I have 2 web servers (Windows 2012) and a single website (ASP.NET MVC 4) on each of them. To make sure ASP.NET encryption works correctly I did the following:
Deployed the app to both servers using Octopus
Went to the first server, selected the website, clicked on the Machine Key icon, unchecked all checkboxes, clicked Generate Keys and then clicked Apply
Then I copied the generated keys to the other machine
This worked but only until the next deployment. The deployment seems to reset the machine key values back to their default values. The deployment process is very simple:
Stop the app pool
Delete the content of the app folder
Copy new files to the app folder
Start the app pool
As a workaround I have the keys in the web.config but this is far from being perfect for obvious reasons.
Any ideas why the values are being reset?
Thanks
Pawel
Where is IIS putting the machine keys? Into the web.config or into the machine.config?
Also try setting the Octopus variable OctopusNotAWebSite to true and do the IIS re-pointing manually. Octopus could be resetting the IIS Application somehow.
#JasonStangroome solved it for me. I simply forgot that the IIS manager modifies the web.config so that's why custom values would disappear after each deployment.
Related
My web.config contains multiple entries in "appSettings" (e.g.: twilio account key). One of these is for the asp.net chart control. It's the configuration part that states where the images the control generates are to be stored.
All of these settings work on my development machine. That is, i can connect to twilio and the chart control stores image in memory (as it should, according to the settings).
When i publish the site to my azure website (using vs), all of the settings work, apart from the chart control one. The chart control behaves as if the setting isn't even there. (it defaults to c:\TempImageFiles for storage).
I looked into the published version of the web.config and the setting is there. Only, it's beeing ignored.
My next attempt was to add that setting using the portal. (It's possible to add appSettings for a web app using the portal). I copied the exact same setting from web.config into the portal settings. This worked, so there is nothing wrong with what's in the settings.
So my question is: Why are some (at least this one) settings from web.config ignored when the app runs inside an azure web app?
You might have an app setting defined in the Web App's configuration with an identical name that overrides the web.config setting. This is typically done to have production settings stored in Azure instead of Web.config.
You can confirm if this is the case by opening your Web App's blade in the new portal, and checking the Application Settings tab there.
azure websites / azure web app service are typical web applications running on top of azure PaaS infrastructure. So whatever storage allocated to the service is accessible from the app. But it cannot be the typical C: or D: where in a regular server the app may have complete access. Mostly the C: space is allocated for IIS hosting. D:\local is something you can utilize as the app will have complete read and write access.
Please refer azure web app service sandbox details here.
If you are accessing the path via code try using Server.MapPath property to get access to the path. options like Path.GetTempPath() will not work.
One point to note is, any local storage in azure PaaS services is to be treated like a temporary storage. Whenever the site, service or role recycles the storage will be gone a fresh storage will be assigned.
I'm using Asp.Net 2FA and deployed on Azure. I have it working as per the sample Identity 2.1 projects.
When I login, I can select to Remember browser and the system sends a cookie - called .AspNet.TwoFactorCookie. On subsequent logins, then I don't need to enter the 2FA code. All good.
But on a new deployment, I deploy to the staging area on Azure, and then do a Swap, swapping the production and staging environments. If I then try to login, the .AspNet.TwoFactorCookie no longer works, and I need to get a new 2FA code.
However, if I swap again, ie so production is back to what it was, the .AspNet.TwoFactorCookie works again.
It would appear that in decrypting the cookie, the value returned from production and staging environments is different. But how can I work around this? For minimal down time of the production environment, the Azure swap is the way to go, but then it breaks the 2FA authentication.
As #ojf and #trailmax said, I just needed the machineKey in the web.config
For anyone else, here's a site to generate a machineKey and you just need to add it to your web.config under the section. (Thanks guys)
I enabled the Web Deploy feature for my Web Role and deployed it.
But how can I get hold of the .publishsettings file so I can create a Publishing Profile for it?
This 2 year old article states that it should have been created automatically, but I haven't got that in my profile manager.
Any ideas?
If you are using Visual Studio 2012 or greater, the server explorer to the left will have several Azure items.
Specifically the Windows Azure Compute is what we are looking for, right click on that and say 'add deployment environment'. You will then be prompted with a dialog that allows you to sign in and download publish settings file:
You can get publishsettings file from the following link: https://windows.azure.com/download/publishprofile.aspx
Well, the problem was really behind the keyboard.
So the publishing profile is actually provisioned correctly and automatically to the Web project as the documentation states.
The problem and confusion was that I have a secondary web application in my Solution that I also publish to the same Web Role (referenced as an additional Site in the ServiceDefinition.csdef file).
That Web Project does not get the Publishing Profile, and when I try to create a profile manually, it doesn't work since that (secondary) IIs instance is not configured for Web Deployment.
Oh well, back to the tedious Cloud Service deployment it is...
I have created a Cloud project on VS 2012 with .net 4.5. This consists of two web roles, an API and an front end website.
I have followed the instructions here: http://msdn.microsoft.com/en-gb/library/windowsazure/gg443832.aspx in order to set up remote desktop, and deployed the service.
When I try to connect (I have double and triple checked the credentials), I get told that 'The credentials that were used to connect to did not work. Please enter new credentials.
My web roles are both operational, and I can visit them both in the browser.
I have tried waiting a while after deploying for changes to propagate, but this makes no difference. The only thing I can think of is that I have not done anything with certificates as of yet other than download the appropriate bits in order to deploy from visual studio. I can't find any documentation that says I need to though.
I have also tried out adding various domains to the username but nothing works.
Am I missing something, or is there a chance that there is a bug with azure at the moment?
EDIT: Have now tried deleting the cloud project from visual studio, deleting the cloud service in azure and redeploying with only a single web role. Still seeing the problem.
Just checking for completeness,
Did you use the button on the website for your first access?
http://blogs.msdn.com/b/avkashchauhan/archive/2011/04/03/how-to-login-into-windows-azure-virtual-machine-using-remote-desktop.aspx
On the other hand, this is the link that worked for us, it includes how to set up the cert needed too.
http://geekswithblogs.net/MagnusKarlsson/archive/2012/12/03/connect-to-running-web-role-from-remote-desktop-connection-and.aspx
I fixed this by removing the <Import moduleName="RemoteAccess" /> and <Import moduleName="RemoteForwarder" /> lines from the .csdef then removing all references to Microsoft.WindowsAzure.Plugins.RemoteAccess and Microsoft.WindowsAzure.Plugins.RemoteForwarder within the .cscfg files. I then was able to deploy and enable remote desktop access from the newer Azure portal.
After adding users to the Azure Active Directory Domain, (e.g. smith#mydomain.onmicorosft.com), I tried logging in as one of those users, but got "Your credentials did not work." After some trial and error, I found that I had to add the users (e.g. smith) as local users on the VMs. Once I did that, and assigned, passwords, the users could RDP in.
I have to deploy my (old school) application to Azure using the Web deployment tools/Azure Web Accelerator. I'm not an Azure pro and I havn't set up the whole Azure Publishing enviroment.
Still i can publish my application with Visualstudio to Azure. Never the less when I try System.Configuration.ConfigurationManager.AppSettings["setting"] I get an empty value.
Local on the webapplication I get a value.
So I know that 'RoleEnvironment.IsAvailable' is true and localy isn't still that's the only lead I have. Any help is welcome
Thanks guys but I've fixed it. It's quite simple after all. The Azure Web Accelerator was configured at url service.test.com the site which couldn't read the web.config was a the same base url only a virtual application like service.test.com/shop.
When I changed the service.test.com/shop to run at testshop.shopname.com everything worked. So basicly you can't run both web app/sites on the same url.
If it's OK when using the local simulator? You could RDP to your windows azure virtual machine to have a look on the web.config directly. About how to use RDP on windows azure please have a look
http://msdn.microsoft.com/en-us/library/windowsazure/gg443832.aspx
http://geekswithblogs.net/shaunxu/archive/2010/12/03/remote-desktop-to-your-azure-virtual-machine.aspx