elmah.mvc should work with mvc5 smoothly?
To rule out any other problem, I created a new Web mvc project (with VS2015).
I added with nuget the Elmah.mvc package, and the configuration looks like this:
<add key="elmah.mvc.disableHandler" value="false" />
<add key="elmah.mvc.disableHandleErrorFilter" value="false" />
<add key="elmah.mvc.requiresAuthentication" value="true" />
<add key="elmah.mvc.IgnoreDefaultRoute" value="false" />
<add key="elmah.mvc.allowedRoles" value="super" />
<add key="elmah.mvc.allowedUsers" value="*" />
<add key="elmah.mvc.route" value="elmah" />
<add key="elmah.mvc.UserAuthCaseSensitive" value="true" />
From what I gathered documentation, that all that is needed to enable the user which have the super role, to access elmah page remotaly.
But when i publish to server, and i try access http://mysite/elmah page, if i not logged so I redicated to login page.
but after login as a user with the role requried, i get:
403 - Forbidden: Access is denied.
<elmah>
<security allowRemoteAccess="1"/>
</elmah>
It solved the problem (i.e: the elmha page accessible for user with the specified role). But that's not mentioned in the elmah.mvc documentation.
Related
Our Azure Web App's applicationhost.config contains the desired server variables in <allowedServerVariables>, but we're still seeing the error message:
The server variable "HTTP_X_UNPROXIED_URL" is not allowed to be
set. Add the server variable name to the allowed server variable list.
(Viewed via Kudu) Assumed relevant section from D:\local\Config\applicationhost.config on the Azure Web App:
<rewrite>
<allowedServerVariables>
<add name="HTTP_X_UNPROXIED_URL" />
<add name="HTTP_X_ORIGINAL_ACCEPT_ENCODING" />
<add name="HTTP_X_ORIGINAL_HOST" />
<add name="HTTP_ACCEPT_ENCODING" />
</allowedServerVariables>
<globalRules />
<outboundRules />
<providers />
<rewriteMaps />
<rules />
</rewrite>
HTTP_X_UNPROXIED_URL is there in the section "allowedServerVariables". Is the error message referring to some other location that also has to be edited?
We have a running website which makes XHR to another Domains php-service. Currently we are moving this service to a new server. While we did allow CORS and used quite the same settings the request works on the old Server but does not on the new one.
Talking about "quite the same" cause obviously something is wrong, but we couldn't find a difference. IpSecurity allows all Ips, Auth. accepts anomymous, etc.
Old Server: Windows Server 2012; IIS 6.2
New Server: Windows Server 2008R2; IIS 6.1
Web.config:
<configuration>
<system.webServer>
<defaultDocument enabled="true">
<files>
<clear />
<add value="index.aspx" />
<add value="index.asp" />
<add value="index.htm" />
<add value="index.html" />
<add value="home.aspx" />
<add value="home.asp" />
<add value="home.htm" />
<add value="home.html" />
<add value="default.aspx" />
<add value="default.asp" />
<add value="default.htm" />
<add value="default.html" />
</files>
</defaultDocument>
<httpProtocol>
<customHeaders>
<add name="Access-Control-Allow-Credentials" value="true" />
<add name="Access-Control-Allow-Headers" value="origin, content-type, accept" />
<add name="Access-Control-Allow-Methods" value="GET, POST, OPTIONS" />
<add name="Access-Control-Allow-Origin" value="*" />
</customHeaders>
</httpProtocol>
<urlCompression doDynamicCompression="true" />
</system.webServer>
</configuration>
Error: SCRIPT7002: XMLHttpRequest: Networkerror 0x80070005, Access denied.
Has anyone an idea why Edge won't get access to the new server?
Thanks for any ideas.
EDIT: To further clarify: It does work on Chrome, Firefox and IE 11
I have an ASP MVC app that I'm deploying to intranet servers via TeamCity, and I need some appSettings to be parametrized on deploy, so that client secrets stay hidden from developers etc.
I have the Parameters.xml file in the root of my project, the SetParameters.xml that is built with the package correctly contains all these parameters and their default values. However changing these values (even passing them to MSDeploy with -setParam) doesn't result in any changes in deployed web.config.
When I change the values in the SetParameters.xml file (which is passed to MSDeploy correctly afaik), the settings in the deployed web.config don't change and while there are "Verbose: Parameter entry 'IIS Web Application Name/1' is applicable" entries in log (IIS Web Application Name being another, standard, parameter), there's no mention of my appSettings parameters.
Also When I import the application with IIS Manager, it asks me for the values for these parameters, but I don't see them mentioned in verbose logs either, and the web.config doesn't get updated at all unless there really were some changes, and in that case the parameters aren't replaced.
My parameters.xml look like this:
<?xml version="1.0" encoding="utf-8" ?>
<parameters>
<parameter name="PiwikToken" defaultValue="__PIWIKTOKEN__">
<parameterEntry type="XMLFile" scope="\\web\.config$" match="/configuration/appSettings/add[#key='PiwikToken']/#value"/>
</parameter>
<parameter name="LoginClientSecret" defaultValue="__LOGINSECRET__">
<parameterEntry type="XMLFile" scope="\\web\.config$" match="/configuration/appSettings/add[#key='LoginClientSecret']/#value"/>
</parameter>
<parameter name="SecondClientSecret" defaultValue="__SECONDSECRET__">
<parameterEntry type="XMLFile" scope="\\web\.config$" match="/configuration/appSettings/add[#key='SecondClientSecret']/#value"/>
</parameter>
</parameters>
I've tried other scope variations ("web.config$", "web.config", "\\web.config$", "\\web\.config$", "Portal\web.config$"...) and it didn't change a thing.
The XPath expressions tested against my web.config work OK.
web.config:
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<appSettings>
<add key="webpages:Version" value="3.0.0.0" />
<add key="webpages:Enabled" value="false" />
<add key="ClientValidationEnabled" value="true" />
<add key="UnobtrusiveJavaScriptEnabled" value="true" />
<add key="LoginClientId" value="portalLocal" />
<add key="RedirectAfterAuthUrl" value="https://localhost:44321/" />
<add key="PiwikSiteId" value="12" />
<add key="PiwikToken" value="__PIWIKTOKEN__" />
<add key="LoginClientSecret" value="__LOGINSECRET__" />
<add key="SecondClientSecret" value="__SECONDSECRET__" />
</appSettings>
<connectionStrings>
<add name="appDB" connectionString="..." />
</connectionStrings>
...
Other things I've checked:
Parametrization in MSDeploy is switched on
The file "parameters.xml", which is generated inside the .zip package, contains
<parameters>
<parameter name="IIS Web Application Name" defaultValue="Portal" tags="IisApp">
<parameterEntry kind="ProviderPath" scope="IisApp" match="^D:\\BuildAgent\\work\\fec2f9c37ed1ec8e\\Portal\\obj\\DEV\\Package\\PackageTmp$" />
<parameterEntry kind="ProviderPath" scope="setAcl" match="^D:\\BuildAgent\\work\\fec2f9c37ed1ec8e\\Portal\\obj\\DEV\\Package\\PackageTmp$" />
</parameter>
<parameter name="Add write permission to App_Data Folder" description="Add write permission to App_Data folder" defaultValue="{IIS Web Application Name}/App_Data" tags="Hidden">
<parameterEntry kind="ProviderPath" scope="setAcl" match="^D:\\BuildAgent\\work\\fec2f9c37ed1ec8e\\Portal\\obj\\DEV\\Package\\PackageTmp\\App_Data$" />
</parameter>
<parameter name="PiwikToken" defaultValue="__PIWIKTOKEN__" />
<parameter name="LoginClientSecret" defaultValue="__LOGINSECRET__" />
<parameter name="SecondClientSecret" defaultValue="__SECONDSECRET__" />
</parameters>
According to various sources across the net, the common cause for this would be that the scope is wrong or that the match regexp is wrong, but I've tried all kinds of variants without success.
If anyone has any ideas about what to try, or what could be the cause, I'll be glad to explore further or try it out, but right now I've spent a few days on this and cannot think of what else to try. Thanks!
EDIT: Now I've created a fresh WebAPI project with MVC, added just parameters.xml, added those parameters to web.config, and the web.config still doesn't get parametrized on deploy. So is it some IIS setting somewhere?
EDIT2: After experimenting I found out that the generated parameters.xml inside the zip package really should containt "match" and "scope" attributes and they don't - since when I rewrite the xml so that it contains parameterEntry with proper match and scope, and repackage it into the zip, it starts working.
EDIT3: And the problem seems to be having attribute named "type", when it should've been named "kind". Now I only wonder, where did I first get that example I used...
The problem was I had an attribute named "type" in my parameters.xml, when it should've been named "kind".
Found out thanks to https://forums.iis.net/t/1177518.aspx
I'm working on an IIS 7.5 server and enabled the failed request tracing feature however when I attempt to setup the rules I only have an option to select ASPNET as a provider rather than the normal four providers (ASP, ASPNET, ISAPI Extension, WWW Server).
Does anyone know how to get the other providers to display?
FRT - Provider - image
For some reason it seems your traceProviderDefinitions got cleared or something. to fix that you can:
Make a backup of c:\Windows\System32\Inetsrv\Config\ApplicationHost.config just in case anything goes wrong with your XML editing.
Open c:\Windows\System32\Inetsrv\Config\ApplicationHost.config in notepad.
Look for: , in my machine I have the following:
<traceProviderDefinitions>
<add name="WWW Server" guid="{3a2a4e84-4c21-4981-ae10-3fda0d9b0f83}">
<areas>
<clear />
<add name="Authentication" value="2" />
<add name="Security" value="4" />
<add name="Filter" value="8" />
<add name="StaticFile" value="16" />
<add name="CGI" value="32" />
<add name="Compression" value="64" />
<add name="Cache" value="128" />
<add name="RequestNotifications" value="256" />
<add name="Module" value="512" />
<add name="Rewrite" value="1024" />
<add name="FastCGI" value="4096" />
<add name="WebSocket" value="16384" />
</areas>
</add>
<add name="ASP" guid="{06b94d9a-b15e-456e-a4ef-37c984a2cb4b}">
<areas>
<clear />
</areas>
</add>
<add name="ISAPI Extension" guid="{a1c2040e-8840-4c31-ba11-9871031a19ea}">
<areas>
<clear />
</areas>
</add>
<add name="ASPNET" guid="{AFF081FE-0247-4275-9C4E-021F3DC1DA35}">
<areas>
<add name="Infrastructure" value="1" />
<add name="Module" value="2" />
<add name="Page" value="4" />
<add name="AppServices" value="8" />
</areas>
</add>
</traceProviderDefinitions>
I am trying to log in to Azure Active Directory from my web page in cloud services. The log in screen comes up and I am able to log in OK. However when it sends me to my homepage it says "page cannot be displayed". In the Azure Active Directory configuration I added SSL localhost to the APP URI and Reply URL and configured the properties in VS2013 to show SSL = True and set the project URL to the localhost. I was able to access the page before I added the log in screen.
Relevant web.config settings:
<appSettings>
<add key="webpages:Version" value="3.0.0.0" />
<add key="webpages:Enabled" value="false" />
<add key="ClientValidationEnabled" value="true" />
<add key="UnobtrusiveJavaScriptEnabled" value="true" />
<add key="ida:FederationMetadataLocation" value="login.windows.net/conpro.com/FederationMetadata/2007-06/…; />
<add key="ida:Realm" value="localhost:44307/"; />
<add key="ida:AudienceUri" value="localhost:44307/"; />
</appSettings>
Your web.config URI values need to include https://. I'd suggest taking a look at this sample app as well.