I have a service hosted in server. The service authentication is using Windows Authentication. I want to use this service in my website development in Visual Studio 2010. When I try to add a reference it says the following error.
“Security settings for this service require Windows Authentication but it is not enabled for the IIS application that hosts this service.”
What should I do to overcome it and be able to consume the service for development?
Note: The error message is obvious. What I am looking for is the best way to overcome this.
Note: When I type the service address in Mozilla Firefox, it asks for my windows credentials -upon entering credentials it gives me the service descriptions. The problem is when I use it via Visual Studio.
If I understand you correctly, your service is already running happily and using Windows Authentication, so it requires the calling application, your web site to also be using Windows Authentication.
When you try and add a reference, VS will start your site in the background using whichever web server is defined in Project Properties. You say that you are starting your site using the built-in web server (also known as Cassini or Webdev). You need to ensure that your site is using Windows Authentication. You do this from the service's Project Properties (right-click on the root folder and select Properties). In there you will see a Web tab which has an NTLM Authentication checkbox - make sure that is checked.
Also, make sure that you use:
<system.web>
<authentication mode="Windows">
...
in your web.config.
However, if you want to use IIS itself, I assume you have it installed and know how to define a web application. Depending on which version of Windows you are running, you may or may not have IIS installed or it may not be installable (using Programs and Features from Control Panel). If you don't have IIS, you can install IIS Express from here: http://learn.iis.net/page.aspx/868/iis-express-overview/
After you have installed IIS and defined your application root, and pointed the directory to your local source folder, enable Windows (NTLM) Authentication for that web app/site. How you do that depends on which version of IIS you are running but it is normally by clicking on the Authentication icon. You probably need to disable Anonymous as well as enable Windows Authentication, so that all requests are forced into Windows authentication. For browsers that do not support automatic NTLM authentication, I also turn on Basic Forms authentication as well.
Once you have an IIS application defined, you can use that for debugging from Visual Studio instead of the built-in web server. You also do that from Project Properties by choosing 'Use Local IIS Server' and selecting the Url of the IIS site you created above. Alternatively, VS can create the IIS site definition for you if it doesn't yet exist.
Either of the above methods should ensure that when VS starts your site to add a reference, it will be using authentication, as well as at runtime. Note that you can add a reference manually, without the need for starting the site. Then you just need to make sure you have Windows authentication at runtime, as described above.
Related
I have a ASP.NET website, developed by a freelancer. After developing the website, he directly uploaded the website to my domain. Now, how can I host that website locally on my computer?
I dont have any experience in ASP.NET, however I do know HTML5 and CSS3. Looking at the files, I noticed they are all .cshtml files.
Any help would be great. I have the login credentials of Plesk.
Thanks in advance
You need to use IIS.
To do this, assuming you are on Windows, you need to enable it under the 'Windows Features' setting screen as below:
Check the 'World Wide Web Services' option, and also 'IIS Management Console' under the 'Web Management Tools' section.
After it installs, you will have a new program in your start menu, called 'Internet Information Services (IIS) Manager'.
This is where you setup and configure any local websites. There will already be a default website set up, which you can use, or you can create a new one by right clicking on 'Sites' in the tree on the left, and selecting 'Add Website':
Assuming you just use the default, you will need to copy your application to C:\inetpub\wwwroot\. You will then be able to access this by pointing your browser to http:\\localhost or http:\\127.0.0.1.
Assuming you are working with Windows, you will need to install an IIS on your machine. IIS is a part of Window's features, you can try installing it under:
Control Panel > Program and features > Turn windows features On / Off > Internet Information Services.
In some versions of windows, IIS is not available. In that case, you will need to download IISExpress.
After that - Configure a new website under your IIS, and point the website to the directory in your computer which has the project.
Read more here:
Installing IIS
Setting up a website
I have successfully setup my development environment on one machine utilizing IIS Express and Windows Authentication to essentially force a web application to use SSL. When I pulled the code down onto a secondary dev machine, I've run into all kinds of issues.
It appears that the startup URL as defined in the project properties while working on the initial dev machine needed to be resetup on the new machine. I went into the IIS Express config and made sure that anonymous authentication was disabled and Windows Auth was enabled. I also added the bindings to essentially replicate what the initial dev machine was setup as.
I then opened the web app in Visual Studio again and this time received no errors or warnings. I figured no errors meant things would be OK.... Whoops...
The app now appears to load and I'm immediately challenged for my windows credentials. I enter them, and then get re-challenged. It appears there is some kind of loop going on here.
1. What am I doing wrong?
2. Shouldn't there be a better way for distributed development and IIS Express (SSL)?
UPDATED - pointed to the wrong directory at first. Thanks for the tip Wiktor. Still not succeeded in running the MVC4 application via
I am trying (for a while now.. :)) to set up a simulated multi tenant webapp on my development PC. I learned that this is not possible with visual studio's internal webserver, so I am trying to set up IIS.
I added the fake tenants in my hosts.
127.0.0.1 localhost
127.0.0.1 tenant1.mydomain.com
127.0.0.1 tenant2.mydomain.com
In IIS I made a new website test(port 8081), and just pointed it to C:\Azure\Websites\. In that directory I added a Hello World html file to see if this bit works.
I navigated to localhost:8081 => Hello world
I navigated to tenant1.mydomain.com:8081 => Hello world.
Cool, first proof of life.
Next step: getting this working with a MVC4 webapp created in VS2012.
I started a new MVC4 webapp and stored it in:
C:\Azure\Websites\MvcApplication1
I just use the default generated website for the test, so I pressed F5 and verified the site is opened in firefox. So the goal is to get this working from IIS.
Created a new website test2 (port 8082)
Set test2 app pool to .net4.0
Point the physical directory to C:\Azure\Websites\MvcApplication1\MvcApplication1\
Navigate to localhost:8082
HTTP Error 500.21 - Internal Server Error
Handler "ExtensionlessUrlHandler-Integrated-4.0" has a bad module "ManagedPipelineHandler" in its module list
Uninstalled ASP.NET and reinstalled it again. Same results.
when I change web.config from
preCondition="classicMode,runtimeVersionv4.0,bitness32"
to
preCondition="integratedMode,runtimeVersionv4.0,bitness32"
Then I get this error:
HTTP Error 404.2 - Not Found
The page you are requesting cannot be served because of the ISAPI and CGI Restriction list settings on the Web server.
Can I stress the fact that I am a n00b regarding IIS configuration... :)
Any ideas?
ISAPI and CGI Restictions in IIS:
Add isapi dll for .net 4 32bit
Add isapi dll for .net 4 64bit
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_isapi.dll
C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_isapi.dll
And it works. Finally!
Thanks Wiktor
First configure IIS according this site:
IIS 7.5 handler "extensionlessurlhandler-integrated-4.0" has a bad module "managedpipelinehandler" in its module list
For the above issue, you must go to Control Panel >> Installed Programs and Features >> Repair your .NET Framework by double clicking on it.
first configure IIS as
Manual configuration
Open your Control Panel and click Programs and Features » Turn Windows features on or off.
Turn on Internet Information Services.
Under Internet Information Services, turn on the following features:
Web Management Tools » IIS 6 Management Compatibility » IIS Metabase and IIS 6 configuration compatibility.
Web Management Tools » IIS Management Console, IIS Management Scripts and Tools, and Management Service.
Under World Wide Web Services, turn on the following:
All features under Application Development features, except Server-Side Includes.
Common HTTP Features » Default Document, Directory Browsing, HTTP errors, Http Redirection, Static Content.
Security » Basic Authentication, Request Filtering, Windows Authentication.
Under Microsoft .NET Framework 3.5.1 » Windows Communication Foundation HTTP Activation.
After you have created your website, open the Internet Information Services (IIS) Manger.
Expand your server node.
Expand Sites node and click your website.
In section IIS on the right, double-click Authentication.
Perform one of the following:
If you are using Forms authentication, make sure Anonymous Authentication and Forms Authentication are enabled and all other authentications are disabled.
If you are using Claims-based authentication, make sure only Anonymous Authentication is enabled and all other authentications are disabled.
Click your website again and in IIS section, double-click Handler Mappings.
Make sure you have enabled handler mappings for *.svc and *.xamlx with executable path set to one of the following:
For 64-bit OS: %windir%\Microsoft.NET\Framework64\v4.0.30319\aspnet_isapi.dll
For 32-bit OS: %windir%\Microsoft.NET\Framework\v4.0.30319\aspnet_isapi.dll
Close the Internet Information Services (IIS) Manger.
I have a C# web service that I am trying to debug in Visual Studio 2008, and when I try to run it, Internet Explorer pops-up as expected, but it just displays 'waiting for response from localhost...' in the status bar. I have left it running for a few minutes and it never responds.
I have other web services that I am able to debug fine, is VS2005 and 2008. The problem web service is impersonating a different identity in the web.config file, but I have no problems with this same user on a different web service (in VS2005).
Does anybody have any ideas on what might be preventing it from starting up? Interestingly, a colleague has the same problem with a web service that IS working on my machine, even though we are working with identical code. Something must be configured differently...
By the way, I've noticed that the 'Temporary ASP.NET Files' folder is missing from both
C:\Windows\Microsoft.NET\Framework and C:\Windows\Microsoft.NET\Framework64... I certainly haven't deleted them, and other web services debug okay, so is this just a red herring?
We are also on a domain which has its own firewall (outside of the developers' control) - could this be blocking it?
EDIT: I have just removed the user impersonation for a quick test, and it worked. So there must be something about Visual Studio 2008 that does not want to run when impersonating THIS particular user. Any ideas what configuration I would need to change to correct this?
I have had the same issues with impersonation; I don't know if Cassini (the built-in VS web server) supports this properly. About the best advice I can give is to either use Local IIS with an app pool running as your impersonated user or to attach your debugger using remote debugging to a remote IIS server.
I believe using Local IIS will attach correctly & automatically if configured as much in the Web tab of Project Properties. You'll have to run VS as an admin to get the virtual directories setup automatically by VS in IIS.
We are trying to host a WCF service via the web. We set the web.config to have the service require windows authentication. The problem we are having is the following:
When we host our service in a regular IIS, the service runs fine and there is no issues with the "Windows Authentication" mode. However, when we try to run it from our developer boxes we get the following error: "Security settings for this service require Windows Authentication but it is not enabled for the IIS application that hosts this service."
Our developers boxes are not hosting the service through the regular IIS but rather through Visual Studio's ASP.NET Development Server. We tried going into the web project properties and said to enable NTLM authentication but that still did not fix it. Does anyone know how to fix it? Does VS ASP.NET Development Server even support Windows Authentication? Is the only option for hosting the service with Windows Authentication is to use IIS and forget about ASP.NET Development Server?
In order to configure IIS Express security settings:
look for the IIS express symbol in the taskbar (system tray).
Right click and select "All Applications".
Click on the name of the site you want to change (although I believe the change is site wide)
Click on the path in the config section below (it will open the applicationhost.config file)
Search for the authentication section and make your changes
Example changes can be found here:
http://toadcode.blogspot.ca/2011/08/security-config-in-iis-express.html
ASP.Net Development Server is very limited. It only serves requests originating from the same machine that it is running on, and it will not serve files that are outside of its application scope. It is based on the Cassini server. Cassini does not support WCF web services. Documentation for ASP.Net Development Server says that it does support NTLM. If you are just browsing to a page from the local machine it should work fine unless the page is referencing an unavailable resource.
check out http://msdn.microsoft.com/en-us/library/58wxa9w5.aspx for more info.
I would install and configure IIS on your local dev machine and use that in preference to using the inbuilt webserver. To use local IIS to debug select "User Local IIS web server" on the web tab of the project properties. Using IIS rather than the inbuilt webserver also means that you can configure your app in exactly the same way as it will be configured on the production server and this will reduce the no of potential surprises when you move to the production environment.
The solution to my authorization issue was to go into the F4 project properties and set the following:
Anonymous Authentication: Disabled
Windows Authentication: Enabled
Apparently these properties update the IIS applicationHost.config directly.
http://provenstyle.com/blog/2015/10/02/Visual-Studio-2015-Windows-Authentication-And-IIS-Express/