I intended to test an ASP.Net webservice under IIS using the test facilities offered by Visual Studio. I have jumped many hurdles to get to the point where, had the requirements just called for server authentication, everything would have been fine. However, mutual authentication is required. When I set the web service to require a client certificate, the test emits the error message:
The test adapter 'WebHostAdapter' threw an exception while running test 'GetDetails'. The web site could not be configured correctly; getting ASP.NET process information failed. The server may not be running a version of Asp.Net version 2.0 or greated. Requesting "https://localhost/pcoombes/VSEnterpriseHelper.axd" returned an error: The remote server returned an error: (403) Forbidden.
I am presuming that this is because the UrlToTest now requires a client certificate. Is there a client certificate attribute one can use?
I am using VS 2008 and IIS 5.1
Related
I have an ASP.NET Core backend service (no UI). I also have a UI website.
The website deploys and runs correctly on app service.
The backend service deploys but does not run, also on a app service.
I get greeted with an error: HTTP Error 500.30 - ANCM In-Process Start Failure.
The files are definitely there, although they are all under wwwroot. Is that correct even if it's just a backend service?
Just to understand the issue correctly, when you say, "The backend service deploys but does not run, also on a app service", does that mean it does not work both locally and also on App Service? If it doesn't work locally, it may not work on App Service. So, to isolate the issue ensure it works fine locally.
Typically, the error "500.30 In-Process Startup Failure", you may occur The worker process fails. The app doesn't start.The ASP.NET Core Module attempts to start the .NET Core CLR in-process, but it fails to start. The cause of a process startup failure can usually be determined from entries in the Application Event Log and the ASP.NET Core Module stdout log.
Also, ensure that App bitness (32 vs 64 bit) is correctly configured.
I have seen issues a common failure condition is when the app is misconfigured due to targeting a version of the ASP.NET Core shared framework that isn't present. Check which versions of the ASP.NET Core shared framework are installed on the target machine.
I have an OnPremise SharePoint 2013 and a O365 tenant. I have setup/configured a SharePoint Provider Hosted Low Trust Development Environment based on the step by step guide provided by the Microsfot Patterns and Practices Team:
https://github.com/SharePoint/PnP-Tools/blob/master/Scripts/SharePoint.LowTrustACS.Configuration
I have also built a simple Low Trust App which has absolutely no functionality!
I have a created a new Client and Secret
provided the domain -> dyn-app.mydomain.com
provided the redirect url -> https://dyn-app.mydomain.com/splowtrust1
Go to Visual Studio Low Trust Solution and added the client id and scret to the web.config
I published the app locally on my app website in IIS (with ssl configured)
i packaged the app with the url: https://dyn-app.mydomain.com/splowtrust1 and generated client id
uploaded the app to the app catalog
created a new app
When i click on the app i am getting redirected to my local iis correctly but i am receiving:
An error occurred while processing your request.
What is causing this error? And how can i fix it?
I am having an same issue when trying to run SharePoint Foundation 2010, and I am using the NTLM Windows Authentication Provider. We are running IIS 7.5, and we have a dev SharePoint site set up on another server, using the exact same authentication, but for some reason, the site on our prod server throws the error "No credentials are available in the security package." This fails using all browsers, and it fails when I run the site from the server directly as well as from any client machine. We have Windows Server 2008 R2 Standard on both machines.
I've checked that all the security settings for the SharePoint app pool as well as the SharePoint Web Services pool matches our dev server's settings, and they all do.
Any ideas? Thanks.
It looks like Kerberos is failing on the server. I understand you are using NTLM but the message seems to be Kerberos. Could you please check Authentication provider on on the IIS? If Negotiate is at the top of the list move down and make ntlm as top provider
IIS - UnderAuthentication - > Providers
When windows Authentication is used , this error can come if Kerberos is not available or failing, upon checking Providers under Windows Authentication setting in IIS, i changed preference of Negotiate and moved it down , NTLM remained up and it fixed my issue
I have a web application developed in VS2013
ASP.NET MVC 5
NInject for IoC
Sql Server 2008 R2 for a backing store (ADO, not Entity Framework, for DAL)
IIS 7.5 (Not a web garden, max processes = 1)
PostSharp 3.1.46.0
I have been developing and deploying on my local machine this application to a development server for months with not too many issues.
App Pool is .Net 4.0 Integrated, using the ApplicationPoolIdentity
Anonymous and Forms authentication are enabled. Anonymous is set to use the App Pool identity
File permissions are set for the application folder to give IIS AppPool\[mypool] read, list, execute access. (I tried full access, once, and it didn't help)
Last week, the development server reports a 401 (sc-status:401 sc-substatus:0 sc-win32-status:0) instead of showing me any forms from a remote connection. Local connections, that is, when I access the app on the sandbox, or if I log on to the development server and access it locally, work as expected. Any request from a remote machine fails.
401 - Unauthorized: Access is denied due to invalid credentials.
You do not have permission to view this directory or page using the credentials that you supplied.
I tried recreating the app pool and re-assigning the app to it. I tried aspnet_iisreg -ir. I went through most of the "Similar Questions" to the right of this edit box, trying to find something close to my issue. I erased the application from the server and redeployed to a new app, with new name and a new physical folder. KB2545850 hotfix didn't help.
My deployment strategy is an xcopy of everything but the web.config(s) I maintain the web.config separately. Please help diagnose.
In ASP.NET MVC Deploying an app with forms authentication to IIS 7.5 it says:
If you have a path leading to an eventual [Authorize] attribute, that will cause this -
removing the RenderAction or allowing that action to render without [Authorize] fixes it.
That was similar to my issue. I have a global filter to Authorize. I recently added a partial view in a controller to display a serial number. I added that partial to the _Layout, without the AllowAnonymous. Since the login form used the layout, which used this partial, I couldn't log in until I logged in.
Adding an [AllowAnonymous] to the action resolved this issue. I am thinking about how to more easily detect this for when it happens to me again.
We are developing an ASP.NET WebAPI that is hosted in IIS and authenticates using client certificates with iisClientCertificateMappingAuthentication.
In our on-premises development environment we have tested IIS 7-8 and Windows 7-8/Server 2012, all of which work fine.
We have set up a demo environment in Azure with a VM running Windows Server 2012 R2 and IIS 8. Using this configuration we have yet to successfully pass through IIS client certificate validation, where we consistently receive an HTTP 403.16 error.
The service is consumed by a custom iOS app that we have verified is sending the client certificate, which was expected since my understanding of the error implies IIS is unable to validate the certificate that it received.
The Client Certificate Authority is installed in the Trusted Root Certification Authorities and the Client Authentication Issuers stores for the Local Computer.
Pretty much all of the resources we can find on this issue propose the solution here: http://social.technet.microsoft.com/Forums/en-US/fae724e8-628e-45a5-bf39-6e812d8a1a70/40316-problem-in-iss8-on-mp-in-dmz?forum=configmanagerdeployment
where it's suggested we add a registry setting for ClientAuthTrustMode. This has not resolved the issue for us; we also did not need to do it for any of our local testing which involved the exact same OS and IIS versions.
We've spent days on this with no progress and were hoping someone may have some insight into this issue. Is there any default configuration that we have yet to come across to enable this form of authentication for VMs in Azure? It seems as though IIS on a VM in Azure is unable to actually validate against the CA in Trusted Root. One idea I had was that perhaps the certificate is being stripped from the request before it's routed to IIS, but again, that seems unlikely given my understanding of the error code.
Has anyone gotten a setup like this to work?
I happened upon this knowledge base article, maybe it can help you
http://support.microsoft.com/kb/2802568