Web-application is running on my local PC (which is not in any domain) under IIS, and its web.config file contains the following:
<system.web>
<identity impersonate="true" userName="DOMAIN01\user01" password="password" />
...
</system.web>
DOMAIN01\user01 is my account in domain DOMAIN01.
I can open shared folders on computers in the domain DOMAIN01
But when I'm running the application I get this error:
Server Error in '/app' Application.
Description: An error occurred
during the processing of a configuration file required to service this
request. Please review the specific error details below and modify
your configuration file appropriately.
Parser Error Message: Could not
create Windows user token from the credentials specified in the config
file. Error from the operating system 'The user name or password is
incorrect.'
If I change userName and password in web.config to the local user there is no error. So application can't login as DOMAIN01\user01
Does anyone know how to fix this problem?
Related
Not sure if this is the right place to ask but... We have an older application that is set up to use SSO, currently Azure ADFS. I want to use login.microsoft.com url instead of our organizational url that has been used in the past.
I replaced the currently working links in web.config with the endpoints from Azure
<appSettings>
<add key="FederationMetadataLocation" value="https://login.microsoftonline.com/dfmi.onmicrosoft.com/FederationMetadata/2007-06/FederationMetadata.xml" />
</appSettings>
and
<federatedAuthentication>
<wsFederation passiveRedirectEnabled="true" issuer="https://login.microsoftonline.com/0845a734g7-6d23-7c96-9f4x-3427v39n4sd5/wsfed/" realm="https://customdfmi.dfmi.net/" requireHttps="true" />
<cookieHandler requireSsl="false" />
</federatedAuthentication>
I get to the sign-in page. When I put in the credentials it shows "AADSTS700016: Application with identifier 'https://customdfmi.dfmi.net/' was not found in the directory".
It is set up in Azure. Redirect URI is the exact copy of what's in web.config. What am I putting wrong in web.config? Do I need to put the Application ID somewhere in it? Any pointers would be great. Thanks!
Did you received this message?
AADSTS700016
UnauthorizedClient_DoesNotMatchRequest - The application wasn't found in the directory/tenant.
This can happen if the application has not been installed by the administrator of the tenant or consented to by any user in the tenant. You might have misconfigured the identifier value for the application or sent your authentication request to the wrong tenant.
I am working on setting up an active directory integration for one of my clients. This is an Umbraco site, and I have the membership provider set up in my web config. When I run the site locally, everything works correctly. But when I deploy to an azure web app, I get a server error that says "Access is Denied".
I've tried googling and have tried the suggested fixes, but nothing changes the error that I'm getting.
<add name="ActiveDirectory" connectionString="LDAP://xx.xx.xx.xx:389/CN=Users,DC=domain,DC=com" />
<add name="ActiveDirectoryRoleProvider" type="RB.ActiveDirectoryProviders.ActiveDirectoryRoleProvider, RB.ActiveDirectoryProviders" connectionStringName="ActiveDirectory" connectionUsername="domain\username" connectionPassword="password" groupsToUse="groups" />
In your membership provider make sure the connectionUsername includes domain\username and just not the username
I am developing a WebForms project in VS 2017 and I would like to add Forms Authentication so that anonymous users cannot access a specific page (called Resources). So far, my Login page is logging in users as it should, authenticated users have access to Resources, and all users can browse my non-protected pages.
Here's my problem: Whenever an anonymous user attempts to access Resources, a server error occurs instead of being redirected to the Login page. In IIS Express the error message is "HTTP Error 401.0 - Unauthorized. You do not have permission to view this directory or page". In Local IIS it says "Error message 401.2: Unauthorized: Logon failed due to server configuration. Verify that you have permission to view this directory or page based on the credentials you supplied and the authentication methods enabled on the Web server.
I believe the browser and server are trying to authenticate using different methods, but I can't figure out how to fix this.
In IIS manager, I've enabled both forms and anonymous authentication and disabled the other methods for my website. For anonymous auth, I've tried setting the user to IUSR as well as Application pool identity while running on DefaultAppPool with full security permissions - neither worked. And for Forms auth, the parameters match my web.config file, aka same name and login url (not sure if that matters).
Here is the authentication and authorization code in my web.config:
<authentication mode="Forms">
<forms name=".ASPXAUTH" defaultUrl="Index.aspx" loginUrl="Login.aspx" />
</authentication>
</system.web>
<location path="Resources.aspx">
<system.web>
<authorization>
<deny users="?" />
<allow users="*" />
</authorization>
</system.web>
</location>
Am I missing something obvious? Are there other settings I should check out? Any help is immensely appreciated!
To optimize the images and automatically generate CSSprites use a microsoft package called Sprite Optimization and Image Preview 4
Error
Locally everything works perfectly, but to publish my site the following error occurs:
Access to the path 'D:\Hosting\8399780\html\dev\App_Sprites\blank.gif' is denied.
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.
Exception Details: System.UnauthorizedAccessException: Access to the path 'D:\Hosting\8399780\html\dev\App_Sprites\blank.gif' is denied.
ASP.NET is not authorized to access the requested resource. Consider granting access rights to the resource to the ASP.NET request identity. ASP.NET has a base process identity (typically {MACHINE}\ASPNET on IIS 5 or Network Service on IIS 6 and IIS 7, and the configured application pool identity on IIS 7.5) that is used if the application is not impersonating. If the application is impersonating via <identity impersonate="true"/>, the identity will be the anonymous user (typically IUSR_MACHINENAME) or the authenticated request user.
To grant ASP.NET access to a file, right-click the file in Explorer, choose "Properties" and select the Security tab. Click "Add" to add the appropriate user or group. Highlight the ASP.NET account, and check the boxes for the desired access.
Attempt
In an attempt to resolve the problem within 'App_Sprites' folder, added the following web.config:
<?xml version="1.0"?>
<configuration>
<system.web>
<authorization>
<allow users="*" />
</authorization>
</system.web>
<system.webServer>
<security>
<authorization>
<add accessType="Allow" users="*" />
</authorization>
</security>
</system.webServer>
</configuration>
'blank.gif' image is not used anywhere in my application!
Inside the App_Sprites folder there are a only one subfolder called hire;
I believe that this framework is trying to write a blank.gif file to that directory. You need to give the account under which the IIS app pool runs write access to that folder in windows.
I'm still new with facebook C# sdk (ASP.net) I'm using Facebook C# SDK v5 sample "CSASPNETFacebookApp" everything well when in the development machine, but when I upload it on my Godaddy Shared Hosting I got a secuirity exception:
Description: The application attempted to perform an operation not allowed by the security policy. To grant this application the required permission please contact your system administrator or change the application's trust level in the configuration file.
Exception Details: System.Security.SecurityException: Request for the permission of type 'System.Configuration.ConfigurationPermission, System.Configuration, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a' failed.
Please advise me on how I can fix this? Or its better to change a hosting server?
I had this issue and fixed it by adding a "trust level" setting of Full to the system.web section of the web.config file:
<system.web>
<trust level="Full" />
Check out this MSDN article for details and implications of setting this.
Hope this helps.
<section name="facebookSettings" type="Facebook.FacebookConfigurationSection" requirePermission="false" />