I had the OwinStartup configuration code working perfectly and then it stopped working. Unfortunately I'm not sure exactly what I did to get it to stop working and am having a really hard time figuring it out.
To make sure I have the basics covered, I doubled checked to make sure the I have the
[assembly:OwinStartup(typeof(WebApplication.Startup))]
attribute assigned properly and made sure that I don't have an appSetting for owin:AutomaticAppStartup that is set to false so I made one set to true to be safe as there was nothing there before.
<add key="owin:AutomaticAppStartup" value="true" />
I also tried specifically calling out the appSetting:
<add key="owin:appStartup" value="WebApplication.Startup" />
Before it stopped working I upgraded the Microsoft.Owin.Security NuGet packages to 2.0.2, so I tried reverting them to 2.0.1 (that was a pain) but it didn't change anything. I have WebActivator installed on the project and am using that to bootstrap other things but I've tested that on a fresh WebApplication template and it works there so I don't think that is the culprit.
I also tried removing my Startup class and using Visual Studio to add a new one using the OWIN Startup Class type in Add New Item and that isn't getting called either. Next I tried adding a second Startup class since I know it will throw an exception if there is more than one OwinStartup attributes defined, but it isn't throwing any exception there.
Not sure what else to try. Any thoughts?
Update
Turns out that Resharper removed the reference to Microsoft.Owin.Host.SystemWeb when I used it to remove unused references.
Make sure you have installed Microsoft.Owin.Host.SystemWeb package in the project. This package is needed for startup detection in IIS hosted applications. For more information you can refer to this article.
If you've upgraded from an older MVC version make sure you don't have
<add key="owin:AutomaticAppStartup" value="false" />
in your web.config. It will suppress calling the startup logic.
Instead change it to true
<add key="owin:AutomaticAppStartup" value="true" />
I realize you already mentioned this but sometimes people (like me) don't read the whole question and just jump to the answers...
Somewhere along the line - when I upgraded to MVC 5 this got added and I never saw it until today.
Alternative answer to the original problem discussed - Owin "not firing." In my case I spent hours thinking it wasn't firing due to being unable to set a breakpoint in it.
When debugging OWIN startup in visual studio
IIS Express - Running "F5" will break on the OWIN startup code
IIS - Running "F5" will not break until after OWIN (and global.asax) code is loaded. If you attach to W3P.exe you will be able to step into it.
If you are having trouble debugging the code in the Startup class, I have also had this problem - or I thought I did. The code was firing but I believe it happens before the debugger has attached so you cannot set breakpoints on the code and see what is happening.
You can prove this by throwing an exception in the Configuration method of the Startup class.
DEBUGGING TIPS
If debugging does not work try using IIS Express or try the method below for local IIS
Using local IIS
For some reason this method enables debugging of this method:
Request a webpage
Attach to w3wp.exe process
Touch the web.config file
Request a webpage
Extra tip
Maybe doing this will flush a cache:
In web.config add the optimizeCompilations attribute with a false value
<compilation debug="true" ... optimizeCompilations="false">
Run site
Undo the change in web.config
I had a similar issue to this and clearing Temporary ASP.NET Files fixed it. Hope this helps someone.
I had the same problem. Microsoft.Owin.Host.SystemWeb package was installed but during the installation NuGet was not able to add the dll as a reference for some reason. Make sure your project has that reference. If not you can try to reinstall:
update-package Microsoft.Owin.Host.SystemWeb -reinstall
I had an error like below on reinstall but somehow it worked:
System call failed. (Exception from HRESULT: 0x80010100
(RPC_E_SYS_CALL_FAILED))
I had same problem when I added Owin to an existing web project. I eventually found the problem was due to the following in the web.config file.
<assemblies>
<remove assembly="*" />
<add assembly="System.Web.Mvc" />
<add assembly="System.Web.WebPages" />
...
</assemblies>
The remove assembly="*" was causing the problem. When I remove this line the Owin startup code ran.
I eventually change it to the following and it worked perfectly
<assemblies>
<remove assembly="*" />
<add assembly="Microsoft.Owin.Host.SystemWeb" />
<add assembly="System.Web.Mvc" />
<add assembly="System.Web.WebPages" />
<add assembly="System.Web.Helpers" />
...
</assemblies>
In my case this Microsoft.Owin.Host.SystemWeb package is present in the project.
But below two tags are not present in web.config.
<add key="owin:AutomaticAppStartup" value="true" />
<add key="owin:appStartup" value="namespace.className.methodName" />
after adding them it works smoothly.
In my case, the IIS application pool was not set to v4. It was v2.
Changed the AppPool to v4 and everything was okay.
In my case, my web.config had
<authorization>
<allow users="?" />
</authorization>
To force it to fall back to Owin, I needed it to be
<authorization>
<deny users="*" />
</authorization>
I found the following article to be very helpful:
https://weblog.west-wind.com/posts/2015/Apr/29/Adding-minimal-OWIN-Identity-Authentication-to-an-Existing-ASPNET-MVC-Application#MinimalCodeSummary
In my case, I had to set the following before Owin authentication would work instead of windows authentication:
<system.web>
<authentication mode="None" />
<system.web>
This worked for me:
add authentication mode="None"
<system.web>
<compilation debug="true" targetFramework="4.6.1" />
<httpRuntime targetFramework="4.6.1" />
<authentication mode="None" /><!--Use OWIN-->
</system.web>
In my case, my website's output path is changed by somebody, the IIS Express even not load OWIN, and the setup class will not be hit of course. After I set the output path as "bin\", it works well.
I am not sure if this will still help someone, but I've done all of the solutions above (and from some other posts) to no avail.
What fixed the issue on my end was to put a backslash to the end of RedirectUri value in the web.config (crazy, I know!). RedirectUri is a parameter in UseOpenIdConnectAuthentication.
So, instead of:
<add key="ida:RedirectUri" value="https://www.bogussite.com/home" />
Do this:
<add key="ida:RedirectUri" value="https://www.bogussite.com/home/" />
And updated the Reply URL on the Azure App Settings as well.
That somehow made the Startup to run as expected (probably cleared some cache), and the breakpoints are now firing.
FYI. I was modelling my code from here: https://github.com/microsoftgraph/aspnet-connect-sample
After converting a class library to a Web Application Project, I ran into this and became stubborn. Turned out, in my .csProj file, I had this:
<PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' ">
<DebugSymbols>true</DebugSymbols>
<DebugType>full</DebugType>
<Optimize>false</Optimize>
<OutputPath>bin\Debug\</OutputPath>
<DefineConstants>DEBUG;TRACE</DefineConstants>
<ErrorReport>prompt</ErrorReport>
<WarningLevel>4</WarningLevel>
</PropertyGroup>
<PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Release|AnyCPU' ">
<DebugType>pdbonly</DebugType>
<Optimize>true</Optimize>
<OutputPath>bin\Release\</OutputPath>
<DefineConstants>TRACE</DefineConstants>
<ErrorReport>prompt</ErrorReport>
<WarningLevel>4</WarningLevel>
</PropertyGroup>
thus building the various dll's into a subfolder of the bin-folder (which ifc. won't work). Solution was to change both text-contents for OutputPath to just bin\.
For me it was because they are not in the same namespace. After I remove my AppStart from "project.Startup.AppStart" and let they both Startup.cs and Startup.Auth.cs with "project.Startup" namespace, everything was back to work perfectly.
I hope it help!
If you are seeing this issue with IIS hosting, but not when F5 debugging, try creating a new application in IIS.
This fixed it for me. (windows 10) In the end i deleted the "bad" IIS application and re-created an identical one with the same name.
I think what some people were trying to get to above is that if you want to programatically make your OWIN server "come to life", you'd be calling something like this:
using Microsoft.Owin.Hosting;
IDisposable _server = WebApp.Start<StartupMethod>("http://+:5000");
// Start Accepting HTTP via all interfaces on port 5000
Once you make this call, you will see the call to StartupMethod() fire in the debugger
In case you have multiple hosts using the same namespace in your solution, be sure to have them on a separate IISExpress port (and delete the .vs folder and restart vs).
I messed around with a lot of the suggestions on this post.
I had the following but still could not land on a break point. Throwing an exception proved the code was being entered.
<appSettings>
...
<add key="owin:AutomaticAppStartup" value="true" />
<add key="owin:appStartup" value="SSOResource.Startup, SSOResource" />
...
</appSettings>
Finally out of desperation I looked at project->properties, and then under the WEB section I also checked the NATIVE CODE checkbox (ASP.NET should be already checked).
That finally fixed it for me.
Note : I am using Visual Studio 2017 Professional.
First add the OWIN Auth Class and then enable OWIN:AutomaticAppStartup key in your web.config like
Now it will fire
Related
There's no real code example to show since it will happen no matter where you put the breakpoint.
Using Visual Studio 2013 (we migrated this project from 2012), I get this error when setting a breakpoint in any .cshtml View:
The following breakpoint cannot be set
I've tried various things such as cleaning my solution, closing and opening VS2013, and others. Nothing seems to work.
What can I do about this?
We found this node in our site's root Web.config:
<compilation debug="true" targetFramework="4.5" assemblyPostProcessorType="Microsoft.VisualStudio.Enterprise.Common.AspPerformanceInstrumenter, Microsoft.VisualStudio.Enterprise.AspNetHelper, Version=12.0.0.0, Culture=neutral, PublicKeyToken=xxxxxxxxxxxxxxxx"/>
Lo and behold, removing the assemblyPostProcessorType attribute solved the issue. It should look like this after the fix:
<compilation debug="true" targetFramework="4.5" />
Hope this helps somebody else. It was driving my boss crazy...
What happened to our Umbraco instance? It looks like this when I'm logged in, and when I check the browser console I see lots of 500 Internal Server Errors for both the backoffice and the front-end website, with failures for .css and .js files.
I've tried recycling, stopping and starting the app pool, and restarting IIS. I've tried updating the clientDependency version number in clientDependency.config, that didn't work.
I double-checked and I'd added a mime-type via the web.config (in the section), and I'd also added it as a mime type via IIS. This breaks loading of static content, so I defined the mime-type in the web.config only and removed it from IIS, and this fixed the issue.
I tries to load a gif-file and just like ProNotion says:
I found this line in web.config without any remove element:
<mimeMap fileExtension=".woff" mimeType="application/x-font-woff" />
Add change to
<remove fileExtension=".woff" />
<mimeMap fileExtension=".woff" mimeType="application/x-font-woff" />
That fixed the issue for me.
It's likely a permissions problem. I'd suggest that you first need to try and find some detail on the 500 error. Can you inspect it for further detail?
If that doesn't help disable the ClientDependency framework by setting debug="true" on the compilation node of youur web.config file. It's located under the system.web node and looks like this:
<compilation defaultLanguage="c#" debug="true" batch="false" targetFramework="4.0">
If you still have issues after that you can at least browse directly to those resources to view details of the error.
Simon
I have an MVC WebAPI site that has the latest ELMAH.MVC NuGet package installed. Under Visual Studio, I can access
http://localhost:1234/elmah
and get the error log, just like I'm supposed to be able to.
When I deploy it to Azure, it throws an error when I do that. Fortunately, Elmah is logging the error to the XmlError log in App_Data, and I found this:
<error errorId="92ad3ee1-3fd5-449a-8cb4-0474aa771aab"
application="/LM/W3SVC/417796901/ROOT"
host="RD00155D430783" type="System.Web.HttpException"
message="Server cannot set status after HTTP headers have been sent."
source="System.Web"
detail="System.Web.HttpException (0x80004005): Server cannot set status after HTTP headers have been sent.
And then goes on for many lines of stack trace, NONE of which comes anywhere near my code.
What's going on? I've just added the Elmah.MVC nuget package, and made the following changes to the Web.Config
<elmah>
<security allowRemoteAccess="yes"/>
<errorLog type="Elmah.XmlFileErrorLog, Elmah" logPath="~/App_Data" />
</elmah>
<location path="elmah.axd">
<system.web>
<allow roles="*" />
</system.web>
</location>
It's not coming anywhere near any of my controllers, so I don't have any control over when Http status headers are set or sent.
Thanks for any help.
itanex is right! Put an empty text file (i.e. placeholder.txt) in the App_Data folder and mark it as "Content" and "Always Copy" - This will ensure that the App_Data folder is getting created. Also, as Simon point out, the correct path (based on your config) is /elmah.axd
via https://stackoverflow.com/a/11680786/1037948:
Allow remote access:
<elmah>
<security allowRemoteAccess="true"/>
</elmah>
I'm running MVC3 and a windows auth web application. When I deploy to IIS6 it runs great until I hit a page that requires authentication. It then is auto-redirecting to /Account/Login when I have no trace of that in my application and my web.config is configured to windows auth.
Any ideas?
Here is my entire web.config file: http://pastie.org/1568510
Check whether you have WebMatrix.Data.dll and/or WebMatrix.WebData.dll deployed in the bin directory of your application. If they are there (and you know you don't use them) then try removing them and accessing a page that requires authentication.
In RTM try to add to <appSettings> in Web.config:
<add key="enableSimpleMembership" value="false" />
(Thx to Problem exclusively using Windows Authentication in ASP.NET MVC 3 Beta.)
Not sure if you still have the issue or not, but try adding
<add key="autoFormsAuthentication" value="false" />
to your web.config under appSettings. According to here and here, that should solve your problem.
Try override WebMatrix.dll default for login url by adding this to your appSettings (web.config) :
<add key="loginUrl" value="~/Account/LogOn"/>
WebMatrix.dll set the login Url to /Account/Login, if this key isn't set in the config file...
It works for me.
In RTM try to add to in Web.config:
<add key="enableSimpleMembership" value="false" />
The above post works. +1 Add this key before adding deployable dependencies.
I had the same issue in my MVC4 project, only my project has Anonymous Authentication disabled outright, so Windows Authentication is always required.
I have no WebMatrix.* in my bin folder, and adding the autoFormsAuthentication and enableSimpleMembership keys to appSettings didn't do it for me.
Instead, I had to comment out the following:
<authentication mode="Forms">
<forms loginUrl="~/Account/Login" timeout="2880" />
</authentication>
And replace it with this:
<authentication mode="Windows" />
That did the trick.
I was using nopCommerce 2.65 and had this issue.
I did not have any of WebMatrix.Data.dll nor WebMatrix.WebData.dll deployed in the bin folder, but adding
<add key="autoFormsAuthentication" value="false" />
<add key="enableSimpleMembership" value="false" />
in the web.config solved it.
Another way to override "login.aspx url redirection problem with MVC + IIS 7"... by adding this to your appSettings (web.config) :
<authentication mode="Forms">
<!--<forms loginUrl="~/Account/Login" timeout="2880" />-->
<forms loginUrl="~/Home" timeout="2880" />
</authentication>
...This resolved the problem for me
I fixed it this way
1) Go ot IIS 2) Select your Project 3) Click on "Authentication" 4) Click on "Anonymous Authentication" > Edit > select "Application pool identity" instead of "Specific User". 5) Done.
Make sure that all the authentication settings in IIS are correct.
For me the application that redirected to /Account/Login was running within a site that Anonymous authentication enabled. After disabling this in the site and enabling it for the application (together with Windows authentication) it was ok.
You can also go to the IIS on the server and go into Authentication modes and disable forms authentications.
This has me scratching my head in a demo. Embarassing.
I know this is a super old post. But I just ran across this after going through a tutorial on upgrading from MVC 4 to MVC 5. So I'm throwing it on just in case anyone else makes the mistake I did.
My issue ended up being that I accidently added 'Microsoft.AspNet.WebPages.WebData' to my project while upgrading my references.
Running "Uninstall-Package Microsoft.AspNet.WebPages.WebData" restored my authentication to it's previous glory.
In MVC for the 4.6 Framework this is done in 2 ways, the first is in the Web.Config as you would expect, the second one is done in the projectfile and is used to configure IIS Express:
<PropertyGroup>
..
<IISExpressAnonymousAuthentication>enabled</IISExpressAnonymousAuthentication>
<IISExpressWindowsAuthentication>disabled</IISExpressWindowsAuthentication>
</Property
Will disable Windows authentication and use anonymous when developing but is not used for the deploying the application.
In this question a user replied that he was able to override the security settings on a shared host. I'm using the same host, but haven't been able to figure out how to change web.config to allow reflection. Is it a one-liner?
I'm using MVC + Nhibernate in my project, but I can't even get an Mvc "new project" template site to work, I suppose the problem is reflection.
Try adding the following line to your web.config:
<system.web>
<trust Level="Full" />
</system.web>
Note, however, that the section might be locked by machine.config.