Visual studio debug access to external database - asp.net-web-api

I have a question as to how the Visual Studio 2013 debug emulator for Web API works.
I had built a Web API project in Visual Studio 2013 to access a database on an external server. The code was built using VS2013's ASP.NET Web Application project template for a Web API application. Once built, running debug opened a browser window for localhost port 56618, which allowed access from Fiddler to test Http requests.
Once I had the project finished, I published it to a website using Web Deploy to IIS. However, whilst the page would open (now at localhost:9812), an http request would throw an Internal Server Error 500.
Perusing the IIS FailedReqLogFiles, I noticed that the reason that it was failing was that the database server was refusing access to '<Domain>\<machine-name>$'.
I added '<Domain>\<machine-name>$' as a valid login (windows authentication, as the connection string included "Integrated Security=true") on the sql instance with read and write privileges, and the problem was resolved.
The question is, why didn't the Visual Studio debug emulator have the same issue?

Because the emulator was running the website under the context of your own account (e.g. <Domain>\You). Your account had access to the database, so there was no issue.
When you published it to IIS, it started running under the context of a different account (<Domain>\Machine-Name - but there are other variants depending on how IIS is configured, and the version of IIS), which didn't have access to your database.

Related

Prepare Teams App Dependencies fails behind proxy

I create a new Teams application in Visual Studio 2022 (17.4.4). When I try the "Prepare Teams App Dependencies", I get a failure from AppStudioPlugin with the message "API call to Developer Portal failed: Error, connect EACCES 52.113.194.132:443, API name: create-app, ..."
I am behind a proxy, and I see a drop in the firewall logs to 52.113.194.132:443, so it's not going to the proxy.
When I open a browser on that machine, I can go to the developer portal (https://dev.teams.microsoft.com/) without a problem, so the proxy does allow this.
When I open port 443 in the firewall, everything works.
My question is: How do I get it to work via the proxy ?
I did already try to add the proxy to the visual studio config, but also that did not make a difference.
17.4 VS Teams Toolkit uses a language server to handle data between VS and Teams Dev portal. You can try to add this language server to your proxy and test it.
Language server location: ~\appdata\local\microsoft\visualstudio\{VS_version}\extensions\Microsoft\teams toolkit\{Teams_toolkit_version}\server.exe

.NET 6 webapp returns 503 error on random intervals

I published a simple .NET 6.0 web app with user authentication on my IIS 10.0 web server hosted on Azure.
The application read and write data from a SQL Server 2017 database hosted on another machine on the same virtual network of the web server.
Everything works fine but after a while, even though nobody is using the app, it stop working and send Http Error 503 Service Unavailable and I have to restart it every time from the application pool.
I enabled tracing on the event log, but I don't receive any message explaining this.
These are the application settings:
IIS application settings
I tried to follow these advices but none of them worked:
IIS HTTP Error 503. The service is unavailable
503 “Service Unavailable” error for all apps after installing .NET Core 2.2 Runtime & Hosting Bundle for Windows
.Net core Service Unavailable after Publish to IIS
On the same web server I have other applications but this problem appears only on this one. None of the other apps is using .NET 6, most use .NET Framework 4.7/4.8 and another couple .NET Core 3.1.
I also tried to publish the application on Azure WebApp service and it has the same problem.
1. If you're deploying on IIS, we can install DebugDiag Tools and then use the DebugDiag collection to crawl the dump logs.
2. If you are using the azure app service, it is recommended to get dump in the azure portal.
My Suggestion
Enable Failed Request Tracing, and find which request will cause the Http 503.
Maybe this 503 is not a problem with the code, and it is possible to find some useful information in the log.
Check the EventViewer, try to find the useful info about the application.
Download the DebugDiag Tools, use debugdiag collection to collect the dump file when the issue occured, and use the debugdiag analysis to analyze the dump file and check the stacktrace.
My suggestion can't tell you the root cause directly, but it will help you to find it. You are also welcome to update the useful stacktrace information in the future, and there will be more people to help you.
I'm currently having the issue but using MySQL on a remote server.
Azure WebApp, Azure VM (IIS 10) and AWS EC2.
Http Error 503 Service Unavailable when the database connection timesout or fails to connect and the AppPool failed to restart.
No crashes when debugging in VS via console app.
I changed the hosting model to out-of-process and this solved the issue.
<aspNetCore processPath="%LAUNCHER_PATH%" arguments="%LAUNCHER_ARGS%" stdoutLogEnabled="true" stdoutLogFile=".\logs\stdout" hostingModel="outofprocess">

ASP.NET web application cloud authentication sql dependency

I have created a project in visual studio using the ASP.NET web application (.NET Framwork) VB.
If i run it from within VS it asks for my MS credentials and registers the app in Azure. It then gives me the home page showing as me logged in.
I then deploy this app to IIS on a VM server in Azure. i create a self signed certifcate in IIS and create a https binding using the certificate and port
when i browse to the site it goes through all the login procedure as expected, then i get an error "A network-related or instance-specific error occurred while establishing a connection to SQL Server"
What SQL server??
if i go into connected services in VS under connected services it shows 'SQL Server dependency is detected' and i have to configure it. what is this?
Thanks
Gareth

Visual Studio 2017 Web publishing fails if user is non-admin while the same user can be used for VS2015 web publishing on the same web server

I am trying to publish a ASP.NET Core Web project to IIS (remote server) using a non-admin account using Visual Studio 2017 and I have the following error on deploy:
Starting Web deployment task from source:
manifest(D:\Projects\Own\AspNetCore\CoreWithAngularTrial\CoreWithAngularTrialApi\obj\Debug\netcoreapp1.1\PubTmp\CoreWithAngularTrialApi.SourceManifest.xml)
to Destination: auto(). C:\Program Files (x86)\Microsoft Visual
Studio\2017\Community\MSBuild\Sdks\Microsoft.NET.Sdk.Publish\build\netstandard1.0\PublishTargets\Microsoft.NET.Sdk.Publish.MSDeploy.targets(134,5):
Error : Web deployment task failed. (Connected to the remote computer
("...") using the Web Management Service, but could
not authorize. Make sure that you are using the correct user name and
password, that the site you are connecting to exists, and that the
credentials represent a user who has permissions to access the site.
Learn more at:
http://go.microsoft.com/fwlink/?LinkId=221672#ERROR_USER_UNAUTHORIZED.)
Make sure the site name, user name, and password are correct. If the
issue is not resolved, please contact your local or server
administrator. Error details: Connected to the remote computer
("...") using the Web Management Service, but could
not authorize. Make sure that you are using the correct user name and
password, that the site you are connecting to exists, and that the
credentials represent a user who has permissions to access the site.
Learn more at:
http://go.microsoft.com/fwlink/?LinkId=221672#ERROR_USER_UNAUTHORIZED.
The remote server returned an error: (401) Unauthorized. Publish
failed to deploy.
I have the following configuration for deployment:
Publish method = Web deploy
Server = servername:8172/msdeploy.axd
Site name = Default Web Site/CoreWithAngularTestApi
User name = username
Password = ******
The exact same configuration works when publishing a different application (ASP.NET MVC 5) under the same Web site (Default Web Site), so publishing configuration appears to be correct on the remote server.
Making username a local administrator unblocks the publishing process in Visual Studio 2017.
Also, publishing configuration files (*.pubxml) are virtually identical.
Event viewer on remote server catches the following error:
IISWMSVC_AUTHORIZATION_SERVER_NOT_ALLOWED
Only Windows Administrators are allowed to connect using a server
connection. Other users should use the 'Connect To Site or
Application' task to be able to connect.
Process:WMSvc User=username
Question: How can I enabled non-administration web publishing from Visual Studio 2017?
This issue has been fixed: https://github.com/aspnet/websdk/issues/146.
ASP.NET core project uses a different set of Publish targets (hence the change in behavior from MVC5). This project is available on GitHub - https://github.com/aspnet/websdk.
I managed to figure out why the publish fails with non-admin user. Server setup is correct, but Visual Studio publishing seems to treat ASP.NET Core Web app deployment differently from ASP.NET MVC 5 one.
I had to explicitly specify web site name within the publishing profile xml file. So, instead of:
<MSDeployServiceURL>servername:8172/msdeploy.axd</MSDeployServiceURL>
I put
<MSDeployServiceURL>servername:8172/msdeploy.axd?Site=Default Web Site</MSDeployServiceURL>
NOTE: This problem does not occur when publishing an MVC 5 project within VS2017.

WebApi Deployed to Azure - Controllers Don't Work (500 Error)

I have a WebApi project that wraps the Dynamics CRM Online web service and provides a REST api. I have a simple controller that gets some contacts from CRM and returns them to the caller.
Everything works fine when I run it in the local emulator. However, when I deploy the project to Azure, I can reach the home page, but the controllers all return http 500 errors. Why would this happen? And how can I troubleshoot to get more details?
UPDATE
The issue is with the absence of Microsoft.IdentityModel.dll on the Server 2012 instance running the web role in Azure. I found this by opening web role instance in RDP, installing Fiddler, and making the request from Fiddler to the local IIS server. It responded with the detailed error.
Now my issue is figuring out how to enable IdentityModel on a Windows Azure Web Role. You're supposed to be able to add it via the Server 2012 Add Roles and Features wizard, but it's totally locked down on the Web Role. You can't check any boxes that aren't already checked. Is this even possible?
The issue is giving the Web Role access to Windows Identity Foundation when it's inherently not there. Marc Schweigert provides clear steps to do this here:
http://blogs.msdn.com/b/devkeydet/archive/2013/01/27/crm-online-amp-windows-azure-configuring-single-sign-on-sso.aspx
Go to the 23:00 mark of the video and you'll see the 4 necessary steps:
Reference Microsoft.IdentityModel.dll (need WIF SDK installed)
a. Set copy local = true
Create RegisterWIFGAC.cmd in your web role project
Create Startup Task in ServiceDefinition.csdef that invokes RegisterWIFGAC.cmd
Add GacUtil to the project (used in the startup task) to put Microsoft.IdentityModel.dll in the GAC every time the web role starts).

Resources