I am unable to get IIS on Windows Server 2022 to interact with Shibboleth 3 SP. I followed the Shibboleth 3 SP installation instructions and ticked the 'Configure IIS' option at the installation stage.
Checking shibd.exe passes fine as below:
PS C:\Windows\System32\inetsrv> C:/opt/shibboleth-sp/sbin/shibd.exe -check
overall configuration is loadable, check console or log for non-fatal problems
I also see that Shibboleth modules are installed in IIS:
PS C:\Windows\System32\inetsrv> ./appcmd.exe list module
MODULE "HttpLoggingModule" ( native, preCondition: )
MODULE "HttpCacheModule" ( native, preCondition: )
MODULE "DynamicCompressionModule" ( native, preCondition: )
MODULE "StaticCompressionModule" ( native, preCondition: )
MODULE "DefaultDocumentModule" ( native, preCondition: )
MODULE "DirectoryListingModule" ( native, preCondition: )
MODULE "ProtocolSupportModule" ( native, preCondition: )
MODULE "StaticFileModule" ( native, preCondition: )
MODULE "AnonymousAuthenticationModule" ( native, preCondition: )
MODULE "RequestFilteringModule" ( native, preCondition: )
MODULE "CustomErrorModule" ( native, preCondition: )
MODULE "AspNetCoreModuleV2" ( native, preCondition: )
MODULE "ShibNative32" ( native, preCondition:bitness32 )
MODULE "ShibNative" ( native, preCondition:bitness64 )
However, http://localhost/Shibboleth.sso/Session returns a 404. And the detailed error says that IIS was unable to find C:\inetpub\wwwroot\Shibboleth.sso\Session. Shibboleth therefore did not handle the request and IIS ended up searching for a static file on the file system.
Using the domain name and HTTPS also have the same issue:
Detailed Error Information:
Module IIS Web Core
Notification MapRequestHandler
Handler StaticFile
Error Code 0x80070002
Requested URL https://example.com:443/Shibboleth.sso/Session
Physical Path C:\inetpub\wwwroot\Shibboleth.sso\Session
Logon Method Anonymous
Logon User Anonymous
Shibboleth 2 had a handler registered for *.sso, but Shibboleth 3 does not have one.
I have scoured through a lot of sites, but I am unable to find any solution. Could someone help, please. Thanks in advance.
It turned out that I had two config issues:
The folder where Shibboleth is installed should have read & execute permission given to IUSR
The Site id in shibboleth2.xml needs to match with the site id in IIS.
All good now.
Related
I generated my server stub for ASP.NET Core 3.1 using the openapi generator with the following command:
npx #openapitools/openapi-generator-cli generate -i myapi.json -g aspnetcore -o C:\myapi --additional-properties aspnetCoreVersion=3.1
After opening that project in Visual Studio 2019 and running it I get the swagger page where I can try out the different endpoints. So far OK.
However: after publishing this on our IIS Server and visiting the proper URL that swagger page is loading with the error:
Not found: /swagger/1.0.0/openapi.json
Swagger error on IIS
The endpoint itself (GET request) can be reached.
The Swagger Endpoint code in startup.cs is the default code as it was generated by open-api generator:
app.UseSwagger(c =>
{
c.RouteTemplate = "swagger/{documentName}/openapi.json";
})
.UseSwaggerUI(c =>
{
//TODO: Either use the SwaggerGen generated Swagger contract (generated from C# classes)
c.SwaggerEndpoint("/swagger/1.0.0/openapi.json", "Swagger WP RUH Delivery");
//TODO: Or alternatively use the original Swagger contract that's included in the static files
// c.SwaggerEndpoint("/openapi-original.json", "Swagger WP RUH Delivery Original");
});
Why is this Swagger page working on my machine, but on IIS things go wrong?
I found some hints on changing the c.SwaggerEndpoint in startup.cs, but nothing helped.
Try to remove /swagger/ from the URL path:
c.SwaggerEndpoint("1.0.0/openapi.json", "Swagger WP RUH Delivery")
I am using Swashbuckle 5.3 version in my .NET Web API with Basic Authentication (as per this link). Now when I am trying to update with Swashbuckle 5.6 version, it's throwing error 'Key is not found'.
The issue is at following code snippet. During route mapping, it's not able to find 'swagger_ui' from route collections. I tried with other different route values ( like 'swagger' , '/swagger','swagger/docs' ) but none of them is working
var route = config.Routes["swagger_ui"];
config.Routes.Remove("swagger_ui");
config.Routes.MapHttpRoute("swagger_ui", route.RouteTemplate, route.Defaults, route.Constraints, new AuthMessageHandler(route.Handler));
I replaced 'swagger_ui' with 'swagger_ui_shortcut' and it works :) I did change by referring this [link] (https://github.com/domaindrivendev/Swashbuckle/blob/master/Swashbuckle.Core/Application/HttpConfigurationExtensions.cs)
But I will investigate for proper solution
One can use
aspnet_regiis.exe
in a command line to register the version of with IIS (provided you have cd'd to the correct directory first), this works all well and good
But is there a way to find out which versions are already registered with IIS?
as in, i want to register a version, but im not sure if it already is registered or not. How would i tell?
You can run following checks to verify registered versions:
aspnet_regiis.exe -lv
Registered framework should return line with location of registered aspnet_isapi.dll
appcmd.exe list apppool /managedRuntimeVersion:v4.0
This will list all installed app pools for specified runtime version, so if it will return none - runtime is probably not registered.
appcmd.exe list config -section:system.webServer/isapiFilters
Should return list of registered isapi filters, aspnet_filter.dll being one of them, residing in framework folder, for example "c:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll"
One more possible solution would be to use .net code to scan available application pools and get their runtime versions:
using Microsoft.Web.Administration;
...
public static bool IsAspNetRegistered(string v = "v4.0")
{
using (var mgr = new ServerManager())
{
return mgr.ApplicationPools.Any(pool => pool.ManagedRuntimeVersion == v);
}
}
I'm following the vfp web service walk-trough. But when I test the result in the task pane i receive an error. It was :
Error: 1429 - OLE IDispatch exception code 0 from WSDLOperation: WSDLOperation:Instantiating the dispatch object for method xxxx failed HRESULT=0x80040154: Class not registered.
xxxx is my method.
I've registered the dll and set the authorisation in IIS.
Any suggestion?
sounds like when the VFP module was compiled, the "OlePublic" class instance never was properly put into the Windows Registry. Sometimes VFP will NOT register if you not in an administrative level to allow writing to the registry. If that is the case, make sure you start VFP as "Admin" user before compiling the app.
Also, are you building it as a single or multithreaded DLL instance. In addition, if you right-click / "Project Info" of your project, and click on the "Servers" tab, it should show all your OlePublic classes. What is the "Instancing" setting... single / multi?
Additionally, it could be a "permissions" thing. If the service you are trying to load it as (ie: ASP.NET user account or similar) and that user doesn't have permissions and/or access to the file, then it won't allow the object to be created.
To just TEST if the object is in the registry or not, you could always just start an instance of VFP, and from the command window, try to do a
objTesting = CREATEOBJECT( "YourClass.YourObject" )
if it works that way, then I would look more into the permissions avenue.
FOLLOW-UP
#wongchungyie, I'm not sure of if that was the problem or not, but more likely permissions. One time, when changing development machines, I too had a problem trying to create an instance of my OlePublic COM server class. TO ENSURE what the problem was, I started a simple program in VFP that did nothing BUT
set procedure to YourClassThatHasOlePublic
set step on
o = createObject( "YourOlePublicClass" )
Then, as the "CreateObject" is going through all the initialization, you might find some "path" is not available, or permissions, or whatever... Find and fix that element and I was able to continue work for my client.
Hope this gives you something to work with.
I have created a jar file to load a native library ( using System.loadlibrary() ) and configured this as a shared library within WebSphere ( v6.1 ). The server has to run with Java 2 enabled ( it's the law ... )
When I try to access the library I can see that the correct classes are being loaded from my jar file, but the attempt to load the native library gives me the following Security exception : -
Permission:
loadLibrary.gbif : Access denied (java.lang.RuntimePermission loadLibrary.gbif)
Code:
com.dave.nativelibrary.NativeLibraryLoader in {file:/hosting/apps/D03-dave-dev/lib/NativeLibraryLoader.jar}
Stack Trace:
java.security.AccessControlException: Access denied (java.lang.RuntimePermission loadLibrary.gbif)
at java.security.AccessController.checkPermission(AccessController.java:104)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:547)
at com.ibm.ws.security.core.SecurityManager.checkPermission(SecurityManager.java:189)
at java.lang.SecurityManager.checkLink(SecurityManager.java:833)
at java.lang.ClassLoader.loadLibraryWithClassLoader(ClassLoader.java:917)
at java.lang.System.loadLibrary(System.java:453)
at com.dave.nativelibrary.NativeLibraryLoader.(NativeLibraryLoader.java:21)
--- snip ---
I'm not really sure what I'm doing - so I had a couple of attempts to put the following in to my was.policy file
permission java.lang.RuntimePermission "loadLibrary.gbif";
I tried this in both the application and jars section, but it had no beneficial effect.
Can anyone shed any light on what I need to do here?
Thanks
Dave
Instead of wrapping your native libs inside of a jar lib. Have you tried defining your native code as a shared native lib inside of websphere?