I have two production web servers that are load balanced and that sit in a DMZ. I have a form that needs to open another form based on certain criteria. One of the servers works fine and gives the full authority name ie, "host.n.n.com". The other prod server only returns "host" and as a result the page cannot be found. Here's the code i'm using:
urlString.Append(url.Scheme);
urlString.Append("://");
urlString.Append(url.Authority);
urlString.Append("/somedir/anotherdir/");
urlString.Append(formName + ".aspx");
server 1(working) comes back with http://host.n.n.com/somedir/anotherdir/formName.aspx
server 2(broke) comes back with http://host/somedir/anotherdir/formName.aspx
IIS appears to be onfigured the same across both servers.
Thanks in advance for any help
The Authority property comes from the request itself.
If the request from the user is made from 'host.n.n.com' or 'host' This is what the property will reflect. You can test this locally by using http://localhost/yoursite/page.aspx vs http://yourcomputername/yoursite/page.aspx. The same page will return 'localhost` and 'yourcomputername' respectively.
Why not make the URL a configuration setting?
Related
I have to implement reverse proxy setup in my local system. I have two website and in first website i have content and second website have empty forlder, I have one website example - www.nawaz-data.com and it has main content. and I have another website example - www.nawaz-proxy.com which is empty folder .
Requirement :
Need how do i setup for reverse proxy. When i request to www.nawaz-proxy.com than it should be redirect to www.nawaz-data.com where i have actual website content. I have tried to setup inbound and outbound rule but unable to get result it shows : HTTP Error 403.14 - Forbidden as this domain has no content, i want to redirect this url to another url where content has stored.
I have installed IIS windows 10
I have installed URL Rewrite
I have installed Application Request Routing Cache - in that I have enable proxy setting
According to your description, I suggest you could try to use below steps to add the reverse proxy rules.
1.Open the IIS mangement console, locate the right web site and click the url rewrite
2.Click the Add rule and select reverse proxy.
3.Add the servername op IP in below window, for example: www.nawaz-data.com. Notice: you should make sure your server could access the "www.nawaz-data.com" directly by using brower. If you couldn't access it ,you should use server's ip address directly.
I'm facing a really weird scenario here with my local IIS. I have hosted multiple sites in the default website in my local IIS. One of them has the login page. From the login page, I'm redirecting the user to another page that is located in another site (which is also hosted in the same IIS inside default website virtual directory).
Now in the submit button click event of my login page, after authenticating the user, I have written a "Response.Redirect(redirect_url)". the redirect_url is being formed dynamically and given as a parameter to the Redirect method.
While debugging, the final redirect_url that is being sent as parameter to Redirect method is:
http://localhost/CP/web/console/console.aspx?sk=3e3cc1a8-73c4-4945-b3f8-08af22ea4324.50008
But after I try to go to the next step, I'm suddenly getting a HTTP 404 error saying that the resource doesn't exist and I have observed that Requested URL shown in the error page is different that what was dynamically sent to the Response.Redirect(...) method.
In the error page, the requested url shows the value as
http://localhost/CP/web/console/localhost/CPLogin?err=5
whereas my actual requested url formed in the code is:
http://localhost/CP/web/console/console.aspx?sk=3e3cc1a8-73c4-4945-b3f8-08af22ea4324.50008
I'm just unable to understand why the requested url is getting changed automatically.! Also, I observe that "localhost" is being appended to the requested URL again which is not what is supposed to happen.
Please visit THIS link[^] to understand this question more clearly. I have added screen shot of the error page.
http://amoghnatu.wordpress.com/2013/09/16/question-please-help-iis-throwing-http-404-not-found-but-requested-resource-actually-exists-requested-url-also-changing-automatically/[^]
Thanks a lot.!
Indeed, the problem was with the way I had hosted the sites in my application. I just removed all the sites related to my application from IIS and then hosted all of them again much more carefully. This resolved the "wrong redirect url" problem.
Also, I had some tables with missing required data because of which I was getting the error code.
So after I got all the tables filled with the required data and also after properly hosting the application in IIS, my problem got resolved.
In IIS, go to relevant folder, right click and "browse". Check out what is the URL. In most cases, this is due to the URL should have port number appended. For instance it will be something like :
http://localhost:<port number>/CP/web/console/console.aspx?sk=3e3cc1a8-73c4-4945-b3f8-08af22ea4324.50008
instead of
http://localhost/CP/web/console/console.aspx?sk=3e3cc1a8-73c4-4945-b3f8-08af22ea4324.50008
I am getting 401 unauthorized error . My web service is written in mvc . in IIS configured to use windows authentication.
Below is screen shot of fiddler
When I hit URL from browser it gives me popup window to enter user name and password.
How can I avoid popup window?
I am calling this web api from another window service.
I suspect that the two web services may be hosted on the same server. In this case, the problem may be caused by the loopback check. In order to test, try referencing the service without using the fully qualified domain name and see if it works. If it does, use the following steps to specify which host names are on the local computer.
Method 1: Specify host names (Preferred method if NTLM authentication is desired) (https://support.microsoft.com/en-us/help/926642/)
To specify the host names that are mapped to the loopback address and can connect to Web sites on your computer, follow these steps:
Set the DisableStrictNameChecking registry entry to 1. For more information about how to do this, click the following article number to view the article in the Microsoft Knowledge Base: 281308 Connecting to SMB share on a Windows 2000-based computer or a Windows Server 2003-based computer may not work with an alias name
Click Start, click Run, type regedit, and then click OK.
In Registry Editor, locate and then click the following registry key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0
Right-click MSV1_0, point to New, and then click Multi-String Value.
Type BackConnectionHostNames, and then press ENTER.
Right-click BackConnectionHostNames, and then click Modify.
In the Value data box, type the host name or the host names for the sites that are on the local computer, and then click OK.
Quit Registry Editor, and then restart the IISAdmin service.
https://learn.microsoft.com/en-gb/archive/blogs/sharepoint_foxhole/disableloopbackcheck-lets-do-it-the-right-way
**Edited to be in the form of an answer and include detailed steps from referenced links
If you are using WebClient you need to set the Credientials. How are you calling the web api from the windows service?
My 2 cents: I faced a scenario where we were baffled by an HTTP 401 when requesting an image when the web application was deployed. We use WiX as our packaging and install solution.
In this specific case, the image wasn't being packaged by the installer and hence the path did nor exist on the deployed instance.
One may wonder why this threw a 401 when a 404 (not found) would have been expected - my understanding is that since our path was not directly under the root but something like root/content/images/image.png, and I made an anonymous request, I got a 401 (unauthorized) as I did not have the access to browse the directory. I confirmed this by adding an Authorization header to my request and then as expected I got a 404.
You can specify the username and password as part of the URL:
http://username:password#www.example.com/foo/bar/baz
Note: Just because you can doesn't mean you should. While this can be a temporary solution to test things, I would not suggest doing this in production. And in the old days, this is how we did it. But as #DiskJunky points out, "URLs are easily visible to pretty much anything/anyone" which includes your browser history, server logs, and perhaps worse.
I added below lines in web config to fix the issue and it worked.
<security>
<authorization>
<add accessType="Allow" users="*" />
</authorization>
</security>
I have a custom Sharepoint 2010 web part that runs the user through a series of steps in a registration process. At each step, when whatever required input is completed, the user clicks the Continue button which is a standard server side button control. The code behind does some validation and DB updates before calling Response.Redirect which refreshes the same page with updated session data.
(Note: the session data is kept in the URL as an encrypted query string parameter, not by the conventional Session object)
This solution works fine in my single server test environment, but as soon as I deploy it to a load balanced stage or production environment some requests simply time out without receiving a response after clicking Continue (ERR_TIMED_OUT).
The Webpart log shows that the webpart is in fact calling Response.Redirect with a valid URL
This is no server resource issue. The timeout can be set to a minute or more, no response is received.
Only happens when deployed to load balanced servers
Everything works fine when I complete a registration on one of the load balanced servers - which leads me to believe there is a problem with load balancing and server sessions. I know that when interacting with a load balanced web application from one of the server nodes in the NLB, all requests will go to that particular server.
I know I have faced a similar issue before, but it is several years ago and I cannot remember what the solution was.
try
{
// get clean URL without query string parameters
string url;
if (string.IsNullOrEmpty(Request.Url.Query))
url = Request.Url.AbsoluteUri;
else
url = Request.Url.AbsoluteUri.Replace(Request.Url.Query, "");
// add encrypted serialized session object
url += "?" + Constants.QueryStringParameterData + "=" + SessionData.Serialize(true);
_log.Info("Redirecting to url '" + url + "'..");
Response.Redirect(url);
}
catch (Exception) { }
OK, the problem has been resolved.
It turned out to be UAG that was doing something in the background, and the way I discovered it was that the links that triggered the postbacks got changed from
http://some_url.com/sites/work/al2343/page.aspx
to
http://some_other_url.domain.com/uniquesigfed6a45cdc95e5fa9aa451d1a37451068d36e625ec2be5d4bc00f965ebc6a721/uniquesig1/sites/work/al2343/page.aspx
(Take note of the "uniquesig" in there)
This was the URL the browser actually tried to redirect to, but because of whatever the issue was with UAG the navigation froze.
I don't know how they fixed it, but at least the problem was not in my component.
One possibility that Request.Url is how particular server sees the url (something like http://internalServer44/myUrl) instead of externally visible load-balanced Ulr (like http://NlbFarmUrl/myUrl).
In case of SharePoint it will be better to use SPContext.Current.Site/Web properties to get base portion of Url since this Urls should already be in externally visible form.
Say I have a remote page accessed through http://www.mypage.com/test.aspx. On that page I use the code Request.ServerVariables["HTTP_HOST"].ToString(). Is it possible that when I access the page the code can return a different url than that which I see in the url bar which is http://www.mypage.com/test.aspx? Any help would be appreciated. Thanks.
You could see any name that IIS has bound to your web instance. So, if your server is called "server1" and the IP address is 123.123.123.123 and all three of those are bound to your instance of IIS, you could see any of those values.
To look up what names are bound, open "Internet Information Services (IIS) Manager" (start, Administration tools), expand the tree till you see your sites. Find the one you are using. Right-click and choose "Bindings". Edit each of the bindings in the list. If they all say [IP address:] "All Unassigned", then your HTTP_HOST could be 1. the WWW address that you have configured via DNS, 2. the machine name 3. the IP address(es).
try to use:
HttpContext.Current.Request.ServerVariables["SERVER_NAME"]
i hope that this will be work.
I was also facing the issue with HttpContext.Current.Request.ServerVariables["HTTP_HOST"] and figured it out. The best way to retrieve the hostname is "HttpContext.Current.Request.Url.Host". It resovled my issue.
Thanks,
Raj
It is possible, yes. A isapi_rewrite module could modify the value of HTTP_HOST before your own code is able to inspect it.
Someone has already mentioned local rewriters (isapi_rewrite), but there are also remote ones, like an ISA Server publishing your server. It's a configuration thingie to send original host headers (what the client entered), or the ones entered in the publishing settings.