I just want to ask if theres a way to increase the executionTimeOut of a particular page? and not the whole application?
<configuration>
<system.web>
<httpRuntime executionTimeout="90" maxRequestLength="4096" useFullyQualifiedRedirectUrl="false"
minFreeThreads="8" minLocalRequestFreeThreads="4" appRequestQueueLimit="100" />
</system.web>
</configuration>
Page.Server.ScriptTimeout = 90;
Or
use location element in config file
<configuration>
<location path="UploadPage.aspx">
<system.web>
<httpRuntime executionTimeout="90" maxRequestLength="4096" />
</system.web>
</location>
</configuration>
See To Increase Request Timeout only on particular Web Page and Increase ASP.Net timeout on a per page level
put in Web Config File
<location path="Report.aspx">
<system.web>
<httpRuntime executionTimeout="3600" maxRequestLength="10240"/>
</system.web>
</location>
Related
In my web confi file I have different locations like this
<location path="path1">
<system.web>
<httpRuntime executionTimeout="110" maxRequestLength="15000"/>
</system.web>
</location>
<location path="path2">
<system.web>
<httpRuntime executionTimeout="110" maxRequestLength="15000"/>
</system.web>
</location>
I've tried with
ConfigurationManager.GetSection("location")
but this returns null
Help me to get all location sections and read each execution timeout within the location
The script crashes over timeout. Where can I customize? I understand that in the application itself in web.config you need to register something like
<system.web>
<httpRuntime executionTimeout="10000" />
</system.web>
If I understand correctly, then I don’t understand where exactly to put this tag?
I have this structure in web.config
configuration
location
system.webServer
security
handlers
aspNetCore
You can configure this sitewide as a child of the configuration node.
https://learn.microsoft.com/en-us/dotnet/framework/configure-apps/file-schema/web/
You can also configure them with more granularity, as a child of your location node(s)
<location path="foo">
<system.web>
<!-- Set execution timeout to 6 minutes -->
<httpRuntime executionTimeout="360" />
</system.web>
</location>
I have converted a simple html WebSite to a Web Application.
And enabled forms authentication .aspx pages will require login now.
But the old .html pages can still be opened directly without login.
Must I convert all pages to .aspx or can I enforce login on .html pages as well?
Web.Config:
<?xml version="1.0" encoding="utf-8"?>
<configuration xmlns="http://schemas.microsoft.com/.NetConfiguration/v2.0">
<system.web>
<compilation debug="true" targetFramework="4.5" />
<httpRuntime targetFramework="4.5" />
<authentication mode="Forms">
<forms loginUrl="login.aspx" name=".aspxFormsAuthentication" cookieless="AutoDetect" protection="All" timeout="30" path="/" requireSSL="false" slidingExpiration="true" defaultUrl="index.html">
</forms>
</authentication>
<authorization>
<deny users="?" />
</authorization>
</system.web>
<appSettings>
<add key="ValidationSettings:UnobtrusiveValidationMode" value="None" />
</appSettings>
</configuration>
The location element didn't help.
It seems this is not possible and I indeed need to convert the pages that need login to .aspx pages.
I have successfully set up a test area on my website which is authenticated using forms auth on iis 8. I am using this in integrated mode with asp.net which as I understand should mean that with the correct web.config file I am able to make the server use the asp.net auth on everything not just URLs. If I try and navigate to a page that I haven't entered the credentials for it returns an error 403, which is what I expect. However if I put in the path of a file stored on the site exactly, it downloads the file without the need for credentials to be provided. Here is my current top level web.config:
<?xml version="1.0"?>
<configuration>
<system.web>
<compilation debug="false">
</compilation>
<authentication mode="Forms">
<forms name=".ASPXFORMSAUTH" loginUrl="default.aspx" />
</authentication>
<authorization>
<allow users="*" />
</authorization>
</system.web>
<location path="staff/test/test">
<system.web>
<authorization>
<deny users="?"/>
</authorization>
</system.web>
</location>
<system.webServer>
<modules>
<remove name="FormsAuthenticationModule" />
<add name="FormsAuthenticationModule" type="System.Web.Security.FormsAuthenticationModule" />
<remove name="UrlAuthorization" />
<add name="UrlAuthorization" type="System.Web.Security.UrlAuthorizationModule" />
<remove name="RoleManager" />
<add name="RoleManager" type="System.Web.Security.RoleManagerModule" />
<remove name="DefaultAuthentication" />
<add name="DefaultAuthentication" type="System.Web.Security.DefaultAuthenticationModule" />
</modules>
</system.webServer>
The area /staff/test/test has a word document in it. If I type www.website.com/staff/test/test/test.doc into my browser is downloads the file.
What should I change to secure that file?
Thanks for your replies. In the end it turned out to be the security permissions on the root of the website. The code I originally pasted on here worked fine I had the server\users group having read permissions where as I only needed iis_iusers having read permissions.
Thanks again
In my previous question here i was experiencing difficulties with Authenticating webservices. With the use of the WcfRestContrib library which i found here i was able to solve this issue. I build a small testapplication and the authentication works like a charm.
But while i'm implementing this in the webapplication where i want to use the webservice authentication part, i keep getting the problem that the used Forms Authentication in the webapplication keeps redirecting me to the login page.
I've got the following configuration part in the web.config of my webapplication. This is the application where i'm trying to call the service by it's url;
http://website.localhost/Services/Info.svc/account
The web.config for the website.localhost contains the following parts;
<location path="Services">
<system.web>
<authorization>
<allow users="*" />
</authorization>
</system.web>
</location>
<system.serviceModel>
<extensions>
<behaviorExtensions>
<add name="webAuthentication" type="WcfRestContrib.ServiceModel.Configuration.WebAuthentication.ConfigurationBehaviorElement, WcfRestContrib, Version=1.0.6.107, Culture=neutral, PublicKeyToken=89183999a8dc93b5"/>
<add name="errorHandler" type="WcfRestContrib.ServiceModel.Configuration.ErrorHandler.BehaviorElement, WcfRestContrib, Version=1.0.6.107, Culture=neutral, PublicKeyToken=89183999a8dc93b5"/>
<add name="webErrorHandler" type="WcfRestContrib.ServiceModel.Configuration.WebErrorHandler.ConfigurationBehaviorElement, WcfRestContrib, Version=1.0.6.107, Culture=neutral, PublicKeyToken=89183999a8dc93b5"/>
</behaviorExtensions>
</extensions>
<behaviors>
<serviceBehaviors>
<behavior name="Rest">
<webAuthentication requireSecureTransport="false" authenticationHandlerType="WcfRestContrib.ServiceModel.Dispatcher.WebBasicAuthenticationHandler, WcfRestContrib" usernamePasswordValidatorType="CMS.Backend.Services.SecurityValidator, CMS.Backend" source="CMS.Backend"/>
<errorHandler errorHandlerType="WcfRestContrib.ServiceModel.Web.WebErrorHandler, WcfRestContrib"/>
<webErrorHandler returnRawException="true" logHandlerType="CMS.Backend.Services.LogHandler, CMS.Backend" unhandledErrorMessage="An error has occured processing your request. Please contact technical support for further assistance."/>
</behavior>
</serviceBehaviors>
</behaviors>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" />
</system.serviceModel>
I'm excluding the Services directory from authentication by giving all anonymous users acces, this is the part causing problems i think.
My service (Info) contains the following attributes
[AspNetCompatibilityRequirements(RequirementsMode = AspNetCompatibilityRequirementsMode.Allowed)]
[ServiceConfiguration("Rest", true)]
public class Info : IInfo
{
//Some foo hapens
}
The web.config of the service contains this;
<system.web>
<authorization>
<allow users="*" />
</authorization>
</system.web>
Whenever i try the above supplied url to make a call to the service i'm being redirected to the login page of the website on http://website.localhost/Logon. How can i prevent this from happening? As far as i know the web.config should be correct.
--THE FINAL SOLUTION--
I modified the web.config to look like this;
<sytem.web>
//site config
</system.web>
<location inheritInChildApplications="false">
<system.web>
<authentication mode="Forms">
<forms name="AllPages" loginUrl="~/Logon/" timeout="360" enableCrossAppRedirects="false" />
</authentication>
</system.web>
</location>
I Also removed this rule from the web.config which i added in an earlier state. Apperently it conflicted with the added location tag and the web.config in the service itsself
<location path="Services" >
<system.web>
<authorization>
<allow users="*" />
</authorization>
</system.web>
</location>
You should prevent inheritance of the settings that are specified in the associated configuration section and inherited by applications that reside in a subdirectory of the relevant application.
Try to put your site "system.web" section into "location" section:
<location inheritInChildApplications="false">
<system.web>
<!-- your site system web settings -->
</system.web>
</location>
Hope it helpful.