I have installed Shibboleth on Windows 2016 with IIS 10.0 and am working through configuring it as a Service Provider. I am trying to view this URL on my local server:
https://localhost/Shibboleth.sso/Status
...but I just get an HTTP Error 404.0 - Not Found. There is nothing in the Shibboleth Event Viewer for this error.
I do not see anything in ISAPI Filters or Handler Mappings related to Shibboleth, which is what I would assume the server needs in order to properly handle a file with extension SSO. Should there be something there? Nothing was added there as part of the installation process, nor did I see any documentation stating that I was supposed to.
Or is the problem somewhere else?
Related
After attempting to configure IIS as a replacement for IIS Express, both stopped working and delivered the above error on deploying the .NET Core project in VS2019. According to IIS anonymous authentication is enabled, I also entered explicit user name and password as well as giving my user all rights to work with the project's directory. I restarted the IIS several times and re-created the pools and Pages, as well as repairing VS2019 in hope to get the IIS Express running again at least.
I have no idea what else I could do.
EDIT: I am using IIS10
Module
IIS Web Core
Notification
AuthenticateRequest
Handler
aspNetCore
Error Code
0x80070005
Requested URL
http://localhost:12345/
Physical Path
C:\inetpub\...
Logon Method
Noch unbestimmt
Logon User
Noch unbestimmt
You can try the following steps to solve your problem:
Right click on the project, go to properties.
Select the web, and then you will find a service setting
Change the project URL for other port, like http://localhost:44338/.
I was able to figure it out myself by now:
For some reason during setting up the IIS and IIS profile (accidentally or by some quirk of VS), the anynomous authentification setting was set to false. Which also affected the IIS Express to not work properly anymore. Simply enabled anonymous authentication resolved the issue for both.
Project Properties -> Debug -> IIS profile -> anonymous authentification: ✓
I've got 6 identical machines running IIS and Apache. Today one of them decided to just stop serving requests. I can access all of the webapps when I try from localhost/resource but when I try from url/resource I get a 404. I did a Get request against the machine that isn't working and I get this back:
Server: Microsoft-HTTPAPI/2.0
Connection: close
Compared to a working server:
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Content-Type: text/html
Tried searching for this problem but came up with nothing, anyone got any idea's?
Windows has an HTTP service that manages calls to IIS and other HTTP enabled services on a windows machine. Either you need to configure it to handle your calls, or, in the case of WAMP or similar non-IIS-web-server-on-windows scenarios you may just need to turn it off.
When you see "Microsoft-HttpApi/2.0" returning error, such as 400 "bad URL" or "bad header", etc. the problem is most likely because the HTTP.sys service is intercepting your http request and terminating it because it does not meet with the minimum validation rules that are configured.
This configuration is found in the registry at HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\HTTP\Parameters. In my case, it was choking because I had a RESTful call that had a 400 character segment in the url which was 160 characters more than the default value of 260, so I
added the registry parameter UrlSegmentMaxLength with a DWORD value of 512,
stopped the service using net stop http
started the service using net start http
I've run into these issues before and it is easy to troubleshoot but there is very little on the web that addresses it.
Try these links
"the underlying problem is that the client has sent a request to IIS that breaks one or more rules that HTTP.sys is enforcing"
enabling logging on HTTP.sys is described here
a list of the HTTP.sys parameters that you can control in the registry is found here.
A bit late, so put here for posterity ;-)
After trying all sorts of solutions found on the web, I almost gave up, but found this little nugget.
If the response's Server header returns Microsoft-HttpApi/2.0, it means that the HTTP.sys is being called, not IIS.
As a result, a lot of the workarounds will not work (URLScan, etc).
This worked however:
Open regedit
Navigate HKLM\SYSTEM\CurrentControlSet\Services\HTTP\Parameters\
If DisableServerHeader doesn't exist, create it (DWORD 32bit) and give it a value of 2. If it does exist, and the value isn't 2, set it to 2.
Finally, restart the service by calling net stop http then net start http
src: WS/WCF: Remove Server Header
Set below registry flag to: 2
HKLM\SYSTEM\CurrentControlSet\Services\HTTP\Parameters\DisableServerHeader
Setting this to 2 will ensure that self host WCF services no longer sends the SERVER header and thus ensure we are security compliant.
Please note that this disables ALL server headers.
The default value of 0 enables the header, and the value of 1 disables server header from DRIVER (http.sys), but app can still have headers.
For me I had to restart the server for the changes to take effect.
Hope this helps someone
I was working on our web app on a client's site and ran into an issue where the site root pages loaded, but the reports folder always returned a 404 for files that existed in the folder. The 404 page showed the .Net version of 2 when the application was set to 4, and a test of a non-existent page in the root returned a 404 page showing .Net 4.
I tried just http://localhost/reports and got back a Microsoft Reporting Services page. Not part of my application.
Be sure to check just the default document of the folder when a unexpected 404 comes up and the file exists.
This question and series of replies helped me get to the bottom of the related issue I was having. My issue centered around using just a subdomain to go to our server (e.g. typing "www/somepath" into the browser while on our corporate network), which had worked in the past on an older server, but no longer worked when the system was upgraded to a new server. I saw the unexpected Microsoft-HttpApi/2.0 string in the header when using the Chrome Devtools to inspect the Network traffic.
My HTTP.sys process was already logging, so I could verify that my traffic was going to that service and returning 404 NotFound status codes.
My resolution was to add a binding to the IIS site for the subdomain, making IIS respond instead of the HTTP.sys process, as described in this server fault article - https://serverfault.com/questions/479274/why-is-microsoft-httpapi-returning-404-to-my-network-switch
In my case, running Windows 10 Pro, it was the Windows MultiPoint Service.
By executing:
net stop wms
Port 80 was released.
My setup:
Windows Server 2012
IIS 8.5
SharePoint 2013
The SharePoint site is configured to requeire client certificate. If the user has no valid certificate or the password was wrong IIS returns error code 403 in response header. I would like IIS to return a custom error page instead where I could guide the user how to fix the issue.
There are just to many options where I can configure error pages. Which is the right one?
In IIS I have three possible sites to configure.
Default Web Site
My web application
My web aplication port 443
Custom errors in web.config
Error Pages in IIS
.Net Error Pages in IIS
I have tried some of these options but with no success. Can anybody help me?
Just edit the web.config file in your Visual Studio solution, modify the customErrors section and then check the file into Github to trigger a new deployment.
If you don't use VS, then find your web.config file. Worst case scenario you can edit it directly.
Error Summary
HTTP Error 404.0 - Not Found
The resource you are looking for has been removed, had its name changed, or is temporarily unavailable.
Detailed Error Information
Module IIS Web Core
Notification MapRequestHandler
Handler ASPClassic
Error Code 0x80070002
What could be the possible cause for this error? I've been cracking what could be wrong. I have set up my websites and IIS7.
When you try to access content on a server that is running Internet Information Services (IIS) 7.0, 7.5, or 8.0 by using the HTTP protocol, IIS returns a numeric code that indicates the status of the response. The HTTP status code is recorded in the IIS log. Additionally, the HTTP status code may be displayed in the client browser.
4xx - Client error :
These HTTP status codes indicate that an error occurred and that the client browser appears to be at fault. For example, the client browser may have requested a page that does not exist. Or, the client browser may not have provided valid authentication information.
The classic version of ASP is not installed by default. Because of this, you might see HTTP 404 errors when you try to browse to an ASP page on your server, or you might see the source code for your ASP page displayed in your browser window.
Both of these error conditions are created when configuration settings
that are used to define the environment for classic ASP are not
installed.
Steps to install are listed here
Edit 1 :
Check the application pool and applications associated.
Could you be restricted because of your request size limit?
You'll get a 404.0 if your request size goes beyond the limit you've set in the web.config
<security>
<requestFiltering>
<requestLimits maxAllowedContentLength="4000000000" />
</requestFiltering>
</security>
I have recently install Server 2008 R2 on a new server and want to use the FTP capabilities that are now shipped with IIS 7.5.
Since my users are not windows users, I was using IISAuthManager but this prodiver does not offers home directory on a user basis.
I found this sample http://learn.iis.net/page.aspx/669/how-to-use-managed-code-c-to-create-an-ftp-authentication-provider-using-an-xml-database/ to get going with a simple xml based user config. But i can't make it work. It's always gving me
Response: 530-User cannot log in.
Response: Win32 error: The system cannot find the file specified.
Response: Error details: An error occured during the authentication process.
I used procmon to get if the xml config file was read with no luck. I don't even think my assembly is being used.
Anybody ever had the same issue ? Basicly, any tips would be apreciated.
The IIS FTP custom providers are a nightmare to debug. In this case sounds like a config error, check that you followed the set up instructions (or manually checking applicationHost.config). Or post your code (inc config) if you still need help.
Barry
IIS Manager > Your site > FTP Authentication
Probably, you have all Basic and Anonymous Authentication disabled.
One of them should be enabled.