I copied the following web.config from the github paypal net sdk page, but got an error saying could not find schema information for the element ;Paypal'. Is there something wrong with my web.config syntax (this is for an asp.net website):
<?xml version="1.0" encoding="utf-8"?>
<!--
For more information on how to configure your ASP.NET application, please visit
http://go.microsoft.com/fwlink/?LinkId=169433
-->
<configSections>
<section name="paypal" type="PayPal.SDKConfigHandler, PayPal" />
</configSections>
<!-- PayPal SDK settings -->
<paypal>
<settings>
<add name="mode" value="sandbox"/>
<add name="clientId" value="_client_Id_"/>
<add name="clientSecret" value="_client_secret_"/>
</settings>
</paypal>
</configuration>
Your code appears correct according to the documentation found here.
Are you sure that you have the appropriate references included for Paypal (via NuGet or manually)?
Additionally, you appear to be missing an opening <configuration> element, which could be an issue as well (unless that is just a typo) :
<?xml version="1.0" encoding="utf-8"?>
<!--
For more information on how to configure your ASP.NET application, please visit
http://go.microsoft.com/fwlink/?LinkId=169433
-->
<configuration>
<configSections>
<section name="paypal" type="PayPal.SDKConfigHandler, PayPal" />
</configSections>
<!-- PayPal SDK settings -->
<paypal>
<settings>
<add name="mode" value="sandbox"/>
<add name="clientId" value="_client_Id_"/>
<add name="clientSecret" value="_client_secret_"/>
</settings>
</paypal>
</configuration>
Related
First I add my package source (test).
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<packageSources>
<add key="nuget.org" value="https://api.nuget.org/v3/index.json" protocolVersion="3" />
<add key="test" value="https://mytestpackagesource" />
</packageSources>
</configuration>
When I run dotnet restore I get a 401 (Unauthorized), which is expected. So I add credentials.
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<packageSources>
<add key="nuget.org" value="https://api.nuget.org/v3/index.json" protocolVersion="3" />
<add key="test" value="https://mytestpackagesource" />
</packageSources>
<packageSourceCredentials>
<test>
<add key="Username" value="apparently this can be anything when you use a token?" />
<add key="ClearTextPassword" value="my personal access token" />
</test>
</packageSourceCredentials>
</configuration>
And this works. But if I change the token to something invalid or even remove the packageSourceCredentials element completely it still works, which makes me believe my token got stored somewhere else. So my question is where did it get stored and how do I update it?
In an attempt to simplify our web.config, I wanted to break out the NWebsec configuration into a separate file using the configSource attribute:
web.config
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<configSections>
<sectionGroup name="nwebsec">
<section name="httpHeaderSecurityModule" type="NWebsec.Modules.Configuration.HttpHeaderSecurityConfigurationSection, NWebsec, Version=4.2.0.0, Culture=neutral, PublicKeyToken=3613da5f958908a1" requirePermission="false" />
</sectionGroup>
</configSections>
<nwebsec configSource="App_Config\NWebsec.config" />
<!--- remainder of file omitted for brevity -->
</configuration>
App_Config\NWebsec.config
<?xml version="1.0"?>
<nwebsec>
<httpHeaderSecurityModule xmlns="http://nwebsec.com/HttpHeaderSecurityModuleConfig.xsd" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<redirectValidation enabled="true">
<!-- omitted for brevity -->
</redirectValidation>
<securityHttpHeaders>
<!-- omitted for brevity -->
</securityHttpHeaders>
</httpHeaderSecurityModule>
</nwebsec>
When I make a request to the application I now receive a HTTP 500 error with no other details. There is also nothing related in the Windows Event Viewer.
Is what I'm attempting possible with NWebsec configuration?
How do I get more detail on the error which is occurring and causing the HTTP 500 response?
I believe this is because the nwebsec element is defined as a sectionGroup:
<sectionGroup name="nwebsec">
<section name="httpHeaderSecurityModule" type="..." />
</sectionGroup>
The configSource attribute works for the section element only.
Amending the web.config:
<nwebsec>
<httpHeaderSecurityModule configSource="App_Config\NWebsec.config" />
</nwebsec>
In addition to amending the root element of the referenced file (App_Config\NWebsec.config), enables this to work as desired:
<?xml version="1.0"?>
<httpHeaderSecurityModule xmlns="http://nwebsec.com/HttpHeaderSecurityModuleConfig.xsd" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<redirectValidation enabled="true">
...
I am attempting to add a aspx page inside orchard cms application. I have placed my aspx page in a folder /Web/Test.aspx in the Orchard.Web web application. Note: I am using the source of orchard at the moment. I also added the necessary handler, as posted in this post, in the system.webServer tag in the config. Currently getting 'The resource cannot be found.'
Here is what my web config looks like around the system.webServer tag.
<configuration>
<system.webServer>
<handlers accessPolicy="Script">
<!-- already listed, not added by me -->
<clear/>
<!-- added by me -->
<add name="ASPX" path="*.aspx" verb="*" type="System.Web.UI.PageHandlerFactory" preCondition="integratedMode" requireAccess="Script">
<!-- already listed, not added by me -->
<add name="NotFound" path="*" type="System.Web.HttpNotFoundHandler" preCondition="integratedMode" requireAccess="Script"/>
</handlers>
</system.webServer>
</configuration>
I'm I missing anything?
Remove the clear tag and the Notfound handler and then try again.
I have the entries below in my Web.config and I am using .NET 2.0 and C# for coding.
<add key="userName" value="s752549"/>
<add key="userPassword" value="Delhi#007"/>
Now I want this to be encrypted so that nobody can see it, and also these passwords may change frequently (every fifteen days).
Just wanted to add to this, the marked answer was 99% complete, but it didn't provide how to specify the location of the web config. Rather than root around the internet, thought I'd just post the complete command. As such, here is the command I executed
C:\Windows\Microsoft.NET\Framework64\v4.0.30319>aspnet_regiis -pef "secureAppSettings" "C:\MyLocalPublishDirectory\MyApp" -prov DataProtectionConfigurationProvider
You could put the username and password into a separate section and encrypt this section only. For example:
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<configSections>
<section name="secureAppSettings" type="System.Configuration.NameValueSectionHandler, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
</configSections>
<appSettings>
<add key="Host" value="www.foo.com" />
<add key="Token" value="qwerqwre" />
<add key="AccountId" value="123" />
<add key="DepartmentId" value="456" />
<add key="SessionEmail" value="foo#foo.com" />
<add key="DefaultFolder" value="789" />
</appSettings>
<secureAppSettings>
<add key="userName" value="s752549"/>
<add key="userPassword" value="Delhi#007"/>
</secureAppSettings>
</configuration>
and then use aspnet_regiis
For Ex:
aspnet_regiis -pef secureAppSettings . -prov DataProtectionConfigurationProvider
You can Protect / Unprotect entire config sections in .NET.
For more info see http://www.codeproject.com/Articles/38188/Encrypt-Your-Web-config-Please.aspx
you could use aspnet_regiis, see http://msdn.microsoft.com/en-us/library/zhhddkxy(v=VS.80).aspx
I am trying to setup elmah for asp.net 1.1 application.
i have following entry in my web.config
<httpHandlers>
<add verb="POST,GET,HEAD" path="elmah.axd" type="Elmah.ErrorLogPageFactory, Elmah" />
</httpHandlers>
<httpModules>
<add name="ErrorLog" type="Elmah.ErrorLogModule, Elmah"/>
</httpModules>
<configSections>
<sectionGroup name="elmah">
<section name="security" type="Elmah.SecuritySectionHandler, Elmah"/>
<section name="errorLog" type="Elmah.ErrorLogSectionHandler, Elmah" />
<section name="errorMail" type="Elmah.ErrorMailSectionHandler, Elmah" />
<section name="errorFilter" type="Elmah.ErrorFilterSectionHandler, Elmah"/>
</sectionGroup>
did i missing anything?
We need to log error into XML files and it should be available from remote location. my web.config looks
<configSections>
<sectionGroup name="elmah">
<section name="security" type="Elmah.SecuritySectionHandler, Elmah"/>
<section name="errorLog" type="Elmah.ErrorLogSectionHandler, Elmah" />
<section name="errorMail" type="Elmah.ErrorMailSectionHandler, Elmah" />
<section name="errorFilter" type="Elmah.ErrorFilterSectionHandler, Elmah"/>
</sectionGroup>
<httpModules>
<add name="ErrorLog" type="Elmah.ErrorLogModule, Elmah"/>
</httpModules>
<!--
<elmah>
<security allowRemoteAccess="yes" />
<errorLog type="Elmah.XmlFileErrorLog, Elmah" logPath="C:\Inetpub\wwwroot\LearnElmah\App_Data\Elmah" />
</elmah>
-->
<!-- DYNAMIC DEBUG COMPILATION
Set compilation debug="true" to enable ASPX debugging. Otherwise, setting this value to
false will improve runtime performance of this application.
Set compilation debug="true" to insert debugging symbols (.pdb information)
into the compiled page. Because this creates a larger file that executes
more slowly, you should set this value to true only when debugging and to
false at all other times. For more information, refer to the documentation about
debugging ASP.NET files.
-->
<compilation
defaultLanguage="c#"
debug="true"
/>
<!-- CUSTOM ERROR MESSAGES
Set customErrors mode="On" or "RemoteOnly" to enable custom error messages, "Off" to disable.
Add <error> tags for each of the errors you want to handle.
"On" Always display custom (friendly) messages.
"Off" Always display detailed ASP.NET error information.
"RemoteOnly" Display custom (friendly) messages only to users not running
on the local Web server. This setting is recommended for security purposes, so
that you do not display application detail information to remote clients.
-->
<customErrors
mode="Off"
/>
<!-- AUTHENTICATION
This section sets the authentication policies of the application. Possible modes are "Windows",
"Forms", "Passport" and "None"
"None" No authentication is performed.
"Windows" IIS performs authentication (Basic, Digest, or Integrated Windows) according to
its settings for the application. Anonymous access must be disabled in IIS.
"Forms" You provide a custom form (Web page) for users to enter their credentials, and then
you authenticate them in your application. A user credential token is stored in a cookie.
"Passport" Authentication is performed via a centralized authentication service provided
by Microsoft that offers a single logon and core profile services for member sites.
-->
<authentication mode="Windows" />
<!-- AUTHORIZATION
This section sets the authorization policies of the application. You can allow or deny access
to application resources by user or role. Wildcards: "*" mean everyone, "?" means anonymous
(unauthenticated) users.
-->
<authorization>
<allow users="*" /> <!-- Allow all users -->
<!-- <allow users="[comma separated list of users]"
roles="[comma separated list of roles]"/>
<deny users="[comma separated list of users]"
roles="[comma separated list of roles]"/>
-->
</authorization>
<!-- APPLICATION-LEVEL TRACE LOGGING
Application-level tracing enables trace log output for every page within an application.
Set trace enabled="true" to enable application trace logging. If pageOutput="true", the
trace information will be displayed at the bottom of each page. Otherwise, you can view the
application trace log by browsing the "trace.axd" page from your web application
root.
-->
<trace
enabled="false"
requestLimit="10"
pageOutput="false"
traceMode="SortByTime"
localOnly="true"
/>
<!-- SESSION STATE SETTINGS
By default ASP.NET uses cookies to identify which requests belong to a particular session.
If cookies are not available, a session can be tracked by adding a session identifier to the URL.
To disable cookies, set sessionState cookieless="true".
-->
<sessionState
mode="InProc"
stateConnectionString="tcpip=127.0.0.1:42424"
sqlConnectionString="data source=127.0.0.1;Trusted_Connection=yes"
cookieless="false"
timeout="20"
/>
<!-- GLOBALIZATION
This section sets the globalization settings of the application.
-->
<globalization
requestEncoding="utf-8"
responseEncoding="utf-8"
/>
You also need the elmah section that defines the type of logger you are going to use, and, depending on which logger you use, possibly a connectionstring :
<elmah>
<security allowRemoteAccess="yes" />
<!--<errorLog type="Elmah.XmlFileErrorLog, Elmah" logPath="~/App_Data/Elmah" />-->
<errorLog type="Elmah.SqlErrorLog, Elmah" connectionStringName="elmah" applicationName="MyApp" />
</elmah>
<connectionStrings>
<add name="elmah" connectionString="" providerName="System.Data.SqlClient" />
</connectionStrings>
this is a very late entry but anyone trying to set up ELMAH with .NET 1.1 and Visual Studio 2003, browse to following location:
https://code.google.com/p/elmah/source/browse/samples/web.config?repo=1x&r=c1d14a9e1626b74a4a606bae8bf9ae829ec641c5