I want to remove the "Test... Invoke" section from the top of my web service pages (partly because the word 'test' may make users mistakenly think they are not executing something in production when they click it!), but still allow HTTPGET/POST for API users.
Any idea how?
Try add follow text in Web.Config (I checked it - in my test-case it works)
<system.web>
<webServices>
<protocols>
<remove name="Documentation" />
</protocols>
</webServices>
</system.web>
http://msdn.microsoft.com/en-us/library/2tyf2t8t.aspx
You are talking about *.asmx services, write?
Invoke available only when request is local, remote clients will see next message instead:
The test form is only available for requests from the local machine.
You can't modify this auto generated pages, but you might want to display custom page:
<system.web>
<webServices>
<wsdlHelpGenerator href="helpPage.aspx"></wsdlHelpGenerator>
</webServices>
</system.web>
In this case Wsdl still will be available at service.asmx?wsdl.
Related
I´m using Plesk and in Web scripting and statistics I have Microsoft ASP support in ON.
I uploaded a application (which works correctly in my PC) to a directory and it can be shown but when I go to the aspx file it shows me the 404 error (The path is the correct).
I noticed that some files in "shtml" extension are neither shown by the server.
This is my very first time with ASP.NET, ISS8 and Plesk. I don´t know what to do. I will thank you for your help
You have to set the HTTP Handler Extension. If you have no access to IIS directly, you could do on the web.config:
Open the Web.config file for the application, locate the httpHandlers element of the system.web section and add an entry for the file-name extension
Example:
<system.webServer>
<handlers>
<add name="SampleHandler" verb="*"
path="SampleHandler.new"
type="SampleHandler, SampleHandlerAssembly"
resourceType="Unspecified" />
</handlers>
</system.webServer>
For more configuration options please refer to:
https://msdn.microsoft.com/en-us/library/bb515343.aspx
and
https://msdn.microsoft.com/en-us/library/46c5ddfy(v=vs.100).aspx
Check also the Custom Handler Policy of Plesk that should not be enabled:
https://docs.plesk.com/en-US/onyx/administrator-guide/plesk-administration/securing-plesk/custom-handlers-policy.76787/
Here I've found also another interesting document:
https://learn.microsoft.com/en-us/iis/configuration/system.webserver/handlers/
Scroll down and you'll find a piece of code to add the handlers programmatically, even if I suggest you to add them in your web.config
I have successfully setup Elmah at machine level in order to have error logging for all web applications. Now I want to add the RSS feed of each application to Outlook. Problem is applications are secured and won't allow Outlook to access RSS feed (at my.web.application.com/elmah.axd/rss). Since I can't ask Outlook to login in the app, I figured I'd give access to anybody to the elmah path and restrict by IP address (actually restricting to our local network), with the following config:
<location path="elmah.axd">
<system.web>
<authorization>
<allow users="*" />
</authorization>
</system.web>
<system.webServer>
<security>
<ipSecurity allowUnlisted="false">
<clear/>
<add ipAddress="127.0.0.1" allowed="true" />
<add ipAddress="10.0.0.0" allowed="true" subnetMask="255.255.255.0" />
</ipSecurity>
</security>
</system.webServer>
</location>
This actually works when put in the application's Web.config: I have access to the elmah.axd page without logging in. Perfect. Now I wanted to do this at machine level so every application behaves the same. So I put it at the same places I put the Elmah config, that is:
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\Config\web.config
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\CONFIG\web.config
C:\Windows\System32\inetsrv\config\applicationHost.config (IIS config)
Although putting the config there made Elmah respond on every web application, it doesn't work with that security config: the applications still ask to login... What need I do to make it work at machine level ?
Would it be that in machine level web.config the path is not relative to the applications ? but then how can I make it work ? (I also tried ~/elmah.axd without success...)
Check for overrides in each application's configuration.
The local configuration settings override settings in parent
configuration files.
Source: https://msdn.microsoft.com/en-us/library/ms178685%28v=vs.140%29.aspx
I'm trying to add users to IIS Manager via web.config, but whenever I add the following lines, the web site stops working and says web.config is not valid.
The web site works if I add those lines in administration.config, but I like to keep the scope small by sticking with web.config.
<system.webServer>
<management>
<authorization defaultProvider="ConfigurationAuthorizationProvider">
<authorizationRules>
<scope path="/MyApp">
<add name="domain\user" />
</scope>
</authorizationRules>
</authorization>
</management>
</system.webServer>
A simple Google search can answer your question.
IIS Management element
From that page:
Note: The settings in the management element can only be configured in the Administration.config file.
We have a site running on MOSS 2007 which makes calls to custom web service asmx methods on the same domain from the client.
At first everything works fine, but after a bit of time has passed the service will start to fail with:
http://[domain]/_layouts/error.aspx?ErrorText=Request format is unrecognized for URL unexpectedly ending in %27%2FIsSuspectWaterLevel%27.
Interestingly enough
http://[Domain]/_vti_bin/Custom/CustomFunctionality.asmx?op=IsSuspectWaterLevel
is still available, but a call to
http://[Domain]/_vti_bin/Custom/CustomFunctionality.asmx/IsSuspectWaterLevel
will fail as described.
We've found that "touching" C:\Program Files\Common Files\microsoft shared\Web Server Extensions\12\ISAPI\ web.config will bring the webservice back to life.
The asmx file lives at
C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\12\ISAPI\ECan\MyECan_ComplianceWaterUsage.asmx
Any ideas of what might be going on here and how to resolve them?
Some extra detail:
App pool settings in case they're useful: http://i51.tinypic.com/x51qw.png
The following web.config settings are present in the root and sub directory hosting the asmx:
<system.web>
<webServices>
<protocols>
<add name="HttpSoap" />
<add name="HttpGet" />
<add name="HttpPost" />
</protocols>
</webServices>
...
</system.web>
We are calling the web service from javascript (jQuery). I've checked all the settings mentioned in this link and all match. I think calling from javascript may not be the culprit though as going directly to
[domain]/_vti_bin/Custom/CustomFunctionality.asmx/IsSuspectWaterLevel
with parameters supplied also fails with the same error - no javascript involved. Failing after a short period of time has passed, but works fine when web.config has just been "touched" again.
Thanks in advance for any help! Cheers, Gavin
I'm currently working on the same problem, and I think you barked the wrong tree.
The problem is, that in the ISAPI folder of SharePoint is a web.config with the following lines:
<webServices>
<protocols>
<remove name="HttpGet"/>
<remove name="HttpPost"/>
<remove name="HttpPostLocalhost"/>
<add name="Documentation"/>
</protocols>
</webServices>
The problem is, that the desired protocols POST and GET will be removed for the entire ISAPI folder and its subfolders. I also tried to reactivate the protocols via
<location path="[Path to my Web Service].asmx" allowOverride="false">
<webServices>
<protocols>
<add name="HttpGet"/>
<add name="HttpPost"/>
</protocols>
</webServices>
</loaction>
in different places (machine.config, web.config of root folder, web.config app.config, ...), but it didn't last.
The only thing that worked, was, to change the "remove" items in the web.config of the ISAPI folder to "add" items.
But this has the nasty side effect, that the built-in web services, like "Lists.asmx" throw errors if you try to request their documentation pages...
If you can live with that, this would be your solution. I can't, so I still try to figure out a way to make my
<add name="protocol">
items persistent.
By the way: Also adding lockItem="true" to the <add/> items didn't do the trick...
Chris
It has been awhile since I have touched Sharepoint so this is a shot in the dark. If I remember correctly modifying anything in the web.config will restart the website in IIS. So what you may be seeing is IIS restarting the website that hosts the webservice putting it back into a good state.
Do you have the following in the web.config for the web application?
<webServices>
<protocols>
<add name="HttpGet"/>
<add name="HttpPost"/>
</protocols>
</webServices>
This is a strange problem and hard to diagnose due to the number of occcurances of the 12 hives web.config protocols issue which would appear to resolve 99% of the cases of this issue.
There is another issue called URL rewriting that will cause this
problem.
Some reverse proxy devices can modify the path of a request (the
portion of the URL that comes after the hostname and port number) in
such a way that a request sent by the user to
http://www.contoso.com/sharepoint/default.aspx, for example, is
forwarded to the Web server as
http://sharepoint.perimeter.example.com/default.aspx.
This is referred to as an asymmetrical path. Windows SharePoint
Services 3.0 does not support asymmetrical paths. The path of the URL
must be symmetrical between the public URL and the internal URL. In
the preceding example, this means that the "/sharepoint/default.aspx"
portion of the URL must not be modified by the reverse proxy device.
Even more depressing is that microsoft knows about this and actively refuses to support it.
Ref: URL Rewrite + SharePoint = No Support
Also : SharePoint, url rewriter, WebServices
An inelegant workaround to this issue that works for us: We've swapped out the web service asmx end point for a web handler ashx endpoint. This doesn't suffer the same issue for some reason.
I'm guessing from this that there's some issue creeping in after a period of time which is causing urls to resolve incorrectly. I suspect that the / after the .asmx in the url is the curprit. The ashx endpoint implemented is working purely on url parameters and posted data.
Obviously this work around won't always be an option for others who might experience the same issue as we're loosing a lot of the rich web service functionality that's pre-baked in to an asmx endpoint.
Unfortunately I won't be able to test any other solutions that people might put forward from now on as we've moved away from the web service asmx approach. Sorry. Thanks for all the suggestions though - it's been very much appreciated!
Scenario:
I have a bunch of web applications for which I want to add a simple ping functionality via http handler. Example: Http://myserver/foo/testfolder/ping.me
Problem:
For some of the applications this approach does not work becasue of custom HttpModule. These modules have some depedency on either authentication or some other processing logic due to which it makes the request invalid.
I am trying to find a solution to get this ping functionality work without making any changes to existing HttpModules.
HttpModules are associated with the application instance and applies to all sub folders.
Hence you cannot bypass it.
Assuming you're wanting to disable HttpModules for only the URL to the ping handler, you can do this in your web.config:
<location path="/url/to/ping/handler">
<system.web>
<httpModules>
<remove name="moduleToRemove1"/>
<remove name="moduleToRemove2"/>
</httpModules>
</system.web>
</location>
This will disable the modules for the given url only.