I have the following configuration in my "web.config":
<customErrors mode="Off">
</customErrors>
<compilation debug="true" targetFramework="4.5" />
<httpRuntime targetFramework="4.5" />
<pages>
<namespaces>
<add namespace="System.Web.Helpers" />
<add namespace="System.Web.Mvc" />
<add namespace="System.Web.Mvc.Ajax" />
<add namespace="System.Web.Mvc.Html" />
<add namespace="System.Web.Routing" />
<add namespace="System.Web.WebPages" />
</namespaces>
</pages>
If I have a mistake in my environment clearly shows errors, but when I upload it to windows azure shows the screen where it tells me that I have to put:
<customErrors mode="Off" />
or
<customErrors mode="RemoteOnly" redirectMode="~/file.html" />
and not shows errors. Is there some extra settings that I have to do in "web.config" in "ASP.NET MVC 5" to show the errors?
The default for publishing to Azure is to use the Release configuration. The Release configuration, among other things, disables the yellow screen of death you see in development, because this is information that 1) is potentially dangerous if seen by the wrong person (malicious) and 2) is not user-friendly for the casual user.
If you want to see the errors, then you follow the advice on that page. If your problem is that you have done that, and the errors still aren't showing then #Zabavsky, is probably right; you didn't add it to the configuration that it was deployed with (most likely Release).
However, I would caution you from actually doing that. Like I said earlier, the stack trace shown on error can potentially contain sensitive information that a malicious user could use to compromise your site, and if you turn it on in Release, even if just for a little while to debug, there's a good chance you might forget to turn it off. The ideal is to work out all your bugs in development. For the final verification when deploying to Azure, you can deploy using the Debug configuration (which will show the errors) to a staging version of your site. Then, once everything is good, you can do the final deployment using the Release configuration, instead.
If you want to get the stack trace from errors in production on an ongoing basis, your best bet is to use a tool like ELMAH, which will log exceptions that occur and present them to you in a protected way. By default, that will be only over localhost, which would require that you browse from within the server the site is running on. If you can't do that because you're just using an Azure Website instead of a virtual machine, then you can also enable access to a certain user role, or only via a certain IP (your static IP).
Related
I have an asp.net mvc application and I have set up impersonation as follows in the web.config.
<system.web>
<compilation debug="true" targetFramework="4.6.1" />
<httpRuntime targetFramework="4.6.1" />
<authentication mode="Windows">
</authentication>
<identity impersonate="true" userName="BvhHisPharmaUser" password="12345"/>
<httpModules>
<add name="ApplicationInsightsWebTracking" type="Microsoft.ApplicationInsights.Web.ApplicationInsightsHttpModule, Microsoft.AI.Web" />
</httpModules>
</system.web>
As you can see I have enabled windows authentication mode.
Next you can see impersonate = true. And the userName(BvhHisPharmaUser) is a windows user that I created as follows using compmgmt.msc tool.
Now when I place a break point in Index Home
I dont see the imperonate user in the identity in the immediate window.
What am I missing?
Even after I login using the login screen, I do not see the impersonate user in the immediate window as follows.
I have removed the windows authentication mode in the web.config completely
and still observe exactly the same.
My objective is to run this iis web app under the above shown windows user(BvhHisPharmaUser) because this web app calls a wcf service which is configured to authorize this user.
So my questions are as follows.
Is impersonation is the way for this, so that the web application can run under this user? Is there any other way like app pool configuration?
Why is this impersonation not working? I have enabled it as showin in the web.config and still the identity of the thread principal does not change. What am I missing?
Kindly let me know if additional info is needed.
I'm developing an ASP.NET MVC application, and when I run it from VS, if I let the browser sit on a page for a short time like 45 seconds, and then try to take some action, the request never makes it to my controller. Everything functions as expected if I don't wait at all before making a navigation/request. This problem has existed for the life of the project.
The IIS Express logs do not show any requests when this happens; however, in debug mode, VS can see that the browser did make a request. No breakpoints inside of the ActionResult get hit though, so I know it isn't getting called. The browser's debug tools show the request sitting in the pending state forever. The website is still running though, IIS doesn't crash. I can open another browser and access the login page, however, the POST doesn't fire the controller action.
This happens on every machine and with every browser. I've scoured the web and couldn't find others with my problem. My webconfig and applicationHosts look like the default generated ones, except for some forms auth settings.
<appSettings>
<add key="webpages:Version" value="3.0.0.0" />
<add key="webpages:Enabled" value="false" />
<add key="ClientValidationEnabled" value="true" />
<add key="UnobtrusiveJavaScriptEnabled" value="true" />
<add key="PreserveLoginUrl" value="true" />
</appSettings>
<system.web>
<compilation debug="true" targetFramework="4.6.1" />
<httpRuntime targetFramework="4.6.1" requestValidationMode="2.0" />
<authentication mode="Forms">
<forms slidingExpiration="true" timeout="60" loginUrl="~/Account/LogIn" />
</authentication>
Turns out the issue was a loader lock being made by a thread that was dying (terminated?) before it could release the lock. This lock would block any threads handling HTTP requests. Application Insights appeared in the callstack for the problematic thread, and after disabling it, the problem no longer occurs.
Application:
MVC Website running on IIS 8.5 / Windows Server 2012R2.
Requirements:
Restrict Access to certain user groups
Execute Code as the user that sends the requests (i.e. querying a Database, accessing files etc.)
Steps taken so far:
Web.config
<system.web>
<identity impersonate="true" />
<authentication mode="Windows" />
<compilation targetFramework="4.5" />
<httpRuntime targetFramework="4.5" />
</system.web>
<system.webServer>
<modules>
<remove name="FormsAuthentication" />
</modules>
</system.webServer>
IIS > Sites > $TheSiteName$ > Authentication > Disable all except Windows
IIS > Sites > $TheSiteName$ > Authorization Rules > Allow All
Active Directory > $TheServerName$ > Delegation > Trust this computer for delegation to any service (Kerberos only)
Results
IIS complains that impersonation is not possible in Integrated Pipeline Mode
When I change Pipeline Mode to classic, a authentication dialogue pops up, but seems to be inable to verify my credentials.
Any idea what I might have forgotten to get this to work? Why can't I access this website?
Soon as I got this going, I will have to take care of restrictions. Wild guessing as I am, I would assume it will be possible to add the restricted groups into the authorization rules, but I can't get to test it...Is this the right / best way to do that?
I see a lot of posts on this topic - no Intellisense in VS Express 2013 for Web .cshtml files. I see that some people are having success after installing the 2013.1 update, but that didn't work for me.
It didn't just quit working - it hasn't ever worked in VS Express 2013 for me. Every line that begins with # is just a black line. No highlighting, no Intellisense while typing.
I've installed the 2013.1 update.
Launched vwdexpress.exe /resetsettings
Checked the AppSettings section in web.config:
<appSettings>
<add key="webpages:Version" value="3.0.0.0" />
<add key="webpages:Enabled" value="false" />
<add key="ClientValidationEnabled" value="true" />
<add key="UnobtrusiveJavaScriptEnabled" value="true" />
</appSettings>
Are there any other possible solutions for this?
Those web.config settings look ok.
As its never worked looks as though something is broken so a reinstall would be best (but painful). But first there is a 2nd update for visual studio 2013 available VS2013.2 this may correct the problem although as the first update didn't it is unlikely, worth a try. Good luck.
I have a basic MVC site built on Umbraco 6.1.2 and hosted with 1&1 (1and1) using their shared Windows hosting.
The site works perfectly on my local machine but once deployed it throws an encoding error on Firefox, Chrome and IE (other browsers untested, but I assume this will affect all browsers). The back office is accessible and I am able to log in and navigate through the content tree, it is just the rendering of the site content using MVC and Razor which appears to be affected by the problem.
I disabled gzip in Firefox (using this method: http://forgetmenotes.blogspot.co.uk/2009/05/how-to-disable-gzip-compression-in.html) and the website worked as expected, therefore I can only assume that this is an issue with 1&1's gzip configuration.
Has anybody had the same issue? Is it related to Umbracp or has anyone seen the same problem with standard MVC applications?
You should probably enable gzip in your web.config
<system.webServer>
<httpCompression directory="%SystemDrive%\inetpub\
temp\IIS Temporary Compressed Files">
<scheme name="gzip" dll="%Windir%\system32\inetsrv\gzip.dll"/>
<dynamicTypes>
<add mimeType="text/*" enabled="true"/>
<add mimeType="message/*" enabled="true"/>
<add mimeType="application/javascript" enabled="true"/>
<add mimeType="*/*" enabled="false"/>
</dynamicTypes>
<staticTypes>
<add mimeType="text/*" enabled="true"/>
<add mimeType="message/*" enabled="true"/>
<add mimeType="application/javascript" enabled="true"/>
<add mimeType="*/*" enabled="false"/>
</staticTypes>
</httpCompression>
<urlCompression doStaticCompression="true" doDynamicCompression="true"/>
</system.webServer>
There are a few more tricks here
Setting the gzip compression in asp.net
I have found the cause of the problem. I commented out all references to ClientDependency in the Web.config and now my site runs as expected. It seems as though that module is attempting to compress content but failing. This forum post helped locate the issue: http://our.umbraco.org/forum/ourumb-dev-forum/bugs/13525-Client-Dependency-Module-playing-havoc-with-gzip-content-compression
This causes some problems with the core product and is therefore not a fix, it does however give us a starting point for investigations into how the problem can be resolved.
I have updated the Umbraco issue tracker with this information. For those who are interested see here: http://issues.umbraco.org/issue/U4-2203