I created an asp.net MVC 4 Internet application and enabled Google authentication.
after successful login, always 'IsSuccessful' property value is false in OAuthWebSecurity.VerifyAuthentication method.
it is working fine when I run the same solution in an another machine.
I also turned off my firewall and tried, no luck.
I traced and found that some exception occurred in OAuthWebSecurity.VerifyAuthentication method.
Here is the exception detail:
DotNetOpenAuth.Messaging.ProtocolException occurred
HResult=-2146233088
Message=Web request to 'https://www.google.com/accounts/o8/ud' failed.
Source=DotNetOpenAuth.Core
Inner Exception:
The request was aborted: Could not create SSL/TLS secure channel.
I would really appreciate any help.
Related
We have activated health monitoring on our website. Recently we are getting a lot of hack attempts which are caused by bots, but also spawn a lot of server errors.
Exception type: System.Web.HttpException
Exception message: The length of the URL for this request exceeds the configured maxUrlLength value.
Request information:
Request URL: http://www.ourdomain.be/Product/Band/29360" onmousedown="return rwt(this,'','','','7','[CUT_OUT_SOME_STUFF]row ab_button" id="am-b6" href="
User host address: ---.---.47.93
How can I filter these particular events so I don't get 10 emails per second?
Or how can I sanitize the URL before it is handled by the security parts of ASP.NET?
I can't totally repro your error - I get an exception for Illegal characters in path instead. Nevertheless...
Quick and dirty = send your emails to a dummy address and set up a
filter/rule on it so only the ones you want get forwarded to you
Slightly less quick = Use Application_Error with
Server.GetLastError() and Server.ClearError() to inspect and ignore
these
Create your own health monitoring provider, though I think you still
need to use Server.GetLastError to retrieve the exception data. See
http://msdn.microsoft.com/en-us/library/ms227676%28v=vs.85%29.aspx?cs-save-lang=1&cs-lang=vb#code-snippet-1
We have an ASP.Net website that connects to an external web service, and it abruptly stopped working a few days ago.
The basic code is this:
Try
request = New ExternalWebService.ProcessRequestService
' Error occurs here:
response = request.processCommand(parameters)
' Do some other stuff with response here
Catch webEx As System.Net.WebException
' This triggers and generic error gets displayed
Catch ex As Exception
Finally
End Try
The System.Net.WebException gets triggered with a SendFailure exception, and returns this stack trace:
The underlying connection was closed: An unexpected error occurred on a send. -
at System.Web.Services.Protocols.WebClientProtocol.GetWebResponse(WebRequest request)
at System.Web.Services.Protocols.HttpWebClientProtocol.GetWebResponse(WebRequest request)
at System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String methodName, Object[] parameters)
at ExternalWebService.ProcessRequestService.processCommand(parameters)
When I try to debug this problem on my development machine, it works fine and no exception occurs.
There has been no recent updates to our webserver, and I can connect to the wsdl service from the web server with FireFox (I cannot connect with IE however, but that might be related to another issues we have with IE on the web server)
I've tried all the resolutions posted for Error Message #2 here, including setting KeepAlive = False and ServicePointManager.SecurityProtocol = SecurityProtocolType.Ssl3, however none have worked to fix the issue.
Our webserver is running Windows Server 2003 and IIS6.0
What can cause this error to occur on one machine, but not another?
Edit: Here's the Trace information:
System.Web.Services.Asmx Information: 0 : Calling XmlSerializer [Create XmlSerializer]
Method: System.Xml.Serialization.XmlSerializer#1669721556::FromMappings(System.Xml.Serialization.XmlMapping[]#4002219=[4], ExternalWebService.ProcessRequestService#93032588=ExternalWebService.ProcessRequestService)
Caller: System.Web.Services.Protocols.SoapClientType#42808772::.ctor(ExternalWebService.ProcessRequestService#93032588=ExternalWebService.ProcessRequestService)
ProcessId=2796
LogicalOperationStack=
ThreadId=14
DateTime=2012-12-21T17:02:39.2826250Z
Timestamp=61755143048799345
System.Web.Services.Asmx Information: 0 : Return from XmlSerializer [Create XmlSerializer]
Caller: System.Web.Services.Protocols.SoapClientType#42808772::.ctor(ExternalWebService.ProcessRequestService#93032588=ExternalWebService.ProcessRequestService)
ProcessId=2796
LogicalOperationStack=
ThreadId=14
DateTime=2012-12-21T17:02:39.6576250Z
Timestamp=61755144323396760
System.Web.Services.Asmx Information: 0 : Calling XmlSerializer [Write Request]
Method: Microsoft.Xml.Serialization.GeneratedAssembly.ArrayOfObjectSerializer#1231684::Serialize(System.Xml.XmlTextWriter#8023888=.., System.Object[]#19695157=[40], (null), (null))
Caller: ExternalWebService.ProcessRequestService#60553900::Serialize()
ProcessId=2796
LogicalOperationStack=
ThreadId=14
DateTime=2012-12-21T17:02:39.7357500Z
Timestamp=61755144598320131
System.Web.Services.Asmx Information: 0 : Return from XmlSerializer [Write Request]
Caller: ExternalWebService.ProcessRequestService#60553900::Serialize()
ProcessId=2796
LogicalOperationStack=
ThreadId=14
DateTime=2012-12-21T17:02:39.7357500Z
Timestamp=61755144621621529
System.Web.Services.Asmx Information: 0 : Calling WebRequest.GetResponse
Method: System.Net.HttpWebRequest#2800407::GetResponse()
Caller: ExternalWebService.ProcessRequestService#60553900::GetWebResponse()
ProcessId=2796
LogicalOperationStack=
ThreadId=14
DateTime=2012-12-21T17:02:39.7357500Z
Timestamp=61755144622114240
Apparently in my particular case, it was because the web service vendor had increased their security, and our web server didn't have the correct library needed to decipher the connection.
Our only clue was a single System event viewer entry with an ID of 36874 and a source of Schannel a few days back on the same day our site stopped working that said:
An SSL connection request was received from a remote client
application, but none of the cipher suites supported by the client
application are supported by the server. The SSL connection request
has failed.
However if you're debugging this problem yourself, this link was very useful since it gave some simplified descriptions of the error which pointed me in the right direction, that my problem was related to not being able to connect to their web service.
The underlying connection was closed: An unexpected error occurred on a send
This problem occurs when the client computer cannot send an HTTP
request. The client computer cannot send the HTTP request because the
connection has been closed or is unavailable. Lookup the error in
this article http://support.microsoft.com/kb/915599.
and the linked Microsoft support page was also fairly detailed about some different resolutions you could try to fix the most common causes of this problem.
Just an idea, don't know if it's the good one : the same thing happened few months ago on one of our server, because someone (security team ? :/) changed the write permission on the "%SYSTEMROOT%\Temp" folder. Since that action, XMLSerializer couldn't generate the temporary assembly used to serialize/deserialize.
From http://www.hanselman.com/blog/ChangingWhereXmlSerializerOutputsTemporaryAssemblies.aspx
:
When using the XmlSerializer from ASP.NET there are permissions issues
can can be solved by granting the user account read/write permissions
on the %SYSTEMROOT%\Temp folder
So perhaps you can check that the account used by your application pool has write permissions on the "%SYSTEMROOT%\Temp" folder...
Good luck...
I'm getting this error on my web service:
An error occurred while communicating with the remote host. The error code is 0x80070001
The weird thing is that the CPU and memory usage on the server is not high.
The detailed error message:
Error Message:
An error occurred while communicating with the remote host. The error code is 0x80070001.
Stack Trace:
at System.Web.Hosting.IIS7WorkerRequest.RaiseCommunicationError(Int32 result, Boolean throwOnDisconnect)<br />
at System.Web.Hosting.IIS7WorkerRequest.ReadEntityCoreSync(Byte[] buffer, Int32 offset, Int32 size)<br />
at System.Web.Hosting.IIS7WorkerRequest.ReadEntityBody(Byte[] buffer, Int32 size) <br />
at System.Web.HttpRequest.GetEntireRawContent()<br />
at System.Web.HttpRequest.get_InputStream()<br />
at Service.Upload() in c:\inetpub\path\Service.aspx.cs:line 213
After Google Search:
Thread on Microsoft Forums and I disable the offloading of network card and nothing change :(
Question on Stack OverFlow No answers :(
How can I fix this problem?
More information
Inner Exception Message: The handle is invalid. (Exception from HRESULT: 0x80070006 (E_HANDLE))
Very Important
This is only happened with a web application, but if I used a web site, nothing happened (no error).
And after a lot of research I think this error is caused by the web.config file.
I receive this error on my site also. I've determined the agent that generally causes this problem and it is a webcrawler like the one used by Google to index pages.
Anyway, I believe the answer is either Cause 1 or Cause 2:
Cause 1
This problem occurs because the client makes an HTTP request by using an HTTP method that does not comply with the HTTP specifications.
Cause 2
This problem occurs because a client makes an HTTP request by sending the POST method to a page that is configured to be handled by the StaticFile handler. For example, a client sends the POST method to a static HTML page. However, pages that are configured for the StaticFile handler do not support the POST method.
Check out the microsoft link for more explanation and possible resolution: http://support.microsoft.com/kb/942051
Close any object which is not in use (close when you are done using an object and initialize everything to null until you NEED to use it.)
This is because of an internal memory leakage in your code. As a result, it is not able to create a new object in memory.
I have an ASP .NET webpage which calls an ASP.NET webservice existing on the same site. Both of them require integrated windows authentication.
I get the following error during invoke of the webservice method when I run my webpage:
"The request failed with HTTP status 401: Unauthorized. "
I have no clue why it is failing. Is there a way to know which authentication protocol is being used from the website to invoke the webservice method, and why it is failing?
EDIT : As suggested, I downloaded auth diagnostics, and monitored it when i ran my webpage. Following is result:
AcceptSecurityContext
Package=NTLM Result=0x0 ContextAttr=0x12001c UserName= ClientName= ServerName=Result=0x0(Fail: context has ASC_RET_NULL_SESSION flag)
Main process: Finished, 1 issue detected
Have you gone through the Microsoft Troubleshooting HTTP 401 errors article?
How is IIS configured? Is it set up to use anonymous or Windows Auth? Also, what context is the app pool using? Perhaps the web is running under a context that doesn't have permissions to hit the web service?
Getting unhandled exception event log messages for legitimate exceptions but the event log message includes noise in the request URL.
The noise is injected where uri escaped characters are. Noise like the apppool name, "An unhandled exception has occurred.", False and sometimes the request url itself recursively injected, sometimes a dozen times inside the url. The IIS logs don't show this injection, just the original url.
Here's one of the recursive examples:
Request URL: http://domain.com/Page.aspx?q=bransonAn unhandled exception has occurred.Chttp://domain.com/Page.aspx?q=bransonAn unhandled exception has occurred.Chttp://domain.com/Page.aspx?q=bransonAn unhandled exception has occurred.Chttp://domain.com/Page.aspx?q=branson%2C%20momomomo
The one somewhat unusual thing about the code is that it uses an exception filter which does some logging and then returns false, allowing the exception to go unhandled.
I've encountered the same issue as described above and after a few days on Google have come up with the what caused it (well for me anyway) and thought that I'd share - Even though this discussion is over a year old.
It was caused by spaces being included in the query string, which were getting changed to %20. When an exception was getting raised within the code it appears that IIS (or the Development Server in Visual Studio 2008) was, possibly, assuming that the %20 was a parameter to be passed in to the exception handler and building up the crazy looking Request URL - It was always contained 82 times within the log and no where I searched mentioned this.
In the web.config the encoding can be managed through the globalization section, but this didn't resolve our issue - It turns out that if you use RFC2396, then you don't get this issue. We're now replacing our spaces with a non-breakable space character and this is working so far in our testing.