Asp.Net core MVC application Windows Authentication in IIS - iis

My Asp.Net Core mvc web application requires Windows Authentication. In developpement, on IIS Express, everything works fine thanks to this setting
launchSettings.json
"iisSettings": {
"windowsAuthentication": true,
"anonymousAuthentication": false,
"iisExpress": {
"applicationUrl": "http://localhost:61545/",
"sslPort": 0
}
}
When deploying to IIS, I get a blank page. The Request to my site get a 500 error code.
I tried to add this configuration to Startup.cs, as explained here , without success.
services.Configure<IISOptions>(options => {
options.ForwardWindowsAuthentication = true;
});
When I look into the authentication parameters directly in IIS, Windows Authentication is activated.
I found some post talking about a package called Microsoft.AspNetCore.Server.WebListener, others about implementing a custom Middleware. I can't imagine this basic feature needs that much effort to work. Am I missing something ?

launchSettings.json file is only used by VS. When you publish your app (or run without VS) launchSettings.json is not being used. When you run with IIS/IISExpress you just need to make sure that your web.config has correct settings. In your case the forwardWindowsAuthToken attribute in the web.config is missing or is set to false. It must be set to true for Windows Authentication to work. A sample web.config before publishing would look like this:
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<system.webServer>
<handlers>
<add name="aspNetCore" path="*" verb="*" modules="AspNetCoreModule" resourceType="Unspecified"/>
</handlers>
<aspNetCore processPath="%LAUNCHER_PATH%" arguments="%LAUNCHER_ARGS%" stdoutLogEnabled="false" stdoutLogFile=".\logs\stdout" forwardWindowsAuthToken="true"/>
</system.webServer>
</configuration>

For me I had to add the line
services.AddAuthentication(IISDefaults.AuthenticationScheme);
in the method ConfigureServices in Startup.cs
My app allows both Windows and Anonymous users.
https://learn.microsoft.com/en-us/aspnet/core/migration/1x-to-2x/identity-2x#windows-authentication-httpsys--iisintegration

You need check web.config in your project dir. This settings was help me.
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<system.webServer>
<handlers>
<add name="aspNetCore" path="*" verb="*" modules="AspNetCoreModule" resourceType="Unspecified"/>
</handlers>
<aspNetCore processPath="%LAUNCHER_PATH%" arguments="%LAUNCHER_ARGS%" stdoutLogEnabled="false" stdoutLogFile=".\logs\stdout" forwardWindowsAuthToken="true"/>
<security>
<authentication>
<anonymousAuthentication enabled="false" />
<windowsAuthentication enabled="true" />
</authentication>
</security>
</system.webServer>
</configuration>

Related

blazor server app 404 on publish at / on IIS

I have a blazor app that is running fine on localhost.
Here's the steps I have taken to put my project live.
Setup new Windows Server on AWS.
Enabled IIS.
Installed ASP.NET Core Runtime Hosting Bundle.
Installed the URL Rewrite module.
Setup a SSL cert and DNS settings to point to IP.
Configured bindings to port 443 and picked the cert added path wwwroot/projectname
published my project using web deploy.
However, when navigating to my url I'm seeing 404 resource not found.
Only thing that is different is that the server added a web config to get it to run in IIS which looks like this.
<configuration>
<location path="." inheritInChildApplications="false">
<system.webServer>
<handlers>
<add name="aspNetCore" path="*" verb="*" modules="AspNetCoreModule" resourceType="Unspecified" />
</handlers>
<aspNetCore processPath="dotnet" arguments=".\App.dll" stdoutLogEnabled="false" stdoutLogFile=".\logs\stdout" hostingModel="inprocess" />
</system.webServer>
</location>
</configuration>
<!--ProjectGuid: 8b081fc5-0f9d-4426-b9cf-90f4d30b5527-->
Anyone point me in the right direction as to what I should be looking out for or steps I may have missed as this is the first time I've attempted publishing a Blazor-Server application.
On my IIS, I have "AspNetCoreModuleV2" not "AspNetCoreModule" like this:
<configuration>
<location path="." inheritInChildApplications="false">
<system.webServer>
<handlers>
<add name="aspNetCore" path="*" verb="*" modules="AspNetCoreModuleV2" resourceType="Unspecified" />
</handlers>
<aspNetCore processPath="dotnet" arguments=".\App.dll" stdoutLogEnabled="false" stdoutLogFile=".\logs\stdout" hostingModel="inprocess" />
</system.webServer>
</location>
</configuration>
<!--ProjectGuid: 8b081fc5-0f9d-4426-b9cf-90f4d30b5527-->
See: Hosting A Blazor Visual Studio Project Directly In IIS

How can I resolve 500.19 on all my application?

I create .Net Core web application, I have to download .NET Core Runtime & Hosting Bundle but when I do that all my application get this error.
Even if I uninstall it, I still have the error.
When I try to run it in the command prompt with dotnet command it works but it doesn't work on IIS 10.
UPDATE :
web.config
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<system.webServer>
<handlers>
<add name="aspNetCore" path="*" verb="*" modules="AspNetCoreModule" resourceType="Unspecified" />
</handlers>
<aspNetCore processPath="dotnet" arguments=".\ProjectName.dll" stdoutLogEnabled="false" stdoutLogFile=".\logs\stdout" />
</system.webServer>
</configuration>

Azure multiple sites in virtual directories

I have 3 asp.net core sites I need to deploy on the same domain (subdomains will not work with my SSL certificate).
https://my-site.com (Single page app)
https://my-site.com/api (Web api)
https://my-site.com/identity (Identity server)
When I deploy the api and identity projects, they work fine. However, when deploying the single page app, api and identity stop working.
The page cannot be displayed because an internal server error has occurred.
The error appears instantly so it's probably failing early on from startup I guess.
The single page app is working ok.
It seems the spa is interfering, I tried solutions from here to ignore the routes, but I get the same error.
I have tried the solution here to get a more descriptive error but to no avail.
Not sure where to go from here
The cause of the problem is that both the root application and the child app add the aspNetCore handler, causing the config system to blow up. You can see this by turning on Detailed error messages in the Azure Portal, and then finding the error page under D:\home\LogFiles\DetailedErrors. You'll see this error:
Cannot add duplicate collection entry of type 'add' with unique key attribute 'name' set to 'aspNetCore'
There are two approaches to solving this.
The first is to use a location tag to prevent inheritance. Specifically, change your root app's web.config from something like this:
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<system.webServer>
<handlers>
<add name="aspNetCore" path="*" verb="*" modules="AspNetCoreModule" resourceType="Unspecified" />
</handlers>
<aspNetCore processPath="dotnet" arguments=".\myapp.dll" stdoutLogEnabled="false" stdoutLogFile="\\?\%home%\LogFiles\stdout" />
</system.webServer>
</configuration>
to something like this:
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<location path="." inheritInChildApplications="false">
<system.webServer>
<handlers>
<add name="aspNetCore" path="*" verb="*" modules="AspNetCoreModule" resourceType="Unspecified" />
</handlers>
<aspNetCore processPath="dotnet" arguments=".\myapp.dll" stdoutLogEnabled="false" stdoutLogFile="\\?\%home%\LogFiles\stdout" />
</system.webServer>
</location>
</configuration>
The second approach is to remove the <handlers> section from the sub-application to avoid the duplication (as suggested in the doc under Configuration of sub-applications):
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<system.webServer>
<aspNetCore processPath="dotnet" arguments=".\mySubApp.dll" stdoutLogEnabled="false" stdoutLogFile="\\?\%home%\LogFiles\stdout" />
</system.webServer>
</configuration>

Run go web application on IIS

Is there a way to run Go web application on IIS?
I found a setting for azure but its not working on my dev machine
this is a web config for azure :
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<handlers>
<add name="httpplatformhandler" path="*" verb="*" modules="httpPlatformHandler" resourceType="Unspecified" />
</handlers>
<httpPlatform processPath="d:\home\site\wwwroot\go\bin\go.exe"
arguments="run d:\home\site\wwwroot\server.go"
startupTimeLimit="60">
<environmentVariables>
<environmentVariable name="GOROOT" value="d:\home\site\wwwroot\go" />
</environmentVariables>
</httpPlatform>
</system.webServer>
</configuration>
Your local IIS does not work simply because you need to install a separate component, called HttpPlatformHandler module,
https://azure.microsoft.com/en-us/blog/announcing-the-release-of-the-httpplatformhandler-module-for-iis-8/
http://www.iis.net/downloads/microsoft/httpplatformhandler
Reverse proxy or FastCGI were the older approaches which are no longer necessary with this new approach.
HttpPlatformHandler module doesn't work for me. I found this post by Sutean Rutjanalard on Medium very helpful, which use ASP.NET Core Module instead.
Basically, you need to create Application pool with "No Managed Code" as you do with a .net core app. And the following is the web.config.
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<system.webServer>
<handlers>
<add name="aspNetCore" path="*" verb="*" modules="AspNetCoreModule" resourceType="Unspecified" />
</handlers>
<aspNetCore processPath=".\YourGoApp.exe" />
</system.webServer>
</configuration>

ServiceStack REST service custom path error

I am having trouble configuring my ServiceStack REST service to work on my production IIS 7.5 box. It works fine running localhost, and it also works fine if I deploy in the root of "Default Web Site" - /EmployeeSvc. I have a virtual directory structure under Default Web Site for organizational purposes (note custom path in web.config). I can browse successfully to the default.htm at this location, but when I try to execute the built-in /hello example I receive:
Server Error 404 - File or directory not found.
The resource you are looking for might have been removed, had its name changed, or is temporarily unavailable.
Like I said, the built-in /hello example works perfectly from localhost and from a root iis folder under default web site, but not from within a directory structure. What am I doing wrong with the location-path?
Thanks in advance! Here is web.config:
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<location path="Employees-NoAuth/WebServices/EmployeeSvc">
<system.web>
<httpHandlers>
<add path="*" type="ServiceStack.WebHost.Endpoints.ServiceStackHttpHandlerFactory, ServiceStack" verb="*" />
</httpHandlers>
</system.web>
<!-- Required for IIS 7.0 -->
<system.webServer>
<modules runAllManagedModulesForAllRequests="true"/>
<validation validateIntegratedModeConfiguration="false" />
<handlers>
<add path="*" name="ServiceStack.Factory" type="ServiceStack.WebHost.Endpoints.ServiceStackHttpHandlerFactory, ServiceStack" preCondition="integratedMode" resourceType="Unspecified" allowPathInfo="true" verb="*" />
</handlers>
</system.webServer>
</location>
<system.web>
<customErrors mode="RemoteOnly"/>
<compilation debug="true" targetFramework="4.0" />
</system.web>
</configuration>
I'd try the following:
1. Remove location node from web.config. Move SS configuration out of it.
2. Register base URL path in your class derived from AppHostBase:
public override void Configure(Container container)
{
this.SetConfig(new EndpointHostConfig { ServiceStackHandlerFactoryPath = "base/path" });
}

Resources