I'm using SignalR v2.0 on Windows Server 2012 with IIS8,
I enabled WebSockets on the server by the following article,
http://www.iis.net/learn/get-started/whats-new-in-iis-8/iis-80-websocket-protocol-support
But signalR first tries to work with websockets, and right after that change the transport to serverSentEvents
The negotiation response is TryWebSockets=True
The response header of connecting with websockets is
Upgrade: Websocket
X-Content-Type-Options: nosniff
Connection: Upgrade
with status code 101 (Switching Protocols)
All my solution's projects are using .NET4.5
I also saw the following message in the Event Viewer (not sure if it is relevant)
Exception information:
Exception type: InvalidOperationException
Exception message: Unrecognized user identity. The user identity cannot change during an active SignalR connection. at
Microsoft.AspNet.SignalR.PersistentConnection.GetConnectionId(HostContext
context, String connectionToken) at
Microsoft.AspNet.SignalR.PersistentConnection.ProcessRequest(HostContext
context) at
Microsoft.AspNet.SignalR.Hubs.HubDispatcher.ProcessRequest(HostContext
context) at
Microsoft.AspNet.SignalR.PersistentConnection.ProcessRequest(IDictionary`2
environment) at
Microsoft.AspNet.SignalR.Owin.Middleware.HubDispatcherMiddleware.Invoke(IOwinContext
context) at
Microsoft.Owin.Mapping.MapMiddleware.d__0.MoveNext()
--- End of stack trace from previous location where exception was thrown --- at
Microsoft.Owin.Host.SystemWeb.IntegratedPipeline.StageAsyncResult.End(IAsyncResult
ar) at
Microsoft.Owin.Host.SystemWeb.IntegratedPipeline.IntegratedPipelineContext.EndFinalWork(IAsyncResult
ar) at
System.Web.HttpApplication.AsyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
at System.Web.HttpApplication.ExecuteStep(IExecutionStep step,
Boolean& completedSynchronously)
what is wrong ?
You can't change the user's identity during an active connection. It means you're probably doing something like logging in a user without stopping the connection first.
Related
(FYI, this is my first Microsoft project of any type and I am not familiar with technologies like proxy servers, etc so my description of the issues may not be the greatest).
I have been working on an ASP.NET Core 3.0 (preview) React app for the past month or so without any issues. Last Friday I started updating the web api to pull data from the database for charting in the UI. This week I picked up where I left off but my project now errors on start up.
Events that occurred since it was last working... I installed and used Fiddler briefly on Friday to run some api calls but then switched over to Postman. Everything was fine and I left everything running (may have closed Fiddler, don't recall). This week I made some database changes (set a multi-column index via the Fluent API) and added more data to the database (SQL Server). I then proceeded to continue working on the web api starting with a request in Postman but it errored. I went to view the app UI but that errored as well.
After two days of googling/troubleshooting I think the most useful error given is the one below. From the error messages, I do not know where port 50158 is coming from. The app loads at https://localhost:44398/. I performed a search for "50158" on my whole computer and only found it in IIS log files. Here are the first 4 lines in each log file. The rest of each file mentions only '44398'.
Successfully registered URL "https://localhost:44398/" for site "MyAwesomeApplication" application "/"
Successfully registered URL "http://localhost:50158/" for site "MyAwesomeApplication" application "/"
Registration completed for site "MyAwesomeApplication"
Request started: "GET" https://localhost:44398/
I found some posts on SO that mention Fiddler causing similar issues to this error, however, they have not helped me resolve the problem.
Some posts on SO mention unchecking "Automatically detect settings" on the Internet Properties > Connections > LAN settings. It is indeed unchecked on my computer.
Some things I have tried:
I created a new project using all the same specifications but get the same errors.
I completely removed Fiddler.
I reverted the latest database changes.
Where is this problem coming from and what do I need to do to fix it?
Please let me know if more (and what) info would be useful. This issue is out of my current knowledgebase.
#
Error message (sorry, not sure how to format it nicely)
An unhandled exception occurred while processing the request.
SocketException: No connection could be made because the target machine actively refused it.
System.Net.Http.ConnectHelper.ConnectAsync(string host, int port, CancellationToken cancellationToken)
HttpRequestException: No connection could be made because the target machine actively refused it.
System.Net.Http.ConnectHelper.ConnectAsync(string host, int port, CancellationToken cancellationToken)
HttpRequestException: Failed to proxy the request to http://localhost:50158/, because the request to the proxy target failed. Check that the proxy target server is running and accepting requests to http://localhost:50158/.
The underlying exception message was 'No connection could be made because the target machine actively refused it.'.Check the InnerException for more details.
Microsoft.AspNetCore.SpaServices.Extensions.Proxy.SpaProxy.PerformProxyRequest(HttpContext context, HttpClient httpClient, Task baseUriTask, CancellationToken applicationStoppingToken, bool proxy404s)
Stack Query Cookies Headers Routing
SocketException: No connection could be made because the target machine actively refused it.
System.Net.Http.ConnectHelper.ConnectAsync(string host, int port, CancellationToken cancellationToken)
Show raw exception details
HttpRequestException: No connection could be made because the target machine actively refused it.
System.Net.Http.ConnectHelper.ConnectAsync(string host, int port, CancellationToken cancellationToken)
System.Threading.Tasks.ValueTask.get_Result()
System.Net.Http.HttpConnectionPool.ConnectAsync(HttpRequestMessage request, bool allowHttp2, CancellationToken cancellationToken)
System.Threading.Tasks.ValueTask.get_Result()
System.Net.Http.HttpConnectionPool.CreateHttp11ConnectionAsync(HttpRequestMessage request, CancellationToken cancellationToken)
System.Threading.Tasks.ValueTask.get_Result()
System.Net.Http.HttpConnectionPool.GetHttpConnectionAsync(HttpRequestMessage request, CancellationToken cancellationToken)
System.Threading.Tasks.ValueTask.get_Result()
System.Net.Http.HttpConnectionPool.SendWithRetryAsync(HttpRequestMessage request, bool doRequestAuth, CancellationToken cancellationToken)
System.Net.Http.HttpClient.FinishSendAsyncUnbuffered(Task sendTask, HttpRequestMessage request, CancellationTokenSource cts, bool disposeCts)
Microsoft.AspNetCore.SpaServices.Extensions.Proxy.SpaProxy.PerformProxyRequest(HttpContext context, HttpClient httpClient, Task baseUriTask, CancellationToken applicationStoppingToken, bool proxy404s)
Show raw exception details
HttpRequestException: Failed to proxy the request to http://localhost:50158/, because the request to the proxy target failed. Check that the proxy target server is running and accepting requests to http://localhost:50158/. The underlying exception message was 'No connection could be made because the target machine actively refused it.'.Check the InnerException for more details.
Microsoft.AspNetCore.SpaServices.Extensions.Proxy.SpaProxy.PerformProxyRequest(HttpContext context, HttpClient httpClient, Task baseUriTask, CancellationToken applicationStoppingToken, bool proxy404s)
Microsoft.AspNetCore.Builder.SpaProxyingExtensions+<>c__DisplayClass2_0+<b__0>d.MoveNext()
Microsoft.AspNetCore.Builder.RouterMiddleware.Invoke(HttpContext httpContext)
IdentityServer4.Hosting.IdentityServerMiddleware.Invoke(HttpContext context, IEndpointRouter router, IUserSession session, IEventService events)
IdentityServer4.Hosting.MutualTlsTokenEndpointMiddleware.Invoke(HttpContext context, IAuthenticationSchemeProvider schemes)
Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context)
IdentityServer4.Hosting.BaseUrlMiddleware.Invoke(HttpContext context)
Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context)
Microsoft.AspNetCore.Diagnostics.EntityFrameworkCore.MigrationsEndPointMiddleware.Invoke(HttpContext context)
Microsoft.AspNetCore.Diagnostics.EntityFrameworkCore.DatabaseErrorPageMiddleware.Invoke(HttpContext httpContext)
Microsoft.AspNetCore.Diagnostics.EntityFrameworkCore.DatabaseErrorPageMiddleware.Invoke(HttpContext httpContext)
Microsoft.AspNetCore.Diagnostics.DeveloperExceptionPageMiddleware.Invoke(HttpContext context)
Show raw exception details
For me it had to do with cookie size being too large for development server.
I was working on a React client app served by ASP.NET Core 3.1 with Keycloak as an OP.
Fresh React templates did also suddenly not start anymore.
Clearing cookies made my projects start again.
ref:
https://techcommunity.microsoft.com/t5/iis-support-blog/400-error-in-asp-net-core-project-because-of-8-kb-cookie-limit/bc-p/1308877#M431
I decided to try and roll all the NuGet packages to a previous version (v3.0.0-preview5-19227). My app now functions as expected. Looking at the download page for dotnet-core, it looks like v3.0.0-preview6 was released on 06/12. I started my project way before that so maybe I updated the packages and just don't recall??? Either way, time to make up for 2 days lost.
I have a spring-boot websocket connection which sits behind spring-security-kerberos to achieve SSO. This works as expected but if I restart the server I see clients fail to re-connect with the error Error during WebSocket handshake: Incorrect 'Sec-WebSocket-Accept' header value.
I am using #stomp/stompjs 4.0.8 and setting stompClient.reconnect_delay = 5000
Is there any way to solve this? I am concerned that running this behind a load balancer would cause this error to occur all the time.
This is based on the messaging-stomp-websocket example + spring-security websocket-authentication
It appears that spring-security-web RequestCacheAwareFilter extracts a cached request which results in the actual Sec-WebSocket-Key header value being replaced with an invalid one.
The sequence of events is that each time the client attempts a re-connect the client makes two websocket requests, the first is rejected with a WWW-Authenticate: Negotiate header and the second which contains a Authorization header has a different Sec-WebSocket-Key value.
I was able to resolve this by disabling caching completely, e.g. within a WebSecurityConfigurerAdapter
#Override
protected void configure(final HttpSecurity http) throws Exception {
http.requestCache().requestCache(new NullRequestCache())
}
I really like Firefox Developer Edition but in the past I have found multiple issues when just trying to get it going which have often required administrator intervention at other places I've worked. The latest issue I'm running into is that when trying to log into some web application I'm debugging (named XXX.YYY) at a new client site, I get the following server error. I don't get this when I use Internet Explorer as my browser. What can I do to correct it?
Server Error in '/XXX.YYY' Application. ID3204:
WS-Federation SignIn request must specify a 'wtrealm' or 'wreply'
parameter. Description: An unhandled exception occurred during the
execution of the current web request. Please review the stack trace
for more information about the error and where it originated in the
code.
Exception Details:
Microsoft.IdentityModel.Protocols.WSFederation.WSFederationMessageException:
ID3204: WS-Federation SignIn request must specify a 'wtrealm' or
'wreply' parameter.
Source Error:
An unhandled exception was generated during the execution of the
current web request. Information regarding the origin and location of
the exception can be identified using the exception stack trace below.
Stack Trace:
[WSFederationMessageException: ID3204: WS-Federation SignIn request
must specify a 'wtrealm' or 'wreply' parameter.]
Microsoft.IdentityModel.Protocols.WSFederation.SignInRequestMessage..ctor(Uri
baseUrl, String realm, String reply) +271
Microsoft.IdentityModel.Protocols.WSFederation.WSFederationMessage.CreateFromNameValueCollection(Uri
baseUrl, NameValueCollection collection) +753
Microsoft.IdentityModel.Protocols.WSFederation.WSFederationMessage.TryCreateFromUri(Uri
requestUri, WSFederationMessage& fedMsg) +57
Microsoft.IdentityModel.Web.WSFederationAuthenticationModule.GetSignOutCleanupMessage(HttpRequest
request) +34
Microsoft.IdentityModel.Web.WSFederationAuthenticationModule.CanReadSignInResponse(HttpRequest
request, Boolean onPage) +188
Microsoft.IdentityModel.Web.WSFederationAuthenticationModule.OnAuthenticateRequest(Object
sender, EventArgs args) +85
System.Web.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
+142 System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +92
Version Information: Microsoft .NET Framework Version:4.0.30319;
ASP.NET Version:4.6.1590.0
I found a solution! It turns out the issue was that Firefox Developer Edition by default will not authenticate with the Windows NT LAN Manager (NTLM) protocol the way IE does out of the box. So, you have to configure it to do so:
Open Firefox Developer Edition and type in about:config in the address bar. You will be
prompted with a warning. Click the "I accept the risk!" button.
Use the ‘Search’ field at the top of the browser just below the address bar to find the network.automatic-ntlm-auth.trusted-uris configuration parameter.
Double-click the name of the configuration parameter, or right-click it and select Modify.
Enter the URLs of the sites you're having trouble authenticating to. Use the format:
https://localhost
There is no need to specify a port number nor a path to any particular page because authentication works on a site by site basis. You can list more than one site by comma-delimiting them. Now, my XXX.YYY web app which I was trying to debug locally runs and authenticates just fine!
I have an ASMX service hosted in IIS 7.5. When it is called with a bad http request (having an empty string value for "host" in the http header), the service returns a http-500 (internal server error). To satisfy company security requirements, it should return a http-400 (bad request) under this situation.
I have verified that the error occurs at the service infrastructure level, and the exception is not thrown from my code. I put try/catch block around the web method but nothing is caught, and the application log has nothing. So the error occurs before my code is executed.
I know WCF can handle the problem gracefully with IErrorHandler; but that's not an option for me at the moment.
Another interesting fact is that when testing inside Visual Studio, the same request causes a 400-error, my desired result.
So my question is: what can I do to make the service hosted under IIS also return a 400 error to a bad request?
EDIT: I mis-diagnosed the exception. It was from a WCF client call in my Web API controller, not from the Web API client. Easy to fix by setting the maxReceivedMessageSize in my WCF client binding config.
I am exceeding the maximum message size in Web API. I can find how to configure it in WCF and in self-hosted Web API, but I can't find where to configure it in IIS hosted Web API.
Here is the exception:
CommunicationException The maximum message size quota for incoming messages (65536) has been exceeded. To increase the quota, use the MaxReceivedMessageSize prop
erty on the appropriate binding element. Void HandleReturnMessage(System.Runtime.Remoting.Messaging.IMessage, System.Runtime.Remoting.Messaging.IMessage)
Server stack trace:
at System.ServiceModel.Channels.HttpInput.ThrowMaxReceivedMessageSizeExceeded()
at System.ServiceModel.Channels.HttpInput.ReadBufferedMessage(Stream inputStream)
at System.ServiceModel.Channels.HttpInput.ParseIncomingMessage(HttpRequestMessage httpRequestMessage, Exception& requestException)
at System.ServiceModel.Channels.HttpChannelFactory`1.HttpRequestChannel.HttpChannelRequest.WaitForReply(TimeSpan timeout)
at System.ServiceModel.Channels.RequestChannel.Request(Message message, TimeSpan timeout)
at System.ServiceModel.Channels.ClientReliableChannelBinder`1.RequestClientReliableChannelBinder`1.OnRequest(TRequestChannel channel, Message message, TimeSpan timeout, MaskingMode maskingMode)
at System.ServiceModel.Channels.ClientReliableChannelBinder`1.Request(Message message, TimeSpan timeout, MaskingMode maskingMode)
at System.ServiceModel.Security.SecuritySessionClientSettings`1.SecurityRequestSessionChannel.Request(Message message, TimeSpan timeout)
at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)
at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)
at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)
Where can I access the the Web API binding settings so I can set the MaxReceivedMessageSize?
Your post is confusing...your exception is related to WCF self host but your question is about IIS hosted application...they both are different...anyways here are the options for both hosts:
Selfhost: you can find the MaxReceivedMessageSize setting on HttpSelfhostConfiguration
Webhost: You need to make couple of settings in case of this. You can take a look at my reply here for this: https://stackoverflow.com/a/17324840/1184056