, we would like to have the application checkout and use the "fcs templates" directly from GitHub as smartly as possible and based on the user web request. Possibly even to have "more working directories" to sandbox development branch separate from the master branch of the "fcs templates", so that users can test the impact of their change before they confirm it for other users of the application.
I know that thanks to Kudu, there is git installed on the VM hosting my website, and I may take the risk and try to somehow "shell git" create some working directory in "D:\home\site\wwwroot\my_fcs_branches_mess", but I want to stick as much as possible to the Microsoft "game rules" for c#.NET web app development and deployment and avoid too much of undocumented hacks. Still, I am willing to take a little risk, though, if it will look promising based on your feedback.
I want to stress out, that I am not asking for automated git deployment of the C# application, which surely is possible with kudu. I do not want the user to deploy the whole application, but only update a small subset of the user content.
The actual question
Is there a way to take advantage of git on the actual VM where my standard azure website is deployed so that our application can use for the client modifying the client content "fcs templates"?
Does someone use Git to manage not only the actual source code but also the user content of the website? How?
I finished my very first C# project in VS 2008 and it is working well now. But now I need to publish this project onto my new website. This project is a web application that interacts with my SQL Server 2008 Adventureworks database on this same computer(XP Professional OS). I am running IIS 6.0 Manager, but I am a newbie to both IIS 6.0 and VS 2008.
I began by right-clicking the application in VS and selecting "Publish", but I've just selected File System, cause choosing Local IIS forces me to enter Username and password.
The problem is that I can't open this website from IIS without it prompting me for username and password. I have modified machine.config file several times in the processModel section, by setting username="D610-M\ASPNET", password="AutoGenerate". But this makes me enter built-in password when I try to view it. And I don't know what built-in ASPNET password is. When I cancel this password popup, it returns:
HTTP 401.1 "You are not authorized to
view this page."
And I've reset the ASPNET password several times. First I tried setting it to a password I knew, then I ran the aspnet_regiis command to reinitialize it. I also tried substituting other usernames and passwords, but none of them have worked. I even tried entering "SYSTEM" for username and AutoGenerate password, but even this prompts me to enter password. I have added the ASPNET user Read/Write/List permissions to all relevant folders. And I tried to create a new website pointing to http://localhost/[AppName], but this forces me to enter password. So no getting around that password.
I have modified Properties for Default Website in IIS: Home Directory pointing to my application in VS 2008 folder and Application Protection = Low. On Directory Security tab, I set username to D610-M\IUSR_D610-M and I checked "Enable anonymous access." I unchecked the Allow IIS to control password.
And I have read alot of MS URL's and other websites to see if I could answer these problems myself, but none of their helps worked either. This should be simple. I'm just trying to add my web application to my website. I know that my website works cause I installed a default website with basic HTML and it works.
What else can I try in order to add this web app to my website?
One important limitation to remember is that you are only allowed one website on IIS6 on XP.
If you have edited your machine.config you have introduced too many new variables into the equation to properly troubleshoot the problem (not that editing machine.config in itself is harmful, but it's an indication that there's a bit of shotgun approach to the problem).
You need to start out by wiping your slate clean and making sure that you have an otherwise working system. Browsing an HTML page does not prove much as running HTML and running ASP.NET are like apples and bicycles.
The best that I know of for doing this is uninstalling and reinstalling IIS and whatever .NET framework you are on. If you are on 3.5 you should do this for both two and three point five. If you can you need to put machine.config and every version of web.config (except the one in your web app itself) back to their defaults. There is nothing there you should need to edit run an ordinary ASP.NET app.
Once you think you have a tabla rasa and can browse an html page, then change its extension to .aspx and see if you can still browse it.
My last suggestion for today is:
As a poster above said set your ACLs on the folder where your website is (typically c:\inetpub\wwwroot) so that the group "Everyone" has "Full Access". Don't leave it this way, even on your own machine, but it takes file permissions out of the equation. If you are still having problems let me know, but basically you need to start from a "known good" state if you ever hope to get this problem resolved.
I am not sure if this is it, but.... I have seen this error myself and it is usually caused by not having the ASP.NET version set to 2.0 in your Website properties under the ASP.NET tab. This setting is often defaulted to ASP.NET 1.1 which would cause this error to occur. Note, that even though you are using Visual Studio 2008 the ASP.NET Version is still needs to be 2.0 in IIS. I would double check this setting.
Usually, I recommend the initial build to be to a location in C:\ (example being C:\MyFirstApplication). You also need to make sure the "Network Service" has permissions to that folder. Placing the application in the projects (or whatever) folder in your personal documents list is asking for permissions and access issues. Try that and see if it works!
You need to set root level folder permissions on your web site. Navigate to the folder that holds your web site, right click, permissions, security tab. Make sure that you have asp.net, anonymous user, Internet Guest Account (computer\iuser_{something}) and network service in the allowed roles.
As an aside I suggest that you pre-compile your site before posting it to your web server. This is a security precaution and a performance booster. Getting into this habit will be a good thing for you in the long run. It keeps people from tweaking the code on the server. There is a good utility here to make this easier: http://www.west-wind.com/tools/aspnetcompiler.asp
I believe this is pretty much the same as the question posed by him earlier here