I created a service that has a database connection which is working fine in Cassini, when in copy the service to the inetpub all works fine except database calls, they always return this error:
The server encountered an error processing the request. See server logs for more details."
Now i have 2 questions,
I can find server logs in my C:\inetpub\logs\LogFiles\W3SVC1 folder. But are these the ones mentioned because these do not seem to contain any usefull data.
How is it possible that everything works in Cassini but not in IIS?
If there are any questions about my question please go ahead!
Edit I am using Visual studio team system 2008 and IIS 7.0
This is normally a permissions problem.
If you are using defaults:
The connection string is using a trusted connection
When you run via cassini you are in the security context of your user
When you run via IIS you are in the security context of the identity of the application pool which is network service.
To fix it you could:
change the connection string
change the identity of the application pool
give network service access to your database
Run Visual Studio as administrator
My guess is permissions. Are you using Windows authentication?
In the case of Windows authentication:
http://www.codeguru.com/csharp/.net/net_security/authentication/article.php/c7725
Related
I have am creating a restful API application in c#.net. When I compile my application in debug or release mode through iisexpress. It works as expected. I can use fiddler and pass the corresponding arguments in the "GET" like the user credentials and it will connect and get a respond of 200 (http://localhost:49917/v2/Carriers). When I publish my application and deploy it in IIS (http://api.test1.net/v2/Carriers). IIS is install the same computer where I compile my application. Then, I use fiddler and pass the argument necessary I get a respond of 503. I am not sure why is not working. My application pools is the following setting:
.Net CLR Version: v4.0
Managed Pipeline Mode: Integrated
Identity: LocalService (I have tried also ApplicationPoolIdentity)
When I publish my application I use the following publish method: "File System".
I have added the IP Address and the host name in the Host file (windows/system32/drivers/etc/). I am not sure why is not working.
What makes visual studio different in debug/release mode to work as expected from publish version?
I wanted to let you guys know that I did what you guys recommended and I figure the answer. I need to add a new user in the SQL Server Database.
"Accessing Database under IIS APPPOOL\ASP.NET v4.0
As we are using ASP.NET v4.0 App Pool make sure IIS APPPOOL\ASP.NET v4.0 is added to your Database Server -> Security -> Logins."
After I added this new user "IIS APPPOOL\api.test1.net" the api get request with fiddler works as expected with a 200 respond. "api.test1.net" is the name of my application pool in IIS.
Thank you for all your recommendation.
I have an ASP.NET application, that connects to a mysql database. If on the server I run the web site in visual studio (which uses development server), it can connect to the mysql database correctly.
However, if on that same server I use IIS, an exception 'Unable to connect to any of the specified MySQL hosts' is thrown. It is configured to use an application pool with identity as 'ApplicationPoolIdentity'.
Connection string is like:
<add name="MYSQLConnectionString" connectionString="uid=name;server=111.11.111.111;Pwd=password;database=dbname" providerName ="MySql.Data.MySqlClient"/>
What could be the problem?
When your debugging with Visual Studio the account is local admin and has rights to everything most likely. The IIS default application pool account does not have these elevated privileges. Make sure the account that your IIS site application pool is running under has the correct permissions, or temporarily change the account to be local system to see if it is a permssions related issue. You can use FileMon to trace what files or registry entries the default account is having trouble accessing.
[EDIT]
Most likely you installed MySQL to someplace like C:\MySQL and you just need to grant the IIS application pool account read access to that directory, and possibly a registry entry or two.
The site was not installed in the root, but as an application in the default web site. If we run it as the root site, it works. Don't know why exactly though.
I have a C# web service that I am trying to debug in Visual Studio 2008, and when I try to run it, Internet Explorer pops-up as expected, but it just displays 'waiting for response from localhost...' in the status bar. I have left it running for a few minutes and it never responds.
I have other web services that I am able to debug fine, is VS2005 and 2008. The problem web service is impersonating a different identity in the web.config file, but I have no problems with this same user on a different web service (in VS2005).
Does anybody have any ideas on what might be preventing it from starting up? Interestingly, a colleague has the same problem with a web service that IS working on my machine, even though we are working with identical code. Something must be configured differently...
By the way, I've noticed that the 'Temporary ASP.NET Files' folder is missing from both
C:\Windows\Microsoft.NET\Framework and C:\Windows\Microsoft.NET\Framework64... I certainly haven't deleted them, and other web services debug okay, so is this just a red herring?
We are also on a domain which has its own firewall (outside of the developers' control) - could this be blocking it?
EDIT: I have just removed the user impersonation for a quick test, and it worked. So there must be something about Visual Studio 2008 that does not want to run when impersonating THIS particular user. Any ideas what configuration I would need to change to correct this?
I have had the same issues with impersonation; I don't know if Cassini (the built-in VS web server) supports this properly. About the best advice I can give is to either use Local IIS with an app pool running as your impersonated user or to attach your debugger using remote debugging to a remote IIS server.
I believe using Local IIS will attach correctly & automatically if configured as much in the Web tab of Project Properties. You'll have to run VS as an admin to get the virtual directories setup automatically by VS in IIS.
I made a site using VS10 Ultimate [ASP.NET] and when I build & run it runs the severer locally, while I want to test it for security issues via Linux.
How can I run it globally ?
Thank you!
Your development machine probably has IIS installed. Copy the code or the compiled code to the web root of this installation. If you want to put it on another computer, then that will need to have IIS, relevant version of .Net installed.
It would also help if you can setup your local DNS to resolve the name for your computer within the LAN setup so that you can reache the machine using a name rather than the IP.
This will allow you to test the security issues that are client side. For Server side security issues, you will need to create a server in your LAN that is configured similar to the actual server where you would be hosting your site.
You need to set up the site in IIS Server installed in your Windows machine to run it locally
See the links to learn more:
http://www.beansoftware.com/ASP.NET-Tutorials/Set-Up-IIS-ASP.NET.aspx
http://support.microsoft.com/kb/323972
You need an ASP.NET hosting service.
We are trying to host a WCF service via the web. We set the web.config to have the service require windows authentication. The problem we are having is the following:
When we host our service in a regular IIS, the service runs fine and there is no issues with the "Windows Authentication" mode. However, when we try to run it from our developer boxes we get the following error: "Security settings for this service require Windows Authentication but it is not enabled for the IIS application that hosts this service."
Our developers boxes are not hosting the service through the regular IIS but rather through Visual Studio's ASP.NET Development Server. We tried going into the web project properties and said to enable NTLM authentication but that still did not fix it. Does anyone know how to fix it? Does VS ASP.NET Development Server even support Windows Authentication? Is the only option for hosting the service with Windows Authentication is to use IIS and forget about ASP.NET Development Server?
In order to configure IIS Express security settings:
look for the IIS express symbol in the taskbar (system tray).
Right click and select "All Applications".
Click on the name of the site you want to change (although I believe the change is site wide)
Click on the path in the config section below (it will open the applicationhost.config file)
Search for the authentication section and make your changes
Example changes can be found here:
http://toadcode.blogspot.ca/2011/08/security-config-in-iis-express.html
ASP.Net Development Server is very limited. It only serves requests originating from the same machine that it is running on, and it will not serve files that are outside of its application scope. It is based on the Cassini server. Cassini does not support WCF web services. Documentation for ASP.Net Development Server says that it does support NTLM. If you are just browsing to a page from the local machine it should work fine unless the page is referencing an unavailable resource.
check out http://msdn.microsoft.com/en-us/library/58wxa9w5.aspx for more info.
I would install and configure IIS on your local dev machine and use that in preference to using the inbuilt webserver. To use local IIS to debug select "User Local IIS web server" on the web tab of the project properties. Using IIS rather than the inbuilt webserver also means that you can configure your app in exactly the same way as it will be configured on the production server and this will reduce the no of potential surprises when you move to the production environment.
The solution to my authorization issue was to go into the F4 project properties and set the following:
Anonymous Authentication: Disabled
Windows Authentication: Enabled
Apparently these properties update the IIS applicationHost.config directly.
http://provenstyle.com/blog/2015/10/02/Visual-Studio-2015-Windows-Authentication-And-IIS-Express/