MVC windows authentication grayed (greyed) out in project properties - c#

I am trying to use Windows Authentication in a VS 2013, MVC 4 project that was originally done in VS2011.
It worked fine on VS2011, but when I moved to VS2013 on the same machine, using IIS 7 problems ensued.
I have windows authentication set in web.config (and anonymous authentication disabled):
<security>
<authentication>
<anonymousAuthentication enabled="false"/>
<windowsAuthentication enabled="true"/>
</authentication>
</security>
However, these attributes are grayed (greyed) out in the "f4" properties window for the VS2013 solution.
When I debug the program, I get the following error:
HTTP Error 500.19 - Internal Server Error with Error Code 0x80070021
I have tried editing C:\Windows\System32\inetsrv\config applicationHost.config per similar posts in forums, and restarting the services, but the problem still persists.
Does anyone know how to please solve this?
Thanks in advance.

What works for me is the following line in web.config -->
<system.web>
<authentication mode="Windows" />
</system.web>

It appears that upgrading an MVC project from VS 2011 to 2013 (at least if this happens) is not an easy thing to do. I finally punted and started a new VS 2013 project and imported various controllers, views, etc. into that project, which actually worked surprisingly well. If you reach this page in a search and some of the other sites with answers have been failing for you, you may wish to do likewise.

Related

IIS 10 can't read web.config (try to deploy Blazor), Error 500.19 with 0x8007000d [duplicate]

I am replicating web application deployment and found several issues related to HTTP Error 500.19. My machine is running Windows 7 while the working development is using Windows 8. We're developing our Web Application using Visual Studio 2010.
First, I got error code 0x80070021, similar as posted here.
I update my web.config according to the accepted answer and then I got following error code (which is similar as posted here).
HTTP Error 500.19 - Internal Server Error
Error Code 0x8007000d
Config Source -1: 0:
I have read the symptoms definition in Microsoft support page and cause of the error is:
This problem occurs because the ApplicationHost.config file or the Web.config file contains a malformed XML element.
and the solution is
Delete the malformed XML element from the ApplicationHost.config file or from the Web.config file.
However, the web.config that I used is working perfectly in the original development environment.
Here is what I have checked and tried so far:
Install ASP.NET by calling aspnet_regiis -i
Set my application to use different application pool (ASP.NET v4.0, .NET v4, etc)
ApplicationHost.config file is still using default from Windows 7.
This is part of my Web.Config
<system.webServer>
<section name="handlers" overrideModeDefault="Allow" />
<section name="modules" allowDefinition="MachineToApplication" overrideModeDefault="Allow" />
<validation validateIntegratedModeConfiguration="false" />
<modules runAllManagedModulesForAllRequests="true">
</modules>
<handlers>
<remove name="UrlRoutingHandler" />
<add name="ReportViewerWebControlHandler" preCondition="integratedMode" verb="*" path="Reserved.ReportViewerWebControl.axd" type="Microsoft.Reporting.WebForms.HttpHandler, Microsoft.ReportViewer.WebForms, Version=10.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
</handlers>
<urlCompression doStaticCompression="true" doDynamicCompression="false"></urlCompression>
<directoryBrowse enabled="true" />
<defaultDocument>
<files>
<add value="Logon.aspx" />
</files>
</defaultDocument>
</system.webServer>
I have read similar/duplicates/closed posts (around 13) posts in stackoverflow, tried all except the answer related to Ajax (is it related) and still have no clue on what the error is.
Does anyone one how to fix this error? (And if possible, a comprehensive lists of things need to be checked so we can reduce similar posts like this.) I am ready to provide more details.
Error 0x8007000d means URL rewriting module (referenced in web.config) is missing or proper version is not installed.
Just install URL rewriting module via web platform installer.
I recommend to check all dependencies from web.config and install them.
When trying to set up a .NET Core 1.0 website I got this error, and tried everything else I could find with no luck, including checking the web.config file, IIS_IUSRS permissions, IIS URL rewrite module, etc. In the end, I installed DotNetCore.1.0.0-WindowsHosting.exe from this page: https://www.microsoft.com/net/download and it started working right away.
Specific link to download: https://go.microsoft.com/fwlink/?LinkId=817246
Yes, for .net core apps, install dotnet hosting. This worked for me.
And here it is for .net6
And now if you need .net7
Install URL rewriting:
UPDATE - this is now available here (and works with IIS 7-10):
https://www.iis.net/downloads/microsoft/url-rewrite
Ensure you have the following set to 'Allowed' for your IIS server:
In my case, because I had reinstalled iis, I needed to register iis with dot net 4 using this command:
C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_regiis.exe -i
In my case (.Net Core Web API) for this issue HTTP Error 500.19 – Internal Server Error 0x8007000d
First download dotnet-hosting-3.0.0-preview5-19227-01-win (.Net Core 3) or dotnetcore 2 hasting windows
https://download.visualstudio.microsoft.com/download/pr/5bed16f2-fd1a-4027-bee3-3d6a1b5844cc/dd22ca2820fadb57fd5378e1763d27cd/dotnet-hosting-3.1.4-win.exe
Any .net core 3.1 application either angular or mvc application would need this.
Second install it as Administrator
Open cmd as administrator, type iisreset, press enter
So refresh your localhost app
Best regard
M.M.Tofighi from Iran
A repair of the DotNetCore hosting bundle did the trick for me. :/
Installing ASP.NET Core Runtime Hosting Bundle solved the issue for me. Source: 500.19 Internal Server Error (0x8007000d)
Kind of late to the party here, but I have just been struggling with the exact same issue (symptoms) and cursing the lack of error detail reporting.
It worked fine on IIS 8+ machines but Win 7 got these INSTANT HTTP 500.19 errors.
For me it was as silly as having an unsupported configuration element in the config file:
<applicationInitialization doAppInitAfterRestart="true">
<add initializationPage="/" />
</applicationInitialization>
So while running old web.config files worked fine, I just diffed them and started chopping away at new blocks until I got the page to start loading. Had I seen this as an answer I would have gone this route immediately as I knew none of the popular solutions were relevant. So there you go :)
I turn on .Net Framework 3.5 and 4.5 Advance Service in Control Panel->Programs and Features->Turn Windows features on or off.it work for me.
Problem solved. Here are the steps that I tried:
Enable the 32-bit application in IIS -> Application pool -> Advanced settings
Copy System.EnterpriseServices.dll and System.EnterpriseServices.Wrapper.dll from C:\Windows\Microsoft.NET\Framework\v2.0.50727 to the application bin folder
Do comments/uncomments to sections on the web.config and found that problem related to the referenced DLL.
The config that I commented the previous one that I added:
<section name="handlers" overrideModeDefault="Allow" />
<section name="modules" allowDefinition="MachineToApplication" overrideModeDefault="Allow"/>
Add the required FasterFlect.DLL used by Combres.DLL v2.1.0.0 to the application bin folder (shall download the full zip from Combres codeplex, because the required fasterflect DLL V2.0.3732.24338 cannot be found in fasterflect codeplex) and other DLLs. For convinience, use the full Combres.DLL (1,3MB)
Check that the DLL versions and public key tokens are configured correctly in web.config using tool, e.g. .NET Reflector
I understand that this error can occur because of many different reasons. In my case it was because I uninstalled WSUS service from Server Roles and the whole IIS went down. After doing a bit of research I found that uninstalling WSUS removes a few dlls which are used to do http compression. Since those dlls were missing and the IIS was still looking for them I did a reset using the following command in CMD:
appcmd set config -section:system.webServer/httpCompression /-[name='xpress']
Bingo! The problem is sorted now. Dont forget to run it as an administrator. You might also need to do "iisreset" as well. Just in case.
Hope it helps others.
Cheers
For me, it was all about setting up my web server to use the latest-and-greatest tech to support my ASP.NET 5 application!
The following URL gave me all the tips I needed:
https://docs.asp.net/en/1.0.0-rc1/publishing/iis-with-msdeploy.html
Hope this helps :)
I had this problem with a brand new web service. Solved it by adding read-only access for Everyone on Properties->Security for the folder that the service was in.
I had the exact same error. It turned out that it was something was caused by something completely, though. It was missing write permissions in a cache folder. But IIS reported error 0x8007000d which is wildly confusing.
I have the same problem when I was trying to publish asp.net core 5.0 web app on my local IIS and the solution was to add the following inside System.webserver tag in my web.config file
<applicationInitialization doAppInitAfterRestart="true">
<add initializationPage="/" />
</applicationInitialization>
Reinstalling ASP.NET Core Runtime - Windows Hosting Bundle Installer made the trick for me... I belive the "ASP.NET Core Module" was missing.
For me I had a web.config file in one my root folders, this config file was for the live server so removing it allowed the site to run on the dev server.
So check for any web.config files in folders too.
In my case, i have installed dotnet hosting but error change to HTTP Error 503. The service is unavailable, but after install windows update KB2999226 and dotnet sdk, its work!
follow the procedure chronologically or it might fail due to missing or errors in redirecting.
install Runtime bundle e.g.. dotnet-sdk-7.0....
2.turn asp services on and internet services"Turn Windows features on or off" to enable IIS
3.install web hosting bundle iis 7.0 e.g dotnet-hosting-7.0.2...
this worked for me

'The controller for path '/favicon.ico' was not found...' error

We're building an ASP.NET MVC 4 app in Visual Studio 2015. The app uses Elmah.MVC for exception handling. We're three developers; for two of us it's working fine on localhost, but one developer is getting this error (captured by Elmah):
The controller for path '/favicon.ico' was not found or does not implement IController.
This post provides a solution, and I've modified the routes to include it and the developer in question has synced his code:
routes.IgnoreRoute("{*favicon}", new { favicon = #"(.*/)?favicon.ico(/.*)?" });
Now nothing shows up in Elmah but the user continues to see a generic error:
500 - Internal server error.
There is a problem with the resource you are looking for, and it cannot be displayed.
What could be going on? Thanks.
Update 1: Ripped out the Elmah stuff from Web.config and just had the developer load the app. It gets into an infinite loop trying to authenticate the user, similar to this.
We're using OWIN-MixedAuth, and the issue is more than likely on the IIS Express settings. I'll have the developer try it tomorrow and confirm:
Highlight the project in Visual Studio
Open the 'Properties' panel on the right (or press F4)
Set 'Windows Authentication' to 'Enabled'
Set 'Anonymous Authentication' to 'Enabled'
As the name suggests, it's mixed auth, so both types of authentication have to be enabled.
Update 2: The OWIN-Mixed Auth issue has been fixed. Now, it has something to do with these three HTTP modules in Web.config used by Elmah:
<httpModules>
<add name="ErrorLog" type="Elmah.ErrorLogModule, Elmah" />
<add name="ErrorMail" type="Elmah.ErrorMailModule, Elmah" />
<add name="ErrorFilter" type="Elmah.ErrorFilterModule, Elmah" />
</httpModules>
When we comment them out, the one developer is able to get onto the site. What do these modules do? Why would they cause a problem?
Finally resolved the issue. We had to make two changes:
We're using OWIN-MixedAuth, and part of the issue was on the IIS Express settings (under "Development Server" section):
Highlight the project in Visual Studio
Open the 'Properties' panel on the right (or press F4)
Set 'Windows Authentication' to 'Enabled'
Set 'Anonymous Authentication' to 'Enabled'
Another part of the issue: a corrupted applicationhost.config file used by IIS Express:
Ensure you're showing hidden files in Windows Explorer.
Go to the root of your project via Windows Explorer.
Open the hidden .vs folder.
Go to config > applicationhost.config, make a backup, and open it in Notepad (Notepad++ is better).
Compare it to a working applicationhost.config file from one of our machines. We found lots of old sites that were listed in the config file which were not being used anymore.
Once cleaned up, launched the app and it worked.
Add this to your global.asax file.
routes.IgnoreRoute("favicon.ico");

Site unavailable while service status is 'running'

I recently updated my project to use SDK 2.0 and tried to publish it to staging environment. Visual studio reported success but there is nothing at the site generated URL, just a "webpage not available" or whatever is the default browser message for not existing URLs. In Azure management portal however the status is RUNNING and there is even some curve in CPU percentage chart. I updated all references in my role project to be the same as in blank new azure project for 2.0 sdk version, the only new references are added by 'Identity and Access tool' for OAuth purposes. Can anyone tell me what can be possibly wrong or how can i figure this out myself? I enabled diagnostics, but it shows 0 errors in every tab. Of course everything runs fine in my local environment
upd: my problem was actually quite simple: something went wrong with port forwarding and i had to add :8080 to url explicitly, so i removed all of my endpoints and added just a simple port 80 one with no internal port set. The accepted answer pointed me the way to discover this problem
Visual Studio and Azure Management Portal only report that the server is up and running. They have no way of knowing if there is an actual issue with the code or deployment.
Webpage not available is not the same as 404 nor is it the same as dns not found. Webpage not available usually means a server error of some kind. Most likely some .DLL's are missing from deployment
If you are running on WebRoles, you can RDP into the server and look into the Windows Event viewer to see if any errors occur
Alternatively, you can turn off custom errors via web.config (check this link out for sample directions: http://www.serverintellect.com/support/programming/custom-errors.aspx )
At the end of the day, you need to find out what is the real cause of the issue
Make sure you have the following in your web.config. Mine is added just before the line
<customErrors defaultRedirect="GenericError.htm" mode="Off">
<error statusCode="500" redirect="InternalError.htm" />
</customErrors>
If you are using web.config transforms and have a web.debug.config you add the following code to it:
<customErrors mode="Off" defaultRedirect="GenericError.html" xdt:Transform="Replace">
<error statusCode="500" redirect="InternalError.htm"/>
</customErrors>
You still have to make sure you have a custom errors section in your web.config for the replace to happen.

ASP.NET website pages not reflecting recent changes

I have been working on a new intranet site for a few weeks now, and everything has worked as expected. If I made any changes whatsoever (added raw text, new controls, etc) to my .aspx pages, and then tested them in VS(F5), all changes would be reflected immediately in the browser. Anything as simple as adding a <br> tag or as complex as adding a set of nested controls would show up upon a debug restart.
Earlier today, everything was working. Then I decided I wanted to play around a bit with some of the AjaxControlToolkit goodies. I ended up installing the SP1 Update 2 for VS that was released today (http://www.microsoft.com/en-us/download/details.aspx?id=38188) while I was at it, as well as updating NuGet and installing the AjaxControlToolkit from there.
I added a couple tools, including a ScriptManager and an UpdatePanel, and everything worked as I expected. I then went to make a few changes, and added a second ScriptManager accidentally. When I went to debug/run, it of course failed because you cannot have more than one on a page, so I removed the extra one and ran again. It again gave the same failure. I went through and made sure I didn't accidentally add another one somewhere, did a search on all files in my project and it was the only instance of it, so I commented it out and ran it again. Same thing. I tried a few things and ended up restarting IIS and VS and then the page behaved as expected.
Since that point, any changes I make in ANY of my files in the project no longer update without exiting IIS and restarting it. New, very basic aspx or html files in the project do the same thing. I then reverted to the restore point before updating VS, and used a backup of my site from earlier in the day before I added the AjaxControlToolkit, and still, the problem persists.
What is going on here? I feel like its related to the VS update, but that doesn't really seem to make sense. I can't see such a major bug being overlooked? Why isn't IIS serving the updated page?
Ctrl+F5 in browser does not reflect changes. Rebuild of entire solution does not reflect changes. Closing and reopening browser does not reflect changes. Changing my web.config does not reflect changes. Creating a brand new empty web site and the problem persists. Change to Visual Studio Development Server instead of IIS, problem persists.
The only way I have found to force the correct, updated page to serve correctly is to "Stop Site" in IIS and then restart, which is simply way too much of a hassle to check minor changes to anything in my page.
I am using Visual Studio 2012 Express, IIS Express, .NET 4.0, C# code-behind, files are on an intranet file system (mapped to x:), separate from my actual production hosting server.
Just in case (though I don't think it matters since the problem is now occurring even with a fresh web site) here is my web.config (which is very basic):
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<system.web>
<compilation debug="true" targetFramework="4.0" />
<customErrors mode="Off" />
<httpRuntime />
<pages>
<controls>
<add tagPrefix="ttw" src="~/Controls/CustomerInformation.ascx" tagName="CustInfo" />
<add tagPrefix="ttw" src="~/Controls/CircuitInformation.ascx" tagName="CktInfo" />
</controls>
</pages>
</system.web>
<system.webServer>
<httpProtocol>
<customHeaders>
<add name="X-UA-Compatible" value="IE=EmulateIE9" />
</customHeaders>
</httpProtocol>
</system.webServer>
</configuration>
Any suggestions would be greatly appreciated, and I hope a solution will aid others who may be experiencing the same issue after this most recent update.
Sounds like a permissions issue. Either the mapped network drive is using credentials that don't have adequate permissions or the IIS app pool identity doesn't have permissions to the folder.

401 Unauthorized: Access is denied due to invalid credentials

I am using IIS Express to deploy MVC4 application. This website runs perfectly on same computer. But in Lan it gives me error 401.
<authentication mode="Forms">
<forms loginUrl="~/" slidingExpiration="true" timeout="20">
</forms>
</authentication>
In home controller
[HttpPost]
[AllowAnonymous]
public ActionResult Index(LoginModel model, string returnUrl)
{
}
I am starting IIS server from command prompt in Administrator mode. IIS responds to the request with error 401.
Any clue?
I realize this is an older post but I had the same error on IIS 8.5. Hopefully this can help another experiencing the same issue (I didn't see my issue outlined in other questions with a similar title).
Everything seemed set up correctly with the Application Pool Identity, but I continued to receive the error. After much digging, there is a setting for the anonymous user to use the credentials of the application pool identity or a specific user. For whatever reason, mine was defaulted to a specific user. Altering the setting to the App Pool Identity fixed the issue for me.
IIS Manager → Sites → Website
Double click "Authentication"
Select Anonymous Authentication
From the Actions panel, select Edit
Select Application pool Identity and click ok
Hopefully this saves someone else some time!
If you're using IIS 7 do something like this:
Select your site.
Click on error pages.
Edit feature settings.
Select detailed errors.
Make sure that you enabled anonymous authentication on iis like this:
In case anyone is still looking for this, this solved the problem for us:
To whoever this may help, this saved my life...
IIS 7 was difficult for figuring out why i was getting the 401 - Unauthorized: Access is denied due to invalid credentials... until i did this...
Open IIS and select the website that is causing the 401
Open the "Authentication" property under the "IIS" header
Click the "Windows Authentication" item and click "Providers"
For me the issue was that Negotiate was above NTLM. I assume that there was some kind of handshake going on behind the scenes, but i was never really authenticated. I moved the NTLM to the top most spot, and BAM that fixed it.
Here is the link where this was found.
I had this issue on IIS 10. This is how I fixed it.
Open IIS
Select The Site
Open Authentication
Edit Anonymous Authentication
Select Application Pool Identity
I realize its an old question, but this came up in my searches. Had a similar issue for an MVC application recently built, deployed for the first time, and Authentication mechanism wasn't completely hashed out.
It wasn't an IIS setting in my case, it was a Controller that was not [AllowAnonymous] decorated. I was using a Render.Action/Html.Action in a Layout.cshtml and the User was unauthenticated. So the Layout tried to load an Authenticated Action in an UnAuthenticated context.
Once I updated the action to AllowAnonymous, the problem went away, and this is what led me to it.
Hope this helps someone.
I faced this error when I created an empty project with the MVC folders and then deployed the application to the server. My issue was that I didn't define the authentication in Web.config, so all I had to do was add this line to a system.web tag.
<system.web>
<authentication mode="None"/>
</system.web>
I faced similar issue.
The folder was shared and Authenticated Users permission was provided, which solved my issue.
I had a similar issue today. For some reason, my GET request was fine, but PUT request was failing for my WCF WebHttp Service
Adding the following to the Web.config solved the issue
<system.web>
<authentication mode="Forms" />
</system.web>
i faced the same issue under IIS 8.5. A working solution for me was changing the IIS to display detailled errors. See answer from sna2stha. But i think it is not a good idea to forward detailed error messages to browsers in production enviroments.
I added/changed the existingResponse attribute in the httpErrors-Section, so the IIS not handled any extisting Asp.net Response:
<system.webServer>
<httpErrors existingResponse="PassThrough" />
</system.webServer>
This works for me.
In my case, what made it work was changing the Anonymous User identity from Specific user (IUSR) to Application Pool Identity. Weird enought because other sites are using the specific user IUSR and work fine.
As so many answers have demonstrated, the error might be caused by a variety of reasons. In my case it was connected to authorization rules: they were added much later after the application was deployed. This feature of IIS is turned on as a Windows component (World Wide Web Services->Security->URL Authorization).
This particular section inside web.config was to blame:
<system.webServer>
<security>
<authorization>
<remove users="*" roles="" verbs="" />
<add accessType="Deny" users="?" />
<add accessType="Deny" users="user1,user2" />
<add accessType="Allow" users="*" />
</authorization>
</security>
</system.webServer>
Thus the record for users="?" blocked access to a path with anonymous authentication too since it inherited the rules by default. However, in IIS you can go to a particular folder/file that should be accessed anonymously and choose Authorization Rules:
Here it's possible to overwrite the rules locally by removing the old one and optionally adding the allowed rule instead to make it more explicit:
Right click on the main directory where the project files are located.
Properties-> Security-> Edit-> Add-> type IIS_IUSRS and click on "Check Names" button.
The result will look like ComputerUsername\IIS_IUSRS
For example: DESKTOP-M0R6PVF\IIS_IUSRS
and then click on "Ok" button.
I had a slightly different problem. The credential problem was for the underlying user running the application, not the user trying to login. One way to test this is to go to IIS Management -> Sites -> Your Site -> Basic Settings -> Test Settings.
I had a permissions issue to a website and just couldn't get Windows authentication to work. It was a folder permissions rather than ASP.NET configuration issue in the end and once the Everyone user was granted permissions it started working.
You can press F4 on the web project to get the "Project Properties" window.
Then make sure Anonymous Authentication is Enabled in the "Development Server" section:
In my case,
My application is developed in MVC and my home controller class was decorated with [Authorize] which was causing this issue.
So I've removed it because my application don't require any authentication.

Categories

Resources