I finished my very first C# project in VS 2008 and it is working well now. But now I need to publish this project onto my new website. This project is a web application that interacts with my SQL Server 2008 Adventureworks database on this same computer(XP Professional OS). I am running IIS 6.0 Manager, but I am a newbie to both IIS 6.0 and VS 2008.
I began by right-clicking the application in VS and selecting "Publish", but I've just selected File System, cause choosing Local IIS forces me to enter Username and password.
The problem is that I can't open this website from IIS without it prompting me for username and password. I have modified machine.config file several times in the processModel section, by setting username="D610-M\ASPNET", password="AutoGenerate". But this makes me enter built-in password when I try to view it. And I don't know what built-in ASPNET password is. When I cancel this password popup, it returns:
HTTP 401.1 "You are not authorized to
view this page."
And I've reset the ASPNET password several times. First I tried setting it to a password I knew, then I ran the aspnet_regiis command to reinitialize it. I also tried substituting other usernames and passwords, but none of them have worked. I even tried entering "SYSTEM" for username and AutoGenerate password, but even this prompts me to enter password. I have added the ASPNET user Read/Write/List permissions to all relevant folders. And I tried to create a new website pointing to http://localhost/[AppName], but this forces me to enter password. So no getting around that password.
I have modified Properties for Default Website in IIS: Home Directory pointing to my application in VS 2008 folder and Application Protection = Low. On Directory Security tab, I set username to D610-M\IUSR_D610-M and I checked "Enable anonymous access." I unchecked the Allow IIS to control password.
And I have read alot of MS URL's and other websites to see if I could answer these problems myself, but none of their helps worked either. This should be simple. I'm just trying to add my web application to my website. I know that my website works cause I installed a default website with basic HTML and it works.
What else can I try in order to add this web app to my website?
One important limitation to remember is that you are only allowed one website on IIS6 on XP.
If you have edited your machine.config you have introduced too many new variables into the equation to properly troubleshoot the problem (not that editing machine.config in itself is harmful, but it's an indication that there's a bit of shotgun approach to the problem).
You need to start out by wiping your slate clean and making sure that you have an otherwise working system. Browsing an HTML page does not prove much as running HTML and running ASP.NET are like apples and bicycles.
The best that I know of for doing this is uninstalling and reinstalling IIS and whatever .NET framework you are on. If you are on 3.5 you should do this for both two and three point five. If you can you need to put machine.config and every version of web.config (except the one in your web app itself) back to their defaults. There is nothing there you should need to edit run an ordinary ASP.NET app.
Once you think you have a tabla rasa and can browse an html page, then change its extension to .aspx and see if you can still browse it.
My last suggestion for today is:
As a poster above said set your ACLs on the folder where your website is (typically c:\inetpub\wwwroot) so that the group "Everyone" has "Full Access". Don't leave it this way, even on your own machine, but it takes file permissions out of the equation. If you are still having problems let me know, but basically you need to start from a "known good" state if you ever hope to get this problem resolved.
I am not sure if this is it, but.... I have seen this error myself and it is usually caused by not having the ASP.NET version set to 2.0 in your Website properties under the ASP.NET tab. This setting is often defaulted to ASP.NET 1.1 which would cause this error to occur. Note, that even though you are using Visual Studio 2008 the ASP.NET Version is still needs to be 2.0 in IIS. I would double check this setting.
Usually, I recommend the initial build to be to a location in C:\ (example being C:\MyFirstApplication). You also need to make sure the "Network Service" has permissions to that folder. Placing the application in the projects (or whatever) folder in your personal documents list is asking for permissions and access issues. Try that and see if it works!
You need to set root level folder permissions on your web site. Navigate to the folder that holds your web site, right click, permissions, security tab. Make sure that you have asp.net, anonymous user, Internet Guest Account (computer\iuser_{something}) and network service in the allowed roles.
As an aside I suggest that you pre-compile your site before posting it to your web server. This is a security precaution and a performance booster. Getting into this habit will be a good thing for you in the long run. It keeps people from tweaking the code on the server. There is a good utility here to make this easier: http://www.west-wind.com/tools/aspnetcompiler.asp
I believe this is pretty much the same as the question posed by him earlier here
Related
I've got an MVC site that i've published to a remote server running IIS, but I've got a problem with the site where I can upload documents to a folder (on that server, within the site header folder) via the site, but I get an "Access is denied" error whenever I try to read that same document.
At first I thought it may have been a simple permissions problem, but I checked the security on the folder and it's showing full control to domain users on it, and when I run the project locally through Visual Studio I can open it up without any problems.
I assumed it may be something to do with the context of the site running under IIS, but I don't know if the changes need to be made in IIS or on the folder permissions themselves.
Can someone help?
EDIT
I'm opening the file using Process.Start like:
System.Diagnostics.Process.Start("FilePath");
EDIT 2
I've edited the app pool that the site is running on and set it to allow the process to interact with the desktop, but this has not worked. I have also tried setting the App Pool to load the user profile based on suggestions I found elsewhere but that has not worked either. The only other suggestion i've found is to set the App Pool identity to "Local System", but people have said this is a security risk so I don't want to do this unless necessary.
I'm running a web application developed on ASP.NET; C# and SQL Server 2008; on Local Host on a Network.
It is showing an error 500.19 for some Permissions...
Can anyone help me out to solve this and run my website on localhost without hosting it online.....Have a look, What's the error is...
It might be the issue of permissions for the directory/files for your application.
Make sure you have given the full permission to the users types that will be accessing the application.
For adding/editing permissions, you can navigate to the concerned folder and right click on it, selec properties and then go to security tab wherein you can edit the permissions of existing users as well as add new users with specific permissions.
Also, if you have your application hosted on IIS, there is also an option for changing permissions which will again, open the folder for you and you will have to follow the same steps as mentioned above.
Hope this helps.
Such issue occurs when, some wrong or duplicate element added in web.config file.
Verify your web.config file.
Also confirm execute version of virtual directory (32 Bit / 64 Bit)
I have created a new website and published it (via Visual Studio) to Azure.
Initially, everything worked fine.
But, after republishing the website a few times, the website stopped responding - i.e. it shows a "Server not found" error in Firefox or "This page can't be displayed" in IE).
Now, any new website I publish shows the same error. (Here's a basic test site I published, so you can see the message: http://www.test-website.azurewebsites.net)
The previously published websites are still working; it is just new websites that are failing.
Does anyone know why this would be happening?
Additional Info:
The website was created using Visual Studio 2012 C# ASP MVC .NET 4.5
The websites are using Microsoft's 'Free' pricing tier.
There are a total of 3 websites on the Azure account.
Claies brought this up in a comment, and I'll take it a step further. Your link should not start with www. when you're visiting a .azurewebsites.net domain.
If you're just typing this, then that's the issue.
On the other hand, given that you're asking this, I'm wondering whether maybe your configuration file is a bit messed up in VS. When you run the publish wizard, try going back a couple pages to the page with the textboxes, and double-check that none of those refer to the www. version. If they do, simply drop that.
That settings shouldn't affect the publish itself, but it will determine which URL to go to when publishing completes, so you'll definitely want to get that fixed if it is wrong, or else this will just keep happening.
I was given a website (coded in ASP.Net; C#, HTML, CSS, and Javascript) to maintain, and the original creators have no longer been in the company for quite some time. I wanted to move the development over to subversion to allow easy rollback/more than one developer to easily work on the files, and in the process of doing so (for an unrelated reason) the process wasn't succcessful.
I removed the version control temporarialy, and manually copied the original folder back to its original location.
Now, however, when people attempt to access the website a dialog appears requesting their username and password, and only users with administrator accounts can log into the website.
I never so much as opened the IIS manager (on a Windows 2003 server), nor are any of the files different to my knowledge, so I don't know why this change would have occured.
Anyone know what is wrong, or a path to troubleshoot?
Running into a problem where on certain servers we get an error that the directory name is invalid when using Path.GetTempFileName. Further investigation shows that it is trying to write a file to c:\Documents and Setting\computername\aspnet\local settings\temp (found by using Path.GetTempPath). This folder exists so I'm assuming this must be a permissions issue with respect to the asp.net account.
I've been told by some that Path.GetTempFileName should be pointing to C:\Windows\Microsoft.NET\Framework\v2.0.50727\temporaryasp.net files.
I've also been told that this problem may be due to the order in which IIS and .NET where installed on the server. I've done the typical 'aspnet_regiis -i' and checked security on the folders etc. At this point I'm stuck.
Can anyone shed some light on this?
**Update:**Turns out that providing 'IUSR_ComputerName' access to the folder does the trick. Is that the correct procedure? I don't seem to recall doing that in the past, and obviously, want to follow best practices to maintain security. This is, after all, part of a file upload process.
This is probably a combination of impersonation and a mismatch of different authentication methods occurring.
There are many pieces; I'll try to go over them one by one.
Impersonation is a technique to "temporarily" switch the user account under which a thread is running. Essentially, the thread briefly gains the same rights and access -- no more, no less -- as the account that is being impersonated. As soon as the thread is done creating the web page, it "reverts" back to the original account and gets ready for the next call. This technique is used to access resources that only the user logged into your web site has access to. Hold onto the concept for a minute.
Now, by default ASP.NET runs a web site under a local account called ASPNET. Again, by default, only the ASPNET account and members of the Administrators group can write to that folder. Your temporary folder is under that account's purview. This is the second piece of the puzzle.
Impersonation doesn't happen on its own. It needs to be turn on intentionally in your web.config.
<identity impersonate="true" />
If the setting is missing or set to false, your code will execute pure and simply under the ASPNET account mentioned above. Given your error message, I'm positive that you have impersonation=true. There is nothing wrong with that! Impersonation has advantages and disadvantages that go beyond this discussion.
There is one question left: when you use impersonation, which account gets impersonated?
Unless you specify the account in the web.config (full syntax of the identity element here), the account impersonated is the one that the IIS handed over to ASP.NET. And that depends on how the user has authenticated (or not) into the site. That is your third and final piece.
The IUSR_ComputerName account is a low-rights account created by IIS. By default, this account is the account under which a web call runs if the user could not be authenticated. That is, the user comes in as an "anonymous".
In summary, this is what is happening to you:
Your user is trying to access the web site, and IIS could not authenticate the person for some reason. Because Anonymous access is ON, (or you would not see IUSRComputerName accessing the temp folder), IIS allows the user in anyway, but as a generic user. Your ASP.NET code runs and impersonates this generic IUSR___ComputerName "guest" account; only now the code doesn't have access to the things that the ASPNET account had access to, including its own temporary folder.
Granting IUSR_ComputerName WRITE access to the folder makes your symptoms go away.
But that just the symptoms. You need to review why is the person coming as "Anonymous/Guest"?
There are two likely scenarios:
a) You intended to use IIS for authentication, but the authentication settings in IIS for some of your servers are wrong.
In that case, you need to disable Anonymous access on those servers so that the usual authentication mechanisms take place. Note that you might still need to grant to your users access to that temporary folder, or use another folder instead, one to which your users already have access.
I have worked with this scenario many times, and quite frankly it gives you less headaches to forgo the Temp folder; create a dedicated folder in the server, set the proper permissions, and set its location in web.config.
b) You didn't want to authenticate people anyway, or you wanted to use ASP.NET Forms Authentication (which uses IIS's Anonymous access to bypass checks in IIS and lets ASP.NET handle the authentication directly)
This case is a bit more complicated.
You should go to IIS and disable all forms of authentication other than "Anonymous Access". Note that you can't do that in the developer's box, because the debugger needs Integrated Authentication to be enabled. So your debugging box will behave a bit different than the real server; just be aware of that.
Then, you need to decide whether you should turn impersonation OFF, or conversely, to specify the account to impersonate in the web.config. Do the first if your web server doesn't need outside resources (like a database). Do the latter if your web site does need to run under an account that has access to a database (or some other outside resource).
You have two more alternatives to specify the account to impersonate. One, you could go to IIS and change the "anonymous" account to be one with access to the resource instead of the one IIS manages for you. The second alternative is to stash the account and password encrypted in the registry. That step is a bit complicated and also goes beyond the scope of this discussion.
Good luck!
I encountered this error while diagnosing a console app that was writing in temp files. In one of my test iterations I purged all the files/directories in temp for a 'clean-slate' run. I resolved this self inflicted issue by logging out and back in again.
Could be because IIS_WPG does not have access to a temp folder. If you think it is a permission issue, run a Procmon on asp.net worker process and check for AccessDenied errors.
I was having the same problem with one of my ASP.Net applications. I was getting Path.GetTempPath() but it was throwing an exception of:
"Could not write to file "C:\Windows\Temp\somefilename", exception: Access to the path "C:\Windows\Temp\somefilename" is denied."
I tried a few suggestions on this page, but nothing helped.
In the end, I went onto the web server (IIS server) and changed permissions on the server's "C:\Windows\Temp" directory to give the "Everyone" user full read-write permissions.
And then, finally, the exception went away, and my users could download files from the application. Phew!
You can use Path.GetTempPath() to find out which directory to which it's trying to write.