I have successfully setup my development environment on one machine utilizing IIS Express and Windows Authentication to essentially force a web application to use SSL. When I pulled the code down onto a secondary dev machine, I've run into all kinds of issues.
It appears that the startup URL as defined in the project properties while working on the initial dev machine needed to be resetup on the new machine. I went into the IIS Express config and made sure that anonymous authentication was disabled and Windows Auth was enabled. I also added the bindings to essentially replicate what the initial dev machine was setup as.
I then opened the web app in Visual Studio again and this time received no errors or warnings. I figured no errors meant things would be OK.... Whoops...
The app now appears to load and I'm immediately challenged for my windows credentials. I enter them, and then get re-challenged. It appears there is some kind of loop going on here.
1. What am I doing wrong?
2. Shouldn't there be a better way for distributed development and IIS Express (SSL)?
Related
I am a telecom engineer, I have studied a little bit of coding but I am not a professional, I have to develop a c# asp.net app for my company and I have some issues with debugging my app with Visual Studio 2015. I hosted my app on IIS (not IIS Express, even if I don't understand the difference), when I hit debug (with Firefox, Google Chrome...) a message of error displays where it is written:
unable to start debugging on the web server the remote server returned an error 400
I have litterally tried everything, can you please help me and give me solutions that I will understand (I am no professional), if you need a screen shot or something please let me know.
Clarifications/details (based on comments, etc.), and since "just use localhost/foo" sounds too magical:
if you're debugging on a remote web server (not your own PC), you'll have to setup the remote machine to allow such. This may or may not be feasible (not your server, etc. etc.).
Hence Visual Studio provides local debugging (Express or local IIS)
What is IIS Express?
When I want to start a project I can eather store it on IIS or IIS Express
Sure, but you'll have to know how to set things up (see links)
When I use IIS, and click on debug, I have error 400 and the browser doesnt open But When I use IIS Express and click on debug, it debugs, the browser opens and I have a 500.52 error
Set debug=true. It should give you error/exception detail(s) (also in link above)
So I am storing my project on IIS (inetpub\wwwroot...) and when I design and write my code I just press start without debug and the browser opens with my app appearing
Same as above, that just means IIS is running your app just like any other ASP.Net app. It does not automatically mean you can attach to it and debug.
While you can certainly develop that way (using /wwwroot), you'll be better off deving in your own directory, using VS/IIS Express, and publish to IIS (as simple as file system copy). You'll also learn what publish means (compiling), what in all your code is "published"/needed in live/production. If you kept deving in IIS the way you are, you'll likely not know the difference.
IIS admin is a bigger topic (multiple apps, multiple sites, and associated configuration).
I am trying to run a custom site on IIS with ASP.NET whih connects to a site on the internet which is a coding community via HttpWebRequest.
If I use the Visual Studio built-in Development Server it successfully runs and shows the result of the Request.
But as soon as I use the local IIS for running the application I get an error saying that the site (which I am trying to connect to) is refusing the connection.
But there has nothing changed right? I have not changed my code at all!
EDIT: My understanding is that the IIS and VIsual Studio's "On-The-Run" IIS are in base the same. But why are they acting so different here?
Web applications in a production environment are hosted using Microsoft's IIS web server software. In the development environment, however, the application may be hosted using IIS or the ASP.NET Development Server. Ideally, the same web server software should be used in both environments because using different software adds another variable in the mix. However, the ease of use of the ASP.NET Development Server makes it an attractive choice in the development environment. The good news is that there are only a few fundamental differences between IIS and the ASP.NET Development Server, and if you are aware of these differences you can take steps to help ensure that the application works and functions the same way regardless of the environment.
Visual studio uses IIS Express to host your application, which is a lightweight, self-contained version of IIS. It is used by developers to develop and test websites inside the same machine(localhost). The major difference between IIS and IIS express is that IIS express doesn't accept request outside the localhost. while IIS accept the web request from any another machine inside the domain. SO in order to accept request from your application you have to deploy it to IIS not IIS express.
I have a service hosted in server. The service authentication is using Windows Authentication. I want to use this service in my website development in Visual Studio 2010. When I try to add a reference it says the following error.
“Security settings for this service require Windows Authentication but it is not enabled for the IIS application that hosts this service.”
What should I do to overcome it and be able to consume the service for development?
Note: The error message is obvious. What I am looking for is the best way to overcome this.
Note: When I type the service address in Mozilla Firefox, it asks for my windows credentials -upon entering credentials it gives me the service descriptions. The problem is when I use it via Visual Studio.
If I understand you correctly, your service is already running happily and using Windows Authentication, so it requires the calling application, your web site to also be using Windows Authentication.
When you try and add a reference, VS will start your site in the background using whichever web server is defined in Project Properties. You say that you are starting your site using the built-in web server (also known as Cassini or Webdev). You need to ensure that your site is using Windows Authentication. You do this from the service's Project Properties (right-click on the root folder and select Properties). In there you will see a Web tab which has an NTLM Authentication checkbox - make sure that is checked.
Also, make sure that you use:
<system.web>
<authentication mode="Windows">
...
in your web.config.
However, if you want to use IIS itself, I assume you have it installed and know how to define a web application. Depending on which version of Windows you are running, you may or may not have IIS installed or it may not be installable (using Programs and Features from Control Panel). If you don't have IIS, you can install IIS Express from here: http://learn.iis.net/page.aspx/868/iis-express-overview/
After you have installed IIS and defined your application root, and pointed the directory to your local source folder, enable Windows (NTLM) Authentication for that web app/site. How you do that depends on which version of IIS you are running but it is normally by clicking on the Authentication icon. You probably need to disable Anonymous as well as enable Windows Authentication, so that all requests are forced into Windows authentication. For browsers that do not support automatic NTLM authentication, I also turn on Basic Forms authentication as well.
Once you have an IIS application defined, you can use that for debugging from Visual Studio instead of the built-in web server. You also do that from Project Properties by choosing 'Use Local IIS Server' and selecting the Url of the IIS site you created above. Alternatively, VS can create the IIS site definition for you if it doesn't yet exist.
Either of the above methods should ensure that when VS starts your site to add a reference, it will be using authentication, as well as at runtime. Note that you can add a reference manually, without the need for starting the site. Then you just need to make sure you have Windows authentication at runtime, as described above.
I have a C# web service that I am trying to debug in Visual Studio 2008, and when I try to run it, Internet Explorer pops-up as expected, but it just displays 'waiting for response from localhost...' in the status bar. I have left it running for a few minutes and it never responds.
I have other web services that I am able to debug fine, is VS2005 and 2008. The problem web service is impersonating a different identity in the web.config file, but I have no problems with this same user on a different web service (in VS2005).
Does anybody have any ideas on what might be preventing it from starting up? Interestingly, a colleague has the same problem with a web service that IS working on my machine, even though we are working with identical code. Something must be configured differently...
By the way, I've noticed that the 'Temporary ASP.NET Files' folder is missing from both
C:\Windows\Microsoft.NET\Framework and C:\Windows\Microsoft.NET\Framework64... I certainly haven't deleted them, and other web services debug okay, so is this just a red herring?
We are also on a domain which has its own firewall (outside of the developers' control) - could this be blocking it?
EDIT: I have just removed the user impersonation for a quick test, and it worked. So there must be something about Visual Studio 2008 that does not want to run when impersonating THIS particular user. Any ideas what configuration I would need to change to correct this?
I have had the same issues with impersonation; I don't know if Cassini (the built-in VS web server) supports this properly. About the best advice I can give is to either use Local IIS with an app pool running as your impersonated user or to attach your debugger using remote debugging to a remote IIS server.
I believe using Local IIS will attach correctly & automatically if configured as much in the Web tab of Project Properties. You'll have to run VS as an admin to get the virtual directories setup automatically by VS in IIS.
We are trying to host a WCF service via the web. We set the web.config to have the service require windows authentication. The problem we are having is the following:
When we host our service in a regular IIS, the service runs fine and there is no issues with the "Windows Authentication" mode. However, when we try to run it from our developer boxes we get the following error: "Security settings for this service require Windows Authentication but it is not enabled for the IIS application that hosts this service."
Our developers boxes are not hosting the service through the regular IIS but rather through Visual Studio's ASP.NET Development Server. We tried going into the web project properties and said to enable NTLM authentication but that still did not fix it. Does anyone know how to fix it? Does VS ASP.NET Development Server even support Windows Authentication? Is the only option for hosting the service with Windows Authentication is to use IIS and forget about ASP.NET Development Server?
In order to configure IIS Express security settings:
look for the IIS express symbol in the taskbar (system tray).
Right click and select "All Applications".
Click on the name of the site you want to change (although I believe the change is site wide)
Click on the path in the config section below (it will open the applicationhost.config file)
Search for the authentication section and make your changes
Example changes can be found here:
http://toadcode.blogspot.ca/2011/08/security-config-in-iis-express.html
ASP.Net Development Server is very limited. It only serves requests originating from the same machine that it is running on, and it will not serve files that are outside of its application scope. It is based on the Cassini server. Cassini does not support WCF web services. Documentation for ASP.Net Development Server says that it does support NTLM. If you are just browsing to a page from the local machine it should work fine unless the page is referencing an unavailable resource.
check out http://msdn.microsoft.com/en-us/library/58wxa9w5.aspx for more info.
I would install and configure IIS on your local dev machine and use that in preference to using the inbuilt webserver. To use local IIS to debug select "User Local IIS web server" on the web tab of the project properties. Using IIS rather than the inbuilt webserver also means that you can configure your app in exactly the same way as it will be configured on the production server and this will reduce the no of potential surprises when you move to the production environment.
The solution to my authorization issue was to go into the F4 project properties and set the following:
Anonymous Authentication: Disabled
Windows Authentication: Enabled
Apparently these properties update the IIS applicationHost.config directly.
http://provenstyle.com/blog/2015/10/02/Visual-Studio-2015-Windows-Authentication-And-IIS-Express/