In my project, I use windows authentication for auditing purposes (rather than logging in), so I know who has made certain changes. The variable used to access the usernames is User.Identity.Name and I have also made sure to set up my web.config file correctly:
<system.web>
<authentication mode="Windows" />
</system.web>
This all worked fine, but I have recently published my project to a live server and for some reason it has stopped seeing the usernames (it now logs a blank string instead), even though it worked on my local machine. Any idea what I may have missed to make this work on a live server? It still works with no problems on my local machine.
Related
2 Situations here of permissions and access:
Cannot Read Configuration File due to Insufficient permissions
This has happening on every single VM instance of Windows Server V. 2019 standard Build 17763.rs5
Solution One by many obfuscated answers in this website: change the Application Pool settings in Advance settings, Identity to LocalSystem: Server responds to provide the basic pages, But no layouts, css, no images, Nothing, Pure HTML served at the end and Modules not even signalled (thank you VS Debugger for telling me this 10 times in a row)
Solution deux Use Windows Security ownership and add the role of the IIS and the other variants that server other roles, NOPE, nothing. also probably security risk.
Situation 2
My Workstation had replicated same deployment process from ASP.NET MVC template from visual studio 2019 and application ran fine. Once.
I had a deployed WebApp in my local machine workstation with the Default template for ASP.NET in Framework (not core, I see you there dude), and the IIS module built, worked fine, did it is purpose. and Only worked in my workstation and my final goal is to be it deployable on other machines... UNTIL:
Cannot add modules to Website Templates made in ASP.NET (Framework)
After that IIS does not allow me to do anything,some Roslyn something in some answers but that didn't work, but were mostly manual removal of it to make it work, which doesn't fit to make a deployment to many computers at once in few clicks (not my choice).
Did my VS updated something? or IIS? Why my regular setup worked just few days ago and now Nothing, even from scratch cant do it's purpose,
Any Ideas? Questions to my questions?
I am doing URL to image conversion using HiQPDF. The conversion works on localhost. It also works on AWS when the hosted application is opened from browser. It doesn't work on other environments like my personal computer and another machine where I am logging in using VPN, on any browser. ConvertURLToImage(url) throws this error -
"Navigation error. The remote server closed the connection before the entire reply was received and processed."
I don't think it has got to do with any IIS settings otherwise it wouldn't have worked on AWS.
I have added the following in Web.Config for access to my URL -
<location path="export/execReportDashlets">
<system.web>
<authorization>
<allow users="?" />
</authorization>
</system.web>
</location>
I just ran into the same "Navigation error..." message while trying to generate a PDF. We are using version 8.10 of the HiQPdf software, which is working fine for some connections and has started failing for others. After digging into the issue I believe our problems are related to SSL/TLS connections. On our newer servers we don't allow anything below TLS 1.1, if we relax those rules the connections are successful. I upgraded HiQPdf to version 10.17 and ran some tests. Connections using the updated component are working fine with our newer server configuration. There doesn't appear to be any mention of updates having to do with secure connections on their site though and both versions are using the same runtime version. I have a support request in with them to confirm, but I think upgrading will fix the issue for us.
Maybe relevant, maybe not, depends on the request.
Update:
HiQPdf support got back to me with the following:
The latest version should work with TLS 1.1 and 1.2. You can try the latest version in demo mode if you don’t set a serial number.
We have an application which is developed using MVC3 and .Net framework 4.0. To prevent HTTP Verb Tampering, we have included below code in application's web.config file. In local machine given fix was working as expected and returns 401 unauthorized code.
<authorization>
<allow verbs="GET" users="*" />
<allow verbs="POST" users="*" />
<deny verbs="*" />
</authorization>
When we deployed the same code, test result returns 202 OK. So the fix is not working. Is there any way around that we can fix this issue?
Are you are working with the "Play" button on Visual Studio? Is this using a IIS Express or are you really "deploying" that to an IIS WebAPP on your local machine?
I usually do not use the "Play" button when I am developing for IIS, specially when I am developing for a specif IIS Server. When that happens, I try to have the same IIS Server configuration on my machine and create a WebApp pointing to my Dev folder to test it.
If you are having trouble to config your web.config, I would use the IIS visual tools, check the modifications made on the web.config and commit that.
Please note that there are some differences in the configuration in the ASP.NET side and on the IIS side:
Please check this website:
https://learn.microsoft.com/en-us/iis/manage/configuring-security/understanding-iis-url-authorization
And refer to these notes:
Differences Between ASP.NET URL Authorization and IIS URL Authorization
There are small but important differences between ASP.NET UrlAuthorization and IIS URL Authorization.
ASP.NET Url Authorization is installed when you install ASP.NET on top of IIS.
This refers to IIS 7.0
Even though several configurations are compatible between one IIS to another, some specific changes might apply.
I have successfully setup my development environment on one machine utilizing IIS Express and Windows Authentication to essentially force a web application to use SSL. When I pulled the code down onto a secondary dev machine, I've run into all kinds of issues.
It appears that the startup URL as defined in the project properties while working on the initial dev machine needed to be resetup on the new machine. I went into the IIS Express config and made sure that anonymous authentication was disabled and Windows Auth was enabled. I also added the bindings to essentially replicate what the initial dev machine was setup as.
I then opened the web app in Visual Studio again and this time received no errors or warnings. I figured no errors meant things would be OK.... Whoops...
The app now appears to load and I'm immediately challenged for my windows credentials. I enter them, and then get re-challenged. It appears there is some kind of loop going on here.
1. What am I doing wrong?
2. Shouldn't there be a better way for distributed development and IIS Express (SSL)?
It works on localhost, but finds no default document on the webserver and complains about directory browsing being disabled. IIS7 on both, and both websites/app pools seem to be configured identically.
I've used the web api template in VS2012, which doesn't actually have any views. It only has an Index controller action in the HomeController.
Any ideas on why this could produce different behavior in the two environments?
So this addition to my web.config:
<system.webServer>
<modules runAllManagedModulesForAllRequests="true" />
<system.webServer>
fixed the problem. It seems to be required in the web.config for IIS7 on Windows 2008 Server, but not for IIS7 on Windows 7.
I had a user trying to publish a MVC4 application on IIS7 getting this error, it turned out it was because the user had set the application pool to use .Net 2 instead of .Net 4. Instead of getting an error indicating this though they received the above error, and it was only when we added the above module the real issue was uncovered.