I am using Visual Studio 2012 to build an MVC web application, and IIS Express to host it on my local machine. In order to access specific domain resources (SQL Integrated authentication, file systems, etc.) I have the need to configure the identity that the application pool runs as.
If I instead host it using IIS, it works as intended.
In my applicationhost.config file:
<system.applicationHost>
<applicationPools>
<add name="MyPool" managedRuntimeVersion="v4.0" managedPiplelineMode="Integrated" CLRConfigFile="%IIS_USER_HOME%\config\aspnet.config" autoStart="true">
<processModel indentityType="SpecificUser" userName="Domain\UserName" password="Password" />
</add>
</applicationPools>
<sites>
<site name="MySite" id="1">
<application path="/" applicationPool="MyPool">
....
</application>
<site>
<sites>
</system.applicationHost>
If I set default to run as the specified pool, it works correctly, but I can't get a specific site to run under the different app pool.
<applicationDefaults applicationPool="MyPool" />
I've seen numerous posts around the interwebs saying that the configuration I have should work, but it doesn't, so what am I missing?
Related
Windows Server 2016 IIS 10
I have this in web.config
<security>
<ipSecurity allowUnlisted="true">
<clear />
<add ipAddress="xx.xx.x.x" />
</ipSecurity>
</security>
I have also set in ApplicationHost.config
section name="ipSecurity" overrideModeDefault="Allow"
I have also installed the IP and Domain Restrictions Role for IIS
However, it STILL does not work.
Is there something I'm missing?
Once denied IP addresses have been added, click Edit Feature Settings... and select Allow for Access for unspecified clients. Click OK.
I have an ASP .Net Core 1.1 Web API and Web App running on my localhost from Visual Studio 2017 on Windows 10.
When I run the projects, the API runs on http://localhost:50082/api/ and the web app on http://localhost:60856/
However, if others on the LAN try to access it (using my computer's IP address - http://192.168.1.101:60856/ they get a
Bad Request - Invalid Hostname
Error. In fact,. I get this error too of I use my IP address. I've tried about a dozen variations in my C:\Users\Documents\IISExpress\config\applicationhost.config file, such as:
<bindings>
<binding protocol="http" bindingInformation="*:60856:localhost" />
</bindings>
and
<bindings>
<binding protocol="http" bindingInformation="*:60856:" />
</bindings>
restarting the projects (and therefore IIS Express) every time, but nothing seems to work. Any ideas?
IIS Express does not allow remote connections by default. This post explains how to activate it.
In my opinion, you would be better off if you setup local IIS and publish the app to the configured IIS folder.
I already tried HTTP.SYS configurations for other situations, and sometimes the configs are lost whether on restarts or windows updates... But this may not happen to you...
If you are using asp core, another solution is to simply change your profile from 'IIS' to 'Standalone' (which is named as your project) from Visual Studio toolbar:
By this change, IIS will not run anymore and the embedded asp web server 'kestrel'
will face the requests directly.
If it's still give you host invalid error adjust your hostname settings by adding this line to your config file:
"AllowedHosts": "*",
More info:
https://learn.microsoft.com/en-us/aspnet/core/host-and-deploy/?view=aspnetcore-5.0#set-up-a-reverse-proxy
https://weblog.west-wind.com/posts/2019/Mar/16/ASPNET-Core-Hosting-on-IIS-with-ASPNET-Core-22
https://learn.microsoft.com/en-us/aspnet/core/fundamentals/servers/kestrel/host-filtering?view=aspnetcore-5.0
I had this same issue trying to get ngrok to point to a local ASP.NET Core website.
This guy's answer worked for me: https://kodlogs.com/blog/532/iis-express-http-error-400-the-request-hostname-is-invalid
Basically, in the [solution dir]\.vs\[asp.net core web app dir]\config\applicationhost.config file, change the line from:
<binding protocol="https" bindingInformation="*:[your port]:localhost" />
to:
<binding protocol="https" bindingInformation="*:[your port]:*" />
I am trying to install Master Data Service MSD on my local machine. Theorically there are 3 steps :
pre-installation tasks
Installation tasks
post-Installation tasks
During the pre-installation tasks we verify the installation requirements.
The Master Data Services web application needs some Windows Web Server roles and role services. Among these services we have the "Windows Authentication" (under Security).
The problem is that I did not find under security node Windows Authentication. Instead I find Basic Authentication.
My OS is Windows 10.
To install (add) the the desired roles I follow the theoritical instructions:
Control panel| Programs and features| turn Windows Featues on or off. I then expand Security under World Wide Web Services but there is no Windows authentication among the check boxes, there is only basic authentication.
Also when I open IIS and double click Authentication pane there are 4 Authentication (basic, anonymous,ASP.net impersonation and formular), so again, I don't find windows Authentication.
I read some suggestions on the internet telling that we can edit the applicationHost.config file. I find 2 file on different paths.
The location of the first one is: C:\Program Files (x86)\IIS Express\AppServer
and the second location is: C:\Windows\System32\inetsrv\config
In those files I replace <windowsAuthentication /> under
<security><authentication> node by :
<windowsAuthentication enabled="true">
<providers>
<add value="Negotiate" />
<add value="NTLM" />
</providers>
</windowsAuthentication>
and I also add <add name="WindowsAuthenticationModule" lockItem="true" /> under <system.webServer><modules>
I did this on the 2 files because I was not sure whether it should be done only on the latter one or not (iis and not iisexpess). But even with those changes it does not work and what surprise me is that when I open iis after editing file, I also don't find windows aythentication among the authentication list in Authentication pane. So I conclude that editing did not serve at all and make no change to IIS.
Of course because I failed to enable Windows Authentication when I open MDS (to do the installation step), I get a warning error telling that IIS is not configured correctly because windows authentication is not installed on this server.
You'll find here how to add it and after that you'll be able to use it:
https://weblogs.asp.net/zroiy/missing-windows-authentication-provider-for-iis-7-on-windows-server-2008
Using Visual Studio 2010 and IIS Express. The web site site I'm debugging will only accept logins from my domain account. If I connect to the site from a different system logged in as someone else, I'm given a 401 error after the credentials are rejected several times. I don't think this is a firewall issue, as I've disabled all of those I can find. Once IIS Express is running, I can see the ports its bound to are accepting requests:
TCP 0.0.0.0:64611 0.0.0.0:0 LISTENING
TCP [::]:64611 [::]:0 LISTENING
From IISExpress/Config/ApplicationHost.config:
<location path="CAF">
<system.webServer>
<security>
<authentication>
<windowsAuthentication enabled="true" />
<anonymousAuthentication enabled="false" />
</authentication>
</security>
</system.webServer>
</location>
The application's web.config (relevant section):
<system.web>
<compilation debug="true" targetFramework="4.0"/>
<authentication mode="Windows"/>
</system.web>
And in Visual Studio, the project shows "Anonymous Authentication = Disabled" and "Windows Authentication = Enabled".
I start Visual Studio as "Administrator" (shift, click, "Run as Administrator") otherwise the error "Unable to connect to the configured development web server, Failed to register URL http://*:64611/ for site CAF application /. Error description: Access is denied (0x800700005)" occurs. Starting VS as Admin fixes that problem, and the site works normally except it ONLY authenticates me.
I'm kind of stumped here, and I can't really test out some multi-user features unless I can connect as a couple of different users.
What I am doing
I am building an MVC2 website with Windows Authentication using Visual Studio 2010. I want to debug the website using IIS7 and access it from a browser in a virtual machine (in order to sign in using different users with different privileges).
Problem
When I try to access my website from my virtual machine, I get the following error:
403 - Forbidden: Access is denied.
You do not have permission to view this directory or page using the credentials that you supplied.
Environment
I have visual Studio 2010 set to debug using IIS and to "Don't open a page. Wait for a request from an external application." I have created www.myWebsite.com in IIS7 on my host machine and have only Windows Authentication enabled.
I have made appropriate entries in the hosts file on both the virtual machine and my host machine so that when I type www.mywebsite.com into the browser on my virtual machine, it targets my website I set up on IIS7.
I tested my IIS7 setup process by using the same settings to set up an html website (with the same web.config security settings) and I could access that from my virtual machine. For this reason I think the problem has something to do with my application. IIS7 is set up to use .net 4.0 and Integrated Pipeline Mode.
Code
Here is my web.config file:
connectionString="metadata=res:///Models.ReportDB.csdl|res:///Models.ReportDB.ssdl|
res://*/Models.ReportDB.msl;provider=System.Data.SqlClient;provider connection string="Data Source=JDOE-
PC;Initial Catalog=ADVENTUREWORKSDB;Integrated Security=True;MultipleActiveResultSets=True""
providerName="System.Data.EntityClient" />
res:///Models.WDB.ssdl|res:///Models.WDB.msl;provider=System.Data.SqlClient;provider connection
string="Data Source=JDOE-PC;Initial Catalog=WarehouseDB;Integrated
Security=True;MultipleActiveResultSets=True"" providerName="System.Data.EntityClient" />
PublicKeyToken=31BF3856AD364E35" />
PublicKeyToken=31BF3856AD364E35" />
PublicKeyToken=31BF3856AD364E35" />
PublicKeyToken=b77a5c561934e089" />
type="System.Web.Security.WindowsTokenRoleProvider"/>
type="System.Web.Security.WindowsTokenRoleProvider"/>
type="System.Web.Security.WindowsTokenRoleProvider" />
I started over and everything has been working fine. I'm curious what the problem is, but with all the settings I was messing with (was doing a lot of experimenting as this was my first MVC project) I probably hosed something.
I don't think I have enough information to really solve the problem, so I will close this question.