I am using this but still showing 200 response code while checking it on burpsuit
<verbs allowUnlisted="false">
<clear />
<add verb="GET" allowed="true" />
<add verb="POST" allowed="true" />
<add verb="TRACE" allowed="false" />
<add verb="OPTIONS" allowed="false" />
<add verb="HEAD" allowed="false" />
<add verb="PUT" allowed="false" />
<add verb="CONNECT" allowed="false" />
<add verb="DELETE" allowed="false" />
<add verb="TRACK" allowed="false" />
</verbs>
I want to use the dashboard using DevExpress and I wanted to know in my web.config file how I should configure to set the connection string with API, below I leave my format as it is currently in my project.
<connectionStrings>
<add name="DefaultConnection" connectionString="data source=(localdb)\mssqllocaldb;initial catalog=????? ;integrated security=SSPI" providerName="System.Data.SqlClient" />
</connectionStrings>
<appSettings>
<add key="webpages:Version" value="3.0.0.0" />
<add key="webpages:Enabled" value="false" />
<add key="PreserveLoginUrl" value="true" />
<add key="ClientValidationEnabled" value="true" />
<add key="UnobtrusiveJavaScriptEnabled" value="true" />
<add key="vs:EnableBrowserLink" value="false" />
<add key="AuthUrl" value="https://???????" />
<add key="ResourceUrl" value="https://?????" />
<add key="HisResourceUrl" value="https://????" />
<add key="ClientId" value="???" />
<add key="ClientSecret" value="???" />
</appSettings>
I am working on an asp.net console application , and i am trying to add a custom app settings section to encrypt it, as follow:-
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<customAppSettingsGroup>
<customAppSettings>
<add key="KeyOne" value="****" />
</customAppSettings>
</customAppSettingsGroup>
<appSettings>
<add key="ConcurrentRequests" value="100" />
<add key="ApiLimit" value="100" />
<add key="FullScanDay" value="Tuesday" />
<add key="logsFilePath" value="C:\logslogs\" />
<add key="TPSFilePathAndName" value="C:\ctps_ns.txt" />
<add key="PhoneNumberLength" value="11" />
</appSettings>
<startup>
<supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.6.1" />
</startup>
</configuration>
but when i run the console application i will get this error:-
ConfigurationErrorsException: Unrecognized configuration section customAppSettingsGroup.
any advice?
EDIT-
I tried this inside my app.config:-
<configuration>
<configSections>
<sectionGroup name="customAppSettingsGroup">
<section name="customAppSettings"
type="System.Configuration.NameValueSectionHandler,System" />
</sectionGroup>
</configSections>
<customAppSettingsGroup>
<customAppSettings>
<add key="KeyOne" value="****" />
</customAppSettings>
</customAppSettingsGroup>
<appSettings>
<add key="ConcurrentRequests" value="100" />
<add key="ApiLimit" value="100" />
<add key="FullScanDay" value="Tuesday" />
<add key="logsFilePath" value="C:\logslogs\" />
<add key="TPSFilePathAndName" value="C:\ctps_ns.txt" />
<add key="PhoneNumberLength" value="11" />
</appSettings>
<startup>
<supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.6.1" />
</startup>
</configuration>
but when i try to access the section using this code:-
NameValueCollection settings = ConfigurationManager.GetSection("customAppSettingsGroup/customAppSettings") as System.Collections.Specialized.NameValueCollection;
i got this exception:-
Could not load file or assembly 'System' or one of its dependencies.
The system cannot find the file specified.'
Try it this way
<configuration>
<configSections>
<sectionGroup name="customAppSettingsGroup">
<section name="customAppSettings"
type="System.Configuration.NameValueSectionHandler,System" />
</sectionGroup>
</configSections>
<customAppSettingsGroup>
<customAppSettings>
<add key="KeyOne" value="****" />
</customAppSettings>
</customAppSettingsGroup>
<appSettings>
<add key="ConcurrentRequests" value="100" />
<add key="ApiLimit" value="100" />
<add key="FullScanDay" value="Tuesday" />
<add key="logsFilePath" value="C:\logslogs\" />
<add key="TPSFilePathAndName" value="C:\ctps_ns.txt" />
<add key="PhoneNumberLength" value="11" />
</appSettings>
<startup>
<supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.6.1" />
</startup>
</configuration>
We are migrating from IIS 5.1 to IISExpress on developer machines. We have ASP .NET app which also hosts some .asmx webservices.
When using IIS 5.1 we can access wsdl using following URL
http ://localhost/MY_PATH/Service/WebServiceName.asmx?wsdl
However when I use IISExpress I can see all pages of my application successfully but when I try to see wsdl(http ://localhost/MY_PATH/Service/WebServiceName.asmx?wsdl) I get following error.
HTTP Error 404.17 - Not Found
The requested content appears to be script and will not be served by the static file handler.
Most likely causes:
The request matched a wildcard mime map. The request is mapped to the static file handler. If there were different pre-conditions, the request will map to a different handler.
Things you can try:
If you want to serve this content as a static file, add an explicit MIME map.
Detailed Error Information:
Module StaticFileModule
Notification ExecuteRequestHandler
Handler StaticFile
Error Code 0x80070032
Please let me know what is going wrong here. Following is my applicationHost.config
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<configSections>
<sectionGroup name="system.applicationHost">
<section name="applicationPools" allowDefinition="AppHostOnly" overrideModeDefault="Deny" />
<section name="configHistory" allowDefinition="AppHostOnly" overrideModeDefault="Deny" />
<section name="customMetadata" allowDefinition="AppHostOnly" overrideModeDefault="Deny" />
<section name="listenerAdapters" allowDefinition="AppHostOnly" overrideModeDefault="Deny" />
<section name="log" allowDefinition="AppHostOnly" overrideModeDefault="Deny" />
<section name="preloadProviders" allowDefinition="AppHostOnly" overrideModeDefault="Deny" />
<section name="sites" allowDefinition="AppHostOnly" overrideModeDefault="Deny" />
<section name="webLimits" allowDefinition="AppHostOnly" overrideModeDefault="Deny" />
</sectionGroup>
<sectionGroup name="system.webServer">
<section name="asp" overrideModeDefault="Deny" />
<section name="caching" overrideModeDefault="Allow" />
<section name="cgi" overrideModeDefault="Deny" />
<section name="defaultDocument" overrideModeDefault="Allow" />
<section name="directoryBrowse" overrideModeDefault="Allow" />
<section name="fastCgi" allowDefinition="AppHostOnly" overrideModeDefault="Deny" />
<section name="globalModules" allowDefinition="AppHostOnly" overrideModeDefault="Deny" />
<section name="handlers" overrideModeDefault="Deny" />
<section name="httpCompression" allowDefinition="AppHostOnly" overrideModeDefault="Deny" />
<section name="httpErrors" overrideModeDefault="Allow" />
<section name="httpLogging" overrideModeDefault="Deny" />
<section name="httpProtocol" overrideModeDefault="Allow" />
<section name="httpRedirect" overrideModeDefault="Allow" />
<section name="httpTracing" overrideModeDefault="Deny" />
<section name="isapiFilters" allowDefinition="MachineToApplication" overrideModeDefault="Deny" />
<section name="modules" allowDefinition="MachineToApplication" overrideModeDefault="Deny" />
<section name="odbcLogging" overrideModeDefault="Deny" />
<sectionGroup name="security">
...
</sectionGroup>
<section name="urlCompression" overrideModeDefault="Allow" />
<section name="validation" overrideModeDefault="Allow" />
<sectionGroup name="webdav">
<section name="globalSettings" overrideModeDefault="Deny" />
<section name="authoring" overrideModeDefault="Deny" />
<section name="authoringRules" overrideModeDefault="Deny" />
</sectionGroup>
<sectionGroup name="rewrite">
...
</sectionGroup>
</sectionGroup>
</configSections>
<configProtectedData>
<providers>
...
</providers>
</configProtectedData>
<system.applicationHost>
<applicationPools>
<add name="Clr4IntegratedAppPool" managedRuntimeVersion="v4.0" managedPipelineMode="Integrated" CLRConfigFile="%IIS_BIN%\config\templates\PersonalWebServer\aspnet.config" autoStart="true" />
...
<add name="IISExpressAppPool" autoStart="true" managedRuntimeVersion="v2.0" managedPipelineMode="Integrated" CLRConfigFile="%IIS_BIN%\config\templates\PersonalWebServer\aspnet.config" />
<applicationPoolDefaults managedRuntimeLoader="v4.0">
</applicationPoolDefaults>
</applicationPools>
<listenerAdapters>
<add name="http" />
</listenerAdapters>
<sites>
<site id="1" name="MySite" serverAutoStart="true">
<application path="/" >
<virtualDirectory path="/" physicalPath="C:\MyProject" />
<virtualDirectory path="/MY_PATH" physicalPath="C:\MyProject" />
</application>
<bindings>
<binding bindingInformation=":8080:localhost" protocol="http" />
</bindings>
</site>
<siteDefaults>
<logFile logFormat="W3C" directory="C:\app_tmp\IISExpress\iWin7.0\Logs" />
<traceFailedRequestsLogging directory="C:\app_tmp\IISExpress\iWin7.0\Trace" enabled="true" maxLogFileSizeKB="1024" />
</siteDefaults>
<applicationDefaults applicationPool="Clr2ClassicAppPool" />
<virtualDirectoryDefaults allowSubDirConfig="true" />
</sites>
<webLimits />
</system.applicationHost>
<system.webServer>
<serverRuntime />
<asp scriptErrorSentToBrowser="true">
<cache diskTemplateCacheDirectory="%TEMP%\iisexpress\ASP Compiled Templates" />
<limits />
</asp>
<caching enabled="true" enableKernelCache="true">
</caching>
<cgi />
<defaultDocument enabled="true">
<files>
<add value="Default.htm" />
<add value="Default.asp" />
<add value="index.htm" />
<add value="index.html" />
<add value="iisstart.htm" />
<add value="default.aspx" />
</files>
</defaultDocument>
<directoryBrowse enabled="false" />
<fastCgi />
<globalModules>
...
</globalModules>
<httpCompression directory="%TEMP%\iisexpress\IIS Temporary Compressed Files">
<scheme name="gzip" dll="%IIS_BIN%\gzip.dll" />
<dynamicTypes>
<add mimeType="text/*" enabled="true" />
<add mimeType="message/*" enabled="true" />
<add mimeType="application/x-javascript" enabled="true" />
<add mimeType="*/*" enabled="false" />
</dynamicTypes>
<staticTypes>
<add mimeType="text/*" enabled="true" />
<add mimeType="message/*" enabled="true" />
<add mimeType="application/x-javascript" enabled="true" />
<add mimeType="application/atom+xml" enabled="true" />
<add mimeType="application/xaml+xml" enabled="true" />
<add mimeType="*/*" enabled="false" />
</staticTypes>
</httpCompression>
<httpErrors lockAttributes="allowAbsolutePathsWhenDelegated,defaultPath">
<error statusCode="401" prefixLanguageFilePath="%IIS_BIN%\custerr" path="401.htm" />
...
<error statusCode="502" prefixLanguageFilePath="%IIS_BIN%\custerr" path="502.htm" />
</httpErrors>
<httpLogging dontLog="false" />
<httpProtocol>
<customHeaders>
<clear />
<add name="X-Powered-By" value="ASP.NET" />
</customHeaders>
<redirectHeaders>
<clear />
</redirectHeaders>
</httpProtocol>
<httpRedirect enabled="false" />
<httpTracing>
</httpTracing>
<isapiFilters>
<filter name="ASP.Net_2.0.50727.0" path="%windir%\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll" enableCache="true" preCondition="bitness32,runtimeVersionv2.0" />
<filter name="ASP.Net_2.0_for_v1.1" path="%windir%\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll" enableCache="true" preCondition="runtimeVersionv1.1" />
<filter name="ASP.Net_4.0_32bit" path="%windir%\Microsoft.NET\Framework\v4.0.30319\aspnet_filter.dll" enableCache="true" preCondition="bitness32,runtimeVersionv4.0" />
</isapiFilters>
<odbcLogging />
<security>
<access sslFlags="None" />
<applicationDependencies>
<application name="Active Server Pages" groupId="ASP" />
</applicationDependencies>
<authentication>
<anonymousAuthentication enabled="true" userName="" />
<basicAuthentication enabled="false" />
<clientCertificateMappingAuthentication enabled="false" />
<digestAuthentication enabled="false" />
<iisClientCertificateMappingAuthentication enabled="false">
</iisClientCertificateMappingAuthentication>
<windowsAuthentication enabled="false">
<providers>
<add value="Negotiate" />
<add value="NTLM" />
</providers>
</windowsAuthentication>
</authentication>
<authorization>
<add accessType="Allow" users="*" />
</authorization>
<ipSecurity allowUnlisted="true" />
<isapiCgiRestriction notListedIsapisAllowed="true" notListedCgisAllowed="true">
<add path="%windir%\Microsoft.NET\Framework\v4.0.30319\webengine4.dll" allowed="true" groupId="ASP.NET_v4.0" description="ASP.NET_v4.0" />
</isapiCgiRestriction>
<requestFiltering>
<fileExtensions allowUnlisted="true" applyToWebDAV="true">
<add fileExtension=".asa" allowed="false" />
<add fileExtension=".asax" allowed="false" />
<add fileExtension=".ascx" allowed="false" />
...
<add fileExtension=".rules" allowed="false" />
</fileExtensions>
<verbs allowUnlisted="true" applyToWebDAV="true" />
<hiddenSegments applyToWebDAV="true">
<add segment="web.config" />
<add segment="bin" />
<add segment="App_code" />
<add segment="App_GlobalResources" />
<add segment="App_LocalResources" />
<add segment="App_WebReferences" />
<add segment="App_Data" />
<add segment="App_Browsers" />
</hiddenSegments>
</requestFiltering>
</security>
<serverSideInclude ssiExecDisable="false" />
<staticContent lockAttributes="isDocFooterFileName">
...
<mimeMap fileExtension=".application" mimeType="application/x-ms-application" />
...
</staticContent>
<tracing>
<traceProviderDefinitions>
<add name="WWW Server" guid="{3a2a4e84-4c21-4981-ae10-3fda0d9b0f83}">
<areas>
<clear />
<add name="Authentication" value="2" />
<add name="Security" value="4" />
<add name="Filter" value="8" />
<add name="StaticFile" value="16" />
<add name="CGI" value="32" />
<add name="Compression" value="64" />
<add name="Cache" value="128" />
<add name="RequestNotifications" value="256" />
<add name="Module" value="512" />
<add name="Rewrite" value="1024" />
<add name="FastCGI" value="4096" />
</areas>
</add>
<add name="ASP" guid="{06b94d9a-b15e-456e-a4ef-37c984a2cb4b}">
<areas>
<clear />
</areas>
</add>
<add name="ISAPI Extension" guid="{a1c2040e-8840-4c31-ba11-9871031a19ea}">
<areas>
<clear />
</areas>
</add>
<add name="ASPNET" guid="{AFF081FE-0247-4275-9C4E-021F3DC1DA35}">
<areas>
<add name="Infrastructure" value="1" />
<add name="Module" value="2" />
<add name="Page" value="4" />
<add name="AppServices" value="8" />
</areas>
</add>
</traceProviderDefinitions>
<traceFailedRequests>
<add path="*">
<traceAreas>
<add provider="ASP" verbosity="Verbose" />
<add provider="ASPNET" areas="Infrastructure,Module,Page,AppServices" verbosity="Verbose" />
<add provider="ISAPI Extension" verbosity="Verbose" />
<add provider="WWW Server" areas="Authentication,Security,Filter,StaticFile,CGI,Compression,Cache,RequestNotifications,Module,Rewrite" verbosity="Verbose" />
</traceAreas>
<failureDefinitions statusCodes="200-999" />
</add>
</traceFailedRequests>
</tracing>
<urlCompression />
<validation />
<webdav>
<globalSettings>
<propertyStores>
<add name="webdav_simple_prop" image="%IIS_BIN%\webdav_simple_prop.dll" image32="%windir%\syswow64\inetsrv\webdav_simple_prop.dll" />
</propertyStores>
<lockStores>
<add name="webdav_simple_lock" image="%IIS_BIN%\webdav_simple_lock.dll" image32="%windir%\syswow64\inetsrv\webdav_simple_lock.dll" />
</lockStores>
</globalSettings>
<authoring>
<locks enabled="true" lockStore="webdav_simple_lock" />
</authoring>
<authoringRules />
</webdav>
</system.webServer>
<location path="" overrideMode="Allow">
<system.webServer>
<modules>
...
</modules>
<handlers accessPolicy="Read, Script">
...
<add name="WebServiceHandlerFactory-ISAPI-4.0_32bit" path="*.asmx" verb="GET,HEAD,POST,DEBUG" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework\v4.0.30319\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv4.0,bitness32" responseBufferLimit="0" />
...
<add name="SimpleHandlerFactory-Integrated" path="*.ashx" verb="GET,HEAD,POST,DEBUG" type="System.Web.UI.SimpleHandlerFactory" preCondition="integratedMode" />
...
<add name="WebServiceHandlerFactory-Integrated" path="*.asmx" verb="GET,HEAD,POST,DEBUG" type="System.Web.Services.Protocols.WebServiceHandlerFactory,System.Web.Services,Version=2.0.0.0,Culture=neutral,PublicKeyToken=b03f5f7f11d50a3a" preCondition="integratedMode,runtimeVersionv2.0" />
...
<add name="StaticFile" path="*" verb="*" modules="StaticFileModule,DefaultDocumentModule,DirectoryListingModule" resourceType="Either" requireAccess="Read" />
</handlers>
</system.webServer>
</location>
</configuration>
You likely do not have the static content role installed in IIS express. See this question and answer for a similar problem/resolution and see if it helps you:
How to install umbraco in root folder of the IIS server in localhost?
I changed requireAccess from 'Read' to 'Execute' for following handler
<add name="StaticFile" path="*" verb="*" modules="StaticFileModule,DefaultDocumentModule,DirectoryListingModule" resourceType="Either" requireAccess="Execute" />
I now get following error on accessing
http://localhost:8080/MY_PATHJ/Service/ServiceName.asmx?wsdl
HTTP Error 403.1 - Forbidden
You have attempted to run a CGI, ISAPI, or other executable program from a directory that does not allow executables to run.
All my .aspx pages are still working fine.
Currently my web.config has this:
<appSettings>
<add key="UserName" />
<add key="DBServer" />
<add key="DBUserName" />
<add key="DBPwd" />
<add key="DB" />
</appSettings>
If i have to connect to multiple db's I would like my web.config to have the following
<appSettings>
<add key="UserName" />
<add key="DBServer" />
<add key="DBUserName" />
<add key="DBPwd" />
<add key="DB" />
</appSettings>
<!--This section needs to hold data for another db server -->
<appSettings>
<add key="UserName" />
<add key="DBServer" />
<add key="DBUserName" />
<add key="DBPwd" />
<add key="DB" />
</appSettings>
The key names should be the same. Or is having multiple connection string sections the way to go?
You should use the <connectionStrings> section for this, it's exactly what it was designed to do :)
You can find more resources on MSDN for how to access your connection strings in this section.