I'm developing an ASP.NET MVC application, and when I run it from VS, if I let the browser sit on a page for a short time like 45 seconds, and then try to take some action, the request never makes it to my controller. Everything functions as expected if I don't wait at all before making a navigation/request. This problem has existed for the life of the project.
The IIS Express logs do not show any requests when this happens; however, in debug mode, VS can see that the browser did make a request. No breakpoints inside of the ActionResult get hit though, so I know it isn't getting called. The browser's debug tools show the request sitting in the pending state forever. The website is still running though, IIS doesn't crash. I can open another browser and access the login page, however, the POST doesn't fire the controller action.
This happens on every machine and with every browser. I've scoured the web and couldn't find others with my problem. My webconfig and applicationHosts look like the default generated ones, except for some forms auth settings.
<appSettings>
<add key="webpages:Version" value="3.0.0.0" />
<add key="webpages:Enabled" value="false" />
<add key="ClientValidationEnabled" value="true" />
<add key="UnobtrusiveJavaScriptEnabled" value="true" />
<add key="PreserveLoginUrl" value="true" />
</appSettings>
<system.web>
<compilation debug="true" targetFramework="4.6.1" />
<httpRuntime targetFramework="4.6.1" requestValidationMode="2.0" />
<authentication mode="Forms">
<forms slidingExpiration="true" timeout="60" loginUrl="~/Account/LogIn" />
</authentication>
Turns out the issue was a loader lock being made by a thread that was dying (terminated?) before it could release the lock. This lock would block any threads handling HTTP requests. Application Insights appeared in the callstack for the problematic thread, and after disabling it, the problem no longer occurs.
Related
Same question was asked here but it was not a solution for me, its been more than 16 hours I'm trying to find solution for it.
I setup Windows Authentication for my MVC5 (ASP.Net Fw4.5) application using VS2013 (Windows Server 2012 R2) following are the major steps i did for setting up.
I have two controllers I put Authorize attribute on Home controller, About controller does not have any attribute on it
On project properties Enabled Windows Authentication
Web.Config as below
<authentication mode="Windows" />
<authorization>
<allow users="?" />
</authorization>
<identity impersonate="false" />
<roleManager enabled="true" defaultProvider="AspNetWindowsTokenRoleProvider">
<providers>
<clear />
<add name="AspNetWindowsTokenRoleProvider" type="System.Web.Security.WindowsTokenRoleProvider" applicationName="/" />
</providers>
</roleManager>
<validation validateIntegratedModeConfiguration="false" />
IIS Settings
Anonymous Authentication is Enabled
Windows Authentication is Enabled (Provider: NTLM, Negotiate)
With these configurations my application works perfect on IISExpress, but when I access it through IIS it prompts for login/password upon giving correct username/password it keep repeating. (I can access About Controller without Authorize attribute)
I inspected request through Fiddler that bring something interesting. Below is the response when i access through IIS
When i access through IISExpress i can see there are three entries for single request two of them get 401 but third gets 200
i have an ASP MVC web site that is published.
and i adjusted <security allowRemoteAccess="yes"/> in webconfig
and now anybody can access Elmah page
by saying that i didnt use ASP.Net Identity,how can i secure ELmah Page?
I wrote a blog post a couple of months ago, that explains everything you need to know: ELMAH security and allowRemoteAccess explained. Basically, you will need to install the Elmah.MVC package and add app settings like this:
<appSettings>
<add key="elmah.mvc.requiresAuthentication" value="true" />
<add key="elmah.mvc.allowedRoles" value="Admin" />
<add key="elmah.mvc.allowedUsers" value="Thomas" />
</appSettings>
In webconfig i mentioned the session timeout as 20 minutes
<system.web>
<compilation debug="true" targetFramework="4.5" />
<httpRuntime targetFramework="4.5" maxRequestLength="350000" enableVersionHeader="false"
maxQueryStringLength="3584" executionTimeout="600"/>
<sessionState mode="InProc" timeout="20"></sessionState>
<globalization culture="en-GB" />
</system.web>
but the website is getting logout before 20 minutes of idle time.
Any thing i am missing in the code?
Since session information is stored in-memory (mode="InProc"), if the application domain is restarted, all session information will be deleted. If you observe this locally while developing, every time you recompile your application, this will happen. And if you observe this behavior on your web server, it is also possible that IIS could recycle the application domain. For this reason you might need to consider some of the other session state modes like StateServer or SQLServer.
I have talked about ASP.NET Session so far. But there's also the authentication. Since you talked about users being logged-off it is possible that if you are using Forms Authentication, the cookie expires. This is controlled by the <authentication> tag in your config:
<authentication mode="Forms">
<forms loginUrl="~/Account/Login" timeout="2880" protection="All" />
</authentication>
So you might check this timeout as well.
Bottom line: do not confuse ASP.NET Session with ASP.NET Forms Authentication.
I see a lot of posts on this topic - no Intellisense in VS Express 2013 for Web .cshtml files. I see that some people are having success after installing the 2013.1 update, but that didn't work for me.
It didn't just quit working - it hasn't ever worked in VS Express 2013 for me. Every line that begins with # is just a black line. No highlighting, no Intellisense while typing.
I've installed the 2013.1 update.
Launched vwdexpress.exe /resetsettings
Checked the AppSettings section in web.config:
<appSettings>
<add key="webpages:Version" value="3.0.0.0" />
<add key="webpages:Enabled" value="false" />
<add key="ClientValidationEnabled" value="true" />
<add key="UnobtrusiveJavaScriptEnabled" value="true" />
</appSettings>
Are there any other possible solutions for this?
Those web.config settings look ok.
As its never worked looks as though something is broken so a reinstall would be best (but painful). But first there is a 2nd update for visual studio 2013 available VS2013.2 this may correct the problem although as the first update didn't it is unlikely, worth a try. Good luck.
I have the following configuration in my "web.config":
<customErrors mode="Off">
</customErrors>
<compilation debug="true" targetFramework="4.5" />
<httpRuntime targetFramework="4.5" />
<pages>
<namespaces>
<add namespace="System.Web.Helpers" />
<add namespace="System.Web.Mvc" />
<add namespace="System.Web.Mvc.Ajax" />
<add namespace="System.Web.Mvc.Html" />
<add namespace="System.Web.Routing" />
<add namespace="System.Web.WebPages" />
</namespaces>
</pages>
If I have a mistake in my environment clearly shows errors, but when I upload it to windows azure shows the screen where it tells me that I have to put:
<customErrors mode="Off" />
or
<customErrors mode="RemoteOnly" redirectMode="~/file.html" />
and not shows errors. Is there some extra settings that I have to do in "web.config" in "ASP.NET MVC 5" to show the errors?
The default for publishing to Azure is to use the Release configuration. The Release configuration, among other things, disables the yellow screen of death you see in development, because this is information that 1) is potentially dangerous if seen by the wrong person (malicious) and 2) is not user-friendly for the casual user.
If you want to see the errors, then you follow the advice on that page. If your problem is that you have done that, and the errors still aren't showing then #Zabavsky, is probably right; you didn't add it to the configuration that it was deployed with (most likely Release).
However, I would caution you from actually doing that. Like I said earlier, the stack trace shown on error can potentially contain sensitive information that a malicious user could use to compromise your site, and if you turn it on in Release, even if just for a little while to debug, there's a good chance you might forget to turn it off. The ideal is to work out all your bugs in development. For the final verification when deploying to Azure, you can deploy using the Debug configuration (which will show the errors) to a staging version of your site. Then, once everything is good, you can do the final deployment using the Release configuration, instead.
If you want to get the stack trace from errors in production on an ongoing basis, your best bet is to use a tool like ELMAH, which will log exceptions that occur and present them to you in a protected way. By default, that will be only over localhost, which would require that you browse from within the server the site is running on. If you can't do that because you're just using an Azure Website instead of a virtual machine, then you can also enable access to a certain user role, or only via a certain IP (your static IP).