I'm trying to expose an existing RIA service with SOAP and JSON.
In the web.config, serviceModel section, I've put:
<system.serviceModel>
<domainServices>
<endpoints>
<add name="OData" type="System.ServiceModel.DomainServices.Hosting.ODataEndpointFactory, System.ServiceModel.DomainServices.Hosting.OData, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
<add name="Soap" type="Microsoft.ServiceModel.DomainServices.Hosting.SoapXmlEndpointFactory, Microsoft.ServiceModel.DomainServices.Hosting, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
<add name="Json" type="Microsoft.ServiceModel.DomainServices.Hosting.JsonEndpointFactory, Microsoft.ServiceModel.DomainServices.Hosting, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
</endpoints>
</domainServices>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" />
In MyDomainService there is:
[Query(IsDefault=true)]
public IEnumerable<UserItem> GetUsers()
{
return this.ObjectContext.Users;
}
I've tried the following URLs:
http://10.0.0.191:27070/Manager-Web-MyDomainService.svc/GetUsers
http://10.0.0.191:27070/Manager-Web-MyDomainService.svc/Soap/GetUsers
http://10.0.0.191:27070/Manager-Web-MyDomainService.svc/Json/GetUsers
http://10.0.0.191:27070/Manager-Web-MyDomainService.svc/OData/GetUsers
and I get just blank pages.
I've enabled tracing and in the log I see the warning "Configuration evaluation context not found".
Anybody who can help me with this?
Thanks in advance,
Cheers,
Gianluca.
Ok, I've sorted out almost everything. My configuration was correct. Problems were elsewhere. Let me share my findings:
First of all, I've found out that OData requires a '/' at the end of the URL. Also, I was wrongly thinking that it is necessary to recall the service URL with at the end the name of the method. Something like: http:///oData/. It turned out that by calling just http:///oData/ I was getting all the expected data.
At the contrary, Json does not want the trailing '/'. A correct URL is like: http:///Json/. This time it's been necessary to indicate the method. I'm also starting to understand better the meaning of the attributes Query, Invoke, etc. An INVOKE-decorated method is exposed as JSON only if it has the property HasSideEffect=false.
I am still having trouble exposing the same methods via SOAP. If someone wants to contribute and help me out, please feel free to add more info here. I'll post more information as soon as I get further results.
Cheers,
Gianluca.
Related
I have a very frustrating NServiceBus problem that I cannot seem to figure out. I am hoping that you guys can shed some light on the situation.
I am currently using NServiceBus.Core v5.0 and NServiceBus.Host v6.0 and running it in Unobtrusive Mode.
It seems that no matter what configuration I use, I always get some kind of error. I will start with the configuration that produces the least problems:
Case 1 - Using custom assembly scanning:
public void Customize(BusConfiguration configuration)
{
var endpointName = typeof(EndpointConfig).Namespace;
configuration.SetUniqueHostId(endpointName);
configuration.UseSerialization<JsonSerializer>();
configuration.UsePersistence<NHibernatePersistence, StorageType.Outbox>();
configuration.AssembliesToScan(new List<Assembly>
{
GetType().Assembly,
typeof(ICustomCommand).Assembly
});
configuration.Conventions()
.DefiningCommandsAs(type => typeof(ICustomCommand).IsAssignableFrom(type));
configuration.EnableDurableMessages();
configuration.EnableInstallers();
var container = ContainerInitializer.Container;
configuration.UseContainer<AutofacBuilder>(c => c.ExistingLifetimeScope(container));
}
The issues I have noticed here are the following:
When starting the NServiceBus host application and the persistence SQL database does not yet exist, no exception is thrown saying that the database cannot be found (it does in case 2).
I keep getting the following exception:
NServiceBus.Timeout.Hosting.Windows.TimeoutPersisterReceiver Failed to fetch timeouts from the timeout storage
Which ultimately results in the application crashing because when this error occurs too many times, ServiceBus decides that enough is enough and just throws a fatal exception.
Besides the issues above, the application runs perfectly receiving and processing messages... until the fatal exception occurs
Now, this one is a bit more difficult:
Case 2 - Using default assembly scanning:
public void Customize(BusConfiguration configuration)
{
var endpointName = typeof(EndpointConfig).Namespace;
configuration.SetUniqueHostId(endpointName);
configuration.UseSerialization<JsonSerializer>();
configuration.UsePersistence<NHibernatePersistence, StorageType.Outbox>();
// !! DISABLED !!
// configuration.AssembliesToScan(new List<Assembly>
// {
// GetType().Assembly,
// typeof(ICustomCommand).Assembly
// });
configuration.Conventions()
.DefiningCommandsAs(type => typeof(ICustomCommand).IsAssignableFrom(type));
configuration.EnableDurableMessages();
configuration.EnableInstallers();
var container = ContainerInitializer.Container;
configuration.UseContainer<AutofacBuilder>(c => c.ExistingLifetimeScope(container));
}
In this case the following issues occur:
When the persistence SQL database does not yet exist:
When starting the NServiceBus host application and the SQL database does not exist, an exception is throw - Expected behavior (This is positive)
After creating the persistence SQL database:
ServiceControl.Plugin.Nsb5.Heartbeat.Heartbeats|Unable to send heartbeat to ServiceControl:
NServiceBus.Unicast.Queuing.QueueNotFoundException: Failed to send message to address: [Particular.ServiceControl#MYPCNAME]
Exception thrown: 'System.Messaging.MessageQueueException' in System.Messaging.dll
Additional information: External component has thrown an exception.
2017-09-15 16:25:45.6743|Warn|NServiceBus.Unicast.Messages.MessageMetadataRegistry|Message header 'SharedTemp.Interfaces.ICustomCommand'
was mapped to type 'SharedTemp.Interfaces.ICustomCommand' but that type was not found in the message registry [...]
Exception thrown: 'System.Exception' in NServiceBus.Core.dll
Additional information: Could not find metadata for 'Newtonsoft.Json.Linq.JObject'.
Now, exceptions 3 and 4 are particularly (no pun intended) odd since the NServiceBus documentation states:
By default all assemblies in the endpoint bin directory are scanned to find types implementing its interfaces so that it can configure them automatically.
And the "Newtonsoft.Json" and my "SharedTemp dll's" are indeed in the BIN folder, but NServiceBus does not seem to find them. As for point 1: NServiceBus does not create that queue for me, but it creates all the other queues that I need.
Finally the always requested app.config file:
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<configSections>
<section name="MasterNodeConfig" type="NServiceBus.Config.MasterNodeConfig, NServiceBus.Core"/>
<section name="MessageForwardingInCaseOfFaultConfig" type="NServiceBus.Config.MessageForwardingInCaseOfFaultConfig, NServiceBus.Core"/>
<section name="UnicastBusConfig" type="NServiceBus.Config.UnicastBusConfig, NServiceBus.Core"/>
<section name="AuditConfig" type="NServiceBus.Config.AuditConfig, NServiceBus.Core"/>
</configSections>
<appSettings>
<add key="NServiceBus/Persistence/NHibernate/dialect" value="NHibernate.Dialect.MsSql2012Dialect"/>
<add key="NServiceBus/Outbox" value="true"/>
</appSettings>
<MessageForwardingInCaseOfFaultConfig ErrorQueue="error"/>
<UnicastBusConfig>
<MessageEndpointMappings />
</UnicastBusConfig>
<AuditConfig QueueName="audit"/>
<connectionStrings>
<add name="NServiceBus/Persistence" connectionString="Server=(LocalDB)\v11.0;Initial Catalog=NServiceBus;Integrated Security=true"/>
</connectionStrings>
<system.web>
<membership defaultProvider="ClientAuthenticationMembershipProvider">
<providers>
<add name="ClientAuthenticationMembershipProvider" type="System.Web.ClientServices.Providers.ClientFormsAuthenticationMembershipProvider, System.Web.Extensions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" serviceUri=""/>
</providers>
</membership>
<roleManager defaultProvider="ClientRoleProvider" enabled="true">
<providers>
<add name="ClientRoleProvider" type="System.Web.ClientServices.Providers.ClientRoleProvider, System.Web.Extensions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" serviceUri="" cacheTimeout="86400"/>
</providers>
</roleManager>
</system.web>
<startup>
<supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.5.2"/>
</startup>
<MasterNodeConfig Node="localhost"/>
</configuration>
Does anyone have an idea about any of this?
After a lot of searching I finally found the problem!
First of all I was using a in-house NuGet package that was supposed to help me with configuring NServiceBus. The package worked fine for other projects, but for mine not so well, since I was using JsonSerialization instead of the default XML serialization.
The first problem with the package is that it used the "INeedInitialization" interface to configure NServiceBus. In my code I would then call "IConfigureThisEndpoint" to enable the JsonSerialization. The issue here was, that when starting the NServiceBus host, it would fail to find the NewtonSoft.Json library. If I then added custom assembly scanning to my own configuration code, it would not trigger "INeedInitialization", causing an incomplete/incorrect configuration.
I assume it could not load the NewtonSoft.Json library because scanning was triggered in the code/namespace of the package? Maybe #Sean Farmer can answer this?
The second problem with the package is that it would add connection strings to the app.config, one for "NServiceBus/Persistence" and one for "NServiceBus/Persistence/NHibernate/Saga". I am not using Saga, so the connection string for that was not needed. Initially this was not a problem since I caught it the first time, but I completely forgot about it after reinstalling the package. Removing this again also seemed to make NServiceBus happier.
So, what ended up working? I removed the package and did the configuration myself with the following result:
public void Customize(BusConfiguration configuration)
{
var endpointName = typeof(EndpointConfig).Namespace;
configuration.UniquelyIdentifyRunningInstance().UsingCustomIdentifier(endpointName);
configuration.EnableOutbox();
configuration.UsePersistence<NHibernatePersistence>();
configuration.Transactions().DefaultTimeout(TimeSpan.FromMinutes(5.0));
configuration.UseSerialization<JsonSerializer>();
configuration.Conventions()
.DefiningCommandsAs(type => typeof(ICustomCommand).IsAssignableFrom(type));
configuration.EnableDurableMessages();
configuration.EnableInstallers();
var container = ContainerInitializer.Container;
configuration.UseContainer<AutofacBuilder>(c => c.ExistingLifetimeScope(container));
}
#Sean: Thank you for allowing me to contact you. Luckily it was not necessary
#Mike: Thank you for the input
I have a project which uses ADFS authentication in some cases. The configuration is read from a database and the URLs are different from customer to customer, so there are many configuration options which I can't hard-code in my Web.config.
The problem is that I get the following error:
ID1032: At least one 'audienceUri' must be specified in the SamlSecurityTokenRequirement when the AudienceUriMode is set to 'Always' or 'BearerKeyOnly'
But I don't get it always, and I can't reproduce it. This is pretty annoying since I can't really debug it as long as I can't reproduce it. And I'm not sure whether I did everything correct. Maybe some ADFS expert can have a look at it.
(Trusts between my relying parties and their corresponding ADFS servers have been established, of course.)
Here is my code (only interesting parts of it), please ask if anything is missing or unclear.
Some snippets from my Web.config:
<system.webServer>
<modules>
<add name="WSFederationAuthenticationModule" type="Microsoft.IdentityModel.Web.WSFederationAuthenticationModule, Microsoft.IdentityModel, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" preCondition="managedHandler" />
<add name="SessionAuthenticationModule" type="Microsoft.IdentityModel.Web.SessionAuthenticationModule, Microsoft.IdentityModel, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" preCondition="managedHandler" />
<add name="ClaimsPrincipalHttpModule" type="Microsoft.IdentityModel.Web.ClaimsPrincipalHttpModule, Microsoft.IdentityModel, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" preCondition="managedHandler" />
<!-- ... -->
</modules>
<!-- ... -->
</system.webServer>
<microsoft.identityModel>
<service>
<securityTokenHandlers>
<remove type="Microsoft.IdentityModel.Tokens.SessionSecurityTokenHandler" />
<add type="MyProject.MachineKeySessionSecurityTokenHandler" />
</securityTokenHandlers>
<federatedAuthentication>
<wsFederation passiveRedirectEnabled="false"
issuer="https://fail/IssuerEndpoint"
realm="https://fail/FederationResult"
homeRealm="https://fail"
requireHttps="true" />
</federatedAuthentication>
</service>
</microsoft.identityModel>
Those fail values will be overridden per request (see my Login() method below), but I have to specify something in my Web.config, so I chose to specify a valid URI at least. The default SessionSecurityTokenHandler had to be replaced because my service runs on multiple machines with DNS Round-Robin (sharing the same machine key).
Then I have a class I called AdfsTrustFilter which implements IAuthorizationFilter. I know it's bit of overhead, but due to the project structure, this filter is used as a global filter on every request (order is the least value in the whole project). In the OnAuthorization method, I complete the configuration as follows:
public sealed class AdfsTrustFilter : IAuthorizationFilter
public void OnAuthorization(AuthorizationContext filterContext)
// ...
var fam = FederatedAuthentication.WSFederationAuthenticationModule;
fam.ServiceConfiguration = new ServiceConfiguration
{
AudienceRestriction = new AudienceRestriction(AudienceUriMode.Always),
CertificateValidationMode = X509CertificateValidationMode.PeerOrChainTrust,
// MyIssuerNameRegistry checks whether a fingerprint is known and some other stuff
IssuerNameRegistry = new MyIssuerNameRegistry()
};
// config.OwnPath contains something like "https://my.app.com/AppRoot/"
fam.ServiceConfiguration.AudienceRestriction.AllowedAudienceUris.Add(new Uri(config.OwnPath));
}
}
This is the code that starts the authentication:
public ActionResult Login()
{
// ...
// again something like "https://my.app.com/AppRoot/"
string baseUrl = Config.OwnPath.TrimEnd('/') + "/";
// adfs endpoint for this customer: i.e. "https://identity.provider.net/adfs/ls/"
string endpoint = Config.AdfsConfig.IdentityProvider.Endpoint;
// the code behind FederationResult is shown below
var signIn = new SignInRequestMessage(new Uri(endpoint), baseUrl + "/Adfs/FederationResult")
{
Context = baseUrl
};
var url = signIn.WriteQueryString();
return Redirect(url);
}
And finally the FederationResult callback:
public ActionResult FederationResult()
{
WSFederationAuthenticationModule fam = FederatedAuthentication.WSFederationAuthenticationModule;
HttpRequest request = System.Web.HttpContext.Current.Request;
if (fam.CanReadSignInResponse(request, true))
{
var id = (IClaimsIdentity) User.Identity;
// do something
}
// ...
}
P.S.: The ADFS server was recently upgraded from 2008 R2 to 2012, but this didn't change anything. ADFS version was always 2.0.
Since the exception says that you need the audienceUri, I would start by adding one under
<microsoft.IdentityModel>
<service>
<audienceUris>
<add value="https://yourdomain/theaudienceuri" />
The audienceUri is the Uri adfs returns to your application. You can override the engine to accept arbitrary return results which doesn't change the fact that indeed you need at least one uri in the config.
I am trying to implement Swagger with Service Stack. I've installed service stack with swagger using nuget. Current DLL versions are reported as 3.9.56.0 mostly.
I am trying to follow the example provided at...
https://github.com/ServiceStack/ServiceStack.UseCases/tree/master/SwaggerHelloWorld
and the instrucstion appear fairly fool-proof...
Plugins.Add(new ServiceStack.Api.Swagger.SwaggerFeature());
goes into the 'Configure' method after I've installed via nuget (as the documentation instructs), then I've added [ApiMember] and [Api] tags, along with changes to the [Route] tags to add Summary and Notes
but when I visit ~/swagger-ui/index.html i get the error
Please specify the protocol for ../api
My api sits at ~/api, and I have a single method at the moment (Hello World) sitting at ~api/Hello/{name} which returns JSON and works ok.
if I visit ~apii get the message Handler for Request not found: with a stack trace type output.
What am I doing wrong? The instructions to enable swagger appear really straight forward, and detailed instructions appear to be lacking, probably because it should 'just work', please help!
Update to address Esker...
Stack trace # myhost:54011/api
Handler for Request not found:
Request.ApplicationPath: /
Request.CurrentExecutionFilePath: /api
Request.FilePath: /api
Request.HttpMethod: GET
Request.MapPath('~'): D:\Starteam\Private\user\web\ServiceStackSwagger\ServiceStackSwagger\
Request.Path: /api
Request.PathInfo:
Request.ResolvedPathInfo: /api
Request.PhysicalPath: D:\Starteam\Private\user\web\ServiceStackSwagger\ServiceStackSwagger\api
Request.PhysicalApplicationPath: D:\Starteam\Private\user\web\ServiceStackSwagger\ServiceStackSwagger\
Request.QueryString:
Request.RawUrl: /api
Request.Url.AbsoluteUri: http://localhost:54011/api
Request.Url.AbsolutePath: /api
Request.Url.Fragment:
Request.Url.Host: localhost
Request.Url.LocalPath: /api
Request.Url.Port: 54011
Request.Url.Query:
Request.Url.Scheme: http
Request.Url.Segments: System.String[]
App.IsIntegratedPipeline: True
App.WebHostPhysicalPath: D:\Starteam\Private\user\web\ServiceStackSwagger\ServiceStackSwagger
App.WebHostRootFileNames: [global.asax,global.asax.cs,helloservice.cs,jquery-1.10.2.js,packages.config,servicestackswagger.csproj,servicestackswagger.csproj.user,web.config,web.debug.config,web.release.config,app_data,app_start,bin,controllers,dto,models,obj,properties,swagger-ui,views]
App.DefaultHandler: metadata
App.DebugLastHandlerArgs: GET|/api|D:\Starteam\Private\user\web\ServiceStackSwagger\ServiceStackSwagger\api
Also, "Please specify protocol' is a swagger error, displayed onscreen in html underneath the aforementioned 'textbox to change discovery url'
and the DLL versions are 'mostly' the same because ServiceStack.Redis is version 3.9.57.0, but I'm not using that, so 'mostly'
Update... My Solution
I needed this in my web.config file inside of the <configuration> tag, I had previously not included the <location path="api"> bit.
<!-- ServiceStack: CustomPath /api -->
<location path="api">
<system.web>
<httpHandlers>
<add path="*" type="ServiceStack.WebHost.Endpoints.ServiceStackHttpHandlerFactory, ServiceStack" verb="*"/>
</httpHandlers>
</system.web>
<!-- Required for IIS 7.0 -->
<system.webServer>
<modules runAllManagedModulesForAllRequests="true"/>
<validation validateIntegratedModeConfiguration="false" />
<handlers>
<add path="*" name="ServiceStack.Factory" type="ServiceStack.WebHost.Endpoints.ServiceStackHttpHandlerFactory, ServiceStack" verb="*" preCondition="integratedMode" resourceType="Unspecified" allowPathInfo="true" />
</handlers>
</system.webServer>
</location>
also... I had set up my 'routes' as such...
//INCORRECT
[Route("/api/Hello/{name}", Summary = #"N031'5 ServiceStackSwagger thingy", Notes = "Some more info in here cause these are notes")]
public class Hello : IReturn<HelloResponse>
but that messed with swagger's functionality, it needed to be...
//CORRECT
[Route("/Hello/{name}"...
with the 'api' bit REMOVED, and now everything is working.
You need to tell Swagger about the specific URL of the ServiceStack Swagger endpoint, rather than the base URL of your services. This endpoint is located at /resources under your base URL. So, instead of ../api for the discoveryUrl, use ../api/resources, like so, in your index.html file:
window.swaggerUi = new SwaggerUi({
discoveryUrl: '../api/resources',
...
This question is just a quick one. I have a set of links on a page, and they all actually point to the same controller method - the difference between them is that they each pass a different value to that method so that the subsequent process is slightly different. I happened to already have an enum defined to correspond to the possible values passed, so without thinking, I did this:
#Url.Action("QueryStepTwo", new { type = QueryType.UserRecords })
and was pleasantly surprised to see that nothing gained a red underline. I hit compile and navigated to that page to verify, to be presented with an error message for CS0103: "The name 'QueryType' does not exist in the current context". In the editor, QueryType is syntax-highlighted and IntelliSense provides the options list when I type it.
I'm assuming this is just a case of VS/IntelliSense being just a little bit too smart and knowing things that the actual page parse/render engine can't? Casting the enum to its string or int value doesn't help, so I'm guessing this is to do with the order in which things are executed; more specifically, the enum is out of scope by the time Razor gets to see the page. Is there a way to use an enum in URL helpers like this, especially one that doesn't require the enum to be defined as a member of the view model? I dislike using magic strings all over the place; they're too vulnerable to typos and tomfoolery.
Make sure you fully qualify the namespace where this enum is defined:
#Url.Action("QueryStepTwo", new { type = SomeNamespace.QueryType.UserRecords })
or if you don't want to do that you could also add an #using directive to the top of your Razor view:
#using SomeNamespace
And if you want to do this globally for all Razor views you could add this namespace to the <namespaces> node in ~/Views/web.config (not to be confused with ~/web.config):
<system.web.webPages.razor>
<host factoryType="System.Web.Mvc.MvcWebRazorHostFactory, System.Web.Mvc, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
<pages pageBaseType="System.Web.Mvc.WebViewPage">
<namespaces>
<add namespace="System.Web.Mvc" />
<add namespace="System.Web.Mvc.Ajax" />
<add namespace="System.Web.Mvc.Html" />
<add namespace="System.Web.Routing" />
<add namespace="SomeNamespace" />
</namespaces>
</pages>
</system.web.webPages.razor>
As far as the Intellisense in Razor views is concerned, this is not something that could be trusted. Hopefully Microsoft will improve it in future versions.
I have an application that has to deal with getting "special" characters in its URL (like &, +, %, etc). When I'm sending a request to the application using these characters (of course I'm sending them escaped) I'm getting "Bad Request" response code with the message "ASP.NET detected invalid characters in the URL". Tracing the request shown me that the error was thrown from the "Authentication Module".
I've searched a bit and found that every page has a ValidateRequest and changing its value to false solves the problem. Unfortunately I'm using Httphandler. Does anyone know how to stop the request validation using http handler?
I ran into the same problem (creating an IHttpHandler that needed to receive requests with special characters in the URL). I had to do two things to fix it:
Create the following DWORD registration entry with a value of 1: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ASP.NET\VerificationCompatibility
In the web.config, set the allowDoubleEscaping attribute of the requestFiltering element to true.
I had the same problem and got it working by setting validateRequest="false" as well as requestValidationMode="2.0", like below. No registry edits.
<system.web>
<httpRuntime requestValidationMode="2.0" />
...
<pages ... validateRequest="false" />
</system.web>
Wholesale changes at the application or machine level were not acceptable to me. I only had one parameter that a client was sending incorrectly that I needed to scrub.
I found that when a request is made with html or other potentially dangerous items in the query string, you can scrub the string by using the context.Request.RawUrl and, once the query string is scrubbed, use context.RewritePath(scrubbedUrl).
First thing in the handler, get the context.Request.RawUrl
Scrub the bad request RawUrl for bad input
context.RewritePath(srubbedUrl)
Profit
It seems like request validation only cares about accessing context.Request.Params[], so if you scrub and rewrite path (to the same path) before the Params collection is accessed, you're golden.
Below solution worked for me-
Create the following DWORD registration entry with a value of 1: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ASP.NET\VerificationCompatibility
In the web.config, set the allowDoubleEscaping attribute of the requestFiltering element to true.
You can remove all the modules with
<httpModules>
<clear />
</httpModule>
to make the request get to your handler. Or maybe you can remove the specific modules that are stopping your request.
This is the list of modules loaded by default in ASP.NET 2.0 from here
<httpModules>
<add name="OutputCache" type="System.Web.Caching.OutputCacheModule" />
<add name="Session" type="System.Web.SessionState.SessionStateModule" />
<add name="WindowsAuthentication" type="System.Web.Security.WindowsAuthenticationModule" />
<add name="FormsAuthentication" type="System.Web.Security.FormsAuthenticationModule" />
<add name="PassportAuthentication" type="System.Web.Security.PassportAuthenticationModule" />
<add name="RoleManager" type="System.Web.Security.RoleManagerModule" />
<add name="UrlAuthorization" type="System.Web.Security.UrlAuthorizationModule" />
<add name="FileAuthorization" type="System.Web.Security.FileAuthorizationModule" />
<add name="AnonymousIdentification" type="System.Web.Security.AnonymousIdentificationModule" />
<add name="Profile" type="System.Web.Profile.ProfileModule" />
</httpModules>
How about this?
<system.web>
<pages validateRequest="false">
</pages>
</system.web>
Since .NET Framework 4.5, you can use the Unvalidated property on HttpRequest or HttpRequestBase to access form, query string and URL data in a way that will not trigger request validation. If you avoid accessing these values in any other way (including in helper methods or other HTTP modules running in the same request), you will not require anything else to avoid request validation.
You can set validateRequest to false in the pages section of the web.config. Maybe that works for HttpHandlers as well?