I'm having issue when I run my website on the Reverse Proxy layer. It will display the following javascript error.
=> Message: 'Sys.WebForms.PageRequestManager' is null or not an object
=> Message: Sys.ArgumentTypeException: Object of type 'Sys._Application' cannot be converted to type 'Sys._Application'.
Parameter name: instance
=> Message: 'Telerik' is undefined
They are all pointing to the "ScriptResource.axd" file and default file (frontend and backend).
When I run the website on the application layer (direct access without using the proxy), there is no error as shown above.
Is there any configuration need to enable reverse proxy server(ARR) to work?
Using Sitefinity 3.6 and IIS7
Thanks
Under caching in the server farm, select "Include query string" in the query string support drop down list.
Related
I am currently working on a DotNetNuke website (07.03.02) and I am trying to migrate it to Azure. The website is working on my local machine with IIS.
I followed this tutorial to migrate the website : http://www.dnnsoftware.com/community-blog/cid/154975/moving-a-dnn-install-to-microsoft-azure-websites
So I created a new web application on Azure that will host the website files. I also created a new database on Azure, and I imported my DNN backup database.
I changed the connection strings in my web.config to use my Azure database, I uploaded the website folder on Azure.
Now if I try to browse my webapp using the link [sitename].azurewebsites.net, I get the following error :
DNN Error Domain Name Does Not Exist In The Database
DotNetNuke supports multiple websites from a single database/codebase.
It accomplishes this by converting the URL of the client browser
Request to a valid PortalID in the Portals database table. The
following steps describe the process:
Web Server Processing When a web server receives a Request from a
client browser, it compares the file name extension on the target URL
resource to its Application Extension Mappings defined in IIS. Based
on the corresponding match, IIS then sends the Request to the defined
Executable Path ( aspnet_asapi.dll in the case of ASP.NET Requests ).
The aspnet_isapi.dll engine processes the Request in an ordered series
of events beginning with Application_BeginRequest.
HttpModule.URLRewrite OnBeginRequest ( UrlRewriteModule.vb ) The
Request URL is parsed based on the "/" character A Domain Name is
constructed using each of the relevant parsed URL segments.
Examples:
URL: http://www.exemple.com/default.aspx = Domain Name: www.exemple.com
URL: http://209.75.24.131/default.aspx = Domain Name: 209.75.24.131
URL: http://localhost/DotNetNuke/default.aspx = Domain Name:
localhost/DotNetNuke URL:
http://www.exemple.com/virtualdirectory/default.aspx = Domain Name:
www.exemple.com/virtualdirectory URL:
http://www.exemple.com/directory/default.aspx = Domain Name:
www.exemple.com/directory
Using the Domain Name, the application queries the database ( Portals
table - PortalAlias field ) to locate a matching record.
Note: If there are multiple URLs which correspond to the same website
then the website alias field must contain each valid Domain Name in a
comma separated list.
Example:
URL: http://localhost/DotNetNuke/default.aspx URL:
http://MACHINENAME/DotNetNuke/default.aspx URL:
http://209.32.134.65/DotNetNuke/default.aspx PortalAlias:
localhost/DotNetNuke,MACHINENAME/DotNetNuke,209.32.134.65/DotNetNuke
Note: If you are installing the application to a remote server you
must modify the PortalAlias field value for the default record in the
Portals table according to the rules defined above.
So I inserted the Site Alias ([sitename].azurewebsites.net) record into the PortalAlias table as mentioned in the turorial.
Now when I try to reach the website [sitename].azurewebsites.net, I don't have the previous DNN error but it loads for a long time and then I got the following error :
www.[sitename].azurewebsites.net’s server DNS address could not be
found. DNS_PROBE_FINISHED_NXDOMAIN
After the load end, the URL curiously become https://www.[sitename].azurewebsites.net and the DNS error occur.
Is there something I need to change in Azure or in my web.config file ? Maybe there is something to configure in DotNetNuke or in the ASP version?
I don't get why my browser change the url and why this dns error occur (I have no issues with my local IIS server).
(I also tried by using the automatic portal alias transfer as mentioned in the tutorial but I got the same result : the alias is inserted in the database but I still have the NXdomain error)
Thank you for your help !
Etienne.
In your original post you have:
www.[sitename].azurewebsites.net’s server DNS address could not be found. DNS_PROBE_FINISHED_NXDOMAIN
Try to manually put the . (The full, http with colons, etc.) Sometimes the web browser will add the WWW automatically, thinking you wanted it (I hate when they do that). Azure doesn't know about the www subdomain, so that is why you are probably getting that error.
Edit: Oh, and the long load time is good - it means that azure compiled your site and you didn't get a compile error.
The fact that you get an error that comes from DNN is good news, and means that you have (probably) done the major work correctly.
Now, you need to get into your database and modify the PortalAlias table so that there is an alias for sitename.azurewebsites.net. (I'm assuming that the brackets around sitename are incorrect and "[sitename]" eeds to be replaced by the actual domain name for your site.)
I am using Visual Studio 2015 Enterprise and ASP.NET vNext Beta8 to build an endpoint that both issues and consumes JWT tokens as described in detail here. As explained in that article the endpoint uses AspNet.Security.OpenIdConnect.Server (AKA OIDC) to do the heavy lifting.
While standing this prototype up in our internal development environment we have encountered a problem using it with a load balancer. In particular, we think it has to do with the "Authority" setting on app.UseJwtBearerAuthentication and our peculiar mix of http/https. With our load balanced environment, any attempt to call a REST method using the token yields this exception:
WebException: The remote name could not be resolved: 'devapi.contoso.com.well-known'
HttpRequestException: An error occurred while sending the request.
IOException: IDX10804: Unable to retrieve document from: 'https://devapi.contoso.com.well-known/openid-configuration'.
Consider the following steps to reproduce (this is for prototyping and should not be considered production worthy):
We created a beta8 prototype using OIDC as described here.
We deployed the project to 2 identically configured IIS 8.5 servers running on Server 2012 R2. The IIS servers host a beta8 site called "API" with bindings to port 80 and 443 for the host name "devapi.contoso.com" (sanitized for purposes of this post) on all available IP addresses.
Both IIS servers have a host entry that point to themselves:
127.0.0.1 devapi.contoso.com
Our network admin has bound a * certificate (*.contoso.com) with our Kemp load balancer and configured the DNS entry for https://devapi.contoso.com to resolve to the load balancer.
Now this is important, the load balancer has also been configured to proxy https traffic to the IIS servers using http (not, repeat, not on https). It has been explained to me that this is standard operating procedure for our company because they only have to install the certificate in one place. We're not sure why our network admin bound 443 in IIS since it, in theory, never receives any traffic on this port.
We make a secure post via https to https://devapi.contoso.com/authorize/v1 to fetch a token, which works fine (the details of how to make this post are here ):
{
"sub": "todo",
"iss": "https://devapi.contoso.com/",
"aud": "https://devapi.contoso.com/",
"exp": 1446158373,
"nbf": 1446154773
}
We then use this token in another secure get via https to https://devapi.contoso.com/values/v1/5.
OpenIdConnect.OpenIdConnectConfigurationRetriever throws the exception:
WebException: The remote name could not be resolved: 'devapi.contoso.com.well-known'
HttpRequestException: An error occurred while sending the request.
IOException: IDX10804: Unable to retrieve document from: 'https://devapi.contoso.com.well-known/openid-configuration'.
We think this is happening because OIDC is attempting to consult the host specified in "options.Authority", which we set at startup time to https://devapi.contoso.com/. Further we speculate that because our environment has been configured to translate https traffic to non https traffic between the load balancer and IIS something is going wrong when the framework tries to resolve https://devapi.contoso.com/. We have tried many configuration changes including even pointing the authority to non-secure http://devapi.contoso.com to no avail.
Any assistance in helping us understand this problem would be greatly appreciated.
#Pinpoint was right. This exception was caused by the OIDC configuration code path that allows IdentityModel to initiate non-HTTPS calls. In particular the code sample we were using was sensitive to missing trailing slash in the authority URI. Here is a code fragment that uses the Uri class to combine paths in a reliable way, regardless of whether the Authority URI has a trailing slash:
public void Configure(IApplicationBuilder app, IOptions<AppSettings> appSettings)
{
.
.
.
// Add a new middleware validating access tokens issued by the OIDC server.
app.UseJwtBearerAuthentication
(
options =>
{
options.AuthenticationScheme = JwtBearerDefaults.AuthenticationScheme ;
options.AutomaticAuthentication = false ;
options.Authority = new Uri(appSettings.Value.AuthAuthority).ToString() ;
options.Audience = new Uri(appSettings.Value.AuthAuthority).ToString() ;
// Allow IdentityModel to use HTTP
options.ConfigurationManager =
new ConfigurationManager<OpenIdConnectConfiguration>
(
metadataAddress : new Uri(new Uri(options.Authority), ".well-known/openid-configuration").ToString(),
configRetriever : new OpenIdConnectConfigurationRetriever() ,
docRetriever : new HttpDocumentRetriever { RequireHttps = false }
);
}
);
.
.
.
}
In this example we're pulling in the Authority URI from config.json via "appSettings.Value.AuthAuthority" and then sanitizing/combining it using the Uri class.
I'm typically a java developer but was asked to "tweak" a small ASP app my organization has. It basically accepts user input into a form and then emails the data. In my sendmail.asp file I set a session attribute (Session("emailText") = message) and then redirect to page printResults.asp.
That page is basically an HTML page with a single line of VBScript code at line 21: <%Response.Write(Session.Contents("emailText")) %> .
This all works on my local IIS server but when I deployed it to the host server to test & demo it I got this error:
Microsoft VBScript runtime
error '800a01a8'
Object required: ''
/sub3/printResults.asp, line 21
Since I am new to ASP I have no clue why this would work locally but not on the host server. Any ideas or suggestions would be most helpful.
Is it possible that Session State has been disabled either in IIS or elsewhere in code?
When you redirect to printResults.asp are you staying in the same domain and sub-domain (session state will not be maintained between domain/sub-domains) and not switching between HTTP/HTTPS (sessions may have been set to HTTP only)?
On II7 we host a WCF/asp.net based API. In order to allow users of a classic asp application to connect to the API we had to publish a version we refer to as "transport". This Transport version is written in asp.net too, it points to the same assembly , its just the security layer is different to allow classic asp to authenticate. Transport level security is used as opposed to message based security.
When using a browser to load the service reference i can loading the svcutil.exe ... WDSL page.
When using my test asp page to call a web method from this reference i get the following returned:
Finished calling Web Service.
Status = Internal Server Error
ResponseText = a:InvalidSecurityAn error occurred when verifying security for the message.
This suggests that the authentication is failing. When testing using asp.net or the application WCF storm to contact the normal API everything works well.
The API was recently migrated , it would appear something has not been setup correctly but i am at a loss to explain what.
I can browse to the svcutil.exe ... WDSL service reference, when selecting it via the browser i get the expect XML response.
The USER NAME and password utilised work when using the non-classic asp publicaiton of the API using the message based secuirty.
Would it be possible to post some troubleshooting tip that may help diagnoise the issue please specifically regarding transport level security fault finding and setup ?
Thank you
Scott
EDITED TO ADD THE FOLLOWING UPDATE:
Attempted to use the Default App Pool and a new App Pool but same problem persists.
My test page error: ResponseText = a:InvalidSecurityAn error occurred when verifying security for the message.
IIS LOG shows:
v3/transport/testclassicasptransportwcfservice.asp ( 200 0 0 ) (i.e iis 200)
/V3/Transport/DeviceService.svc/DeviceService (500 0 0) (i.e iis error 500)
note: virtual dir defined on TRANSPORT and V3. V3 works ok using .net as opposed to classic asp to authenticate.
EVENT LOG:
The Template Persistent Cache initialization failed for Application Pool 'transport' because of the following error: Could not create a Disk Cache Sub-directory for the Application Pool. The data may have additional error codes.
This reference appears to suggest a fix but many of the DIR paths and references in "appcmd" dont exist.
_http://theether.net/kb/100127
REF http://theether.net/kb/100127
load cmd prompt
CD to C:\Windows\System32\inetsrv
enter: appcmd list config -section:system.webServer/asp
the following path is displayed: c:\inetpub\conf\temp\ASP compiled templates
check path exists (it does)
Check if the NETWORK SERVICE has permissions to access "ASP compiled templates" If not from appcmd execute;
icacls "c:\inetpub\conf\temp\ASP Compiled Templates" /grant "NETWORK SERVICE:(OI)(CI)(M)"
should read "sucessfully processed 1 files"
restarted app pool.
THE "InvalidSecurityAn error occurred when verifying security for the message" problem still persists but the "COULD NOT CREATE A DISK CACHE SUB-DIRECORY .... " error from the eventlog is no longer occurring.
Sorry another update. The network service permission change DID NOT resolve the issue , changeing to the DEFAULT APP POOL solved the problem.
Got a lead at last. Examined:
ServiceSecurityAudit set in service behaviour. Ref http://intrepiddeveloper.wordpress.com/2008/08/07/security-event-logging-auditing/#
IIS logs (simply shows the non-specific error 500.)
Fault tracing enabled( also shows error 500).
Custom errors were off
Friendly IE messages were off
Asp client side and server side debugging on
ProcessMon running , no errors.
Web.config httpErrors errorMode="Detailed" /> +
ServiceSecurityAudit found me an "Object reference not set to an instance of an object" so sounds like our app has a bug.
Follow up (17/08/11):
Service Security Audit documented here:
http://intrepiddeveloper.wordpress.com/2008/08/07/security-event-logging-auditing/
Was the key for us to resolve this issue. Uncovered the Object Reference Error which indicated out Business Objects and Data Access dlls were out of alignment. Using CLASSIC ASP to contact the WCF.NET API using TRANSPORT AUTHENTICATION there was abolutely no indication of this error until Service Security Audit was enavled on the behaviour.config file in the WCF deployment.
Hi I am trying to add a web service in flex 4. This web service is deployed in share point 2010 in the intranet . I am able to see this wsdl file through browser but trying to introspect the service is giving an authentication error.
I am getting the following error :-
There was an error during service introspection.
WSDLException: faultCode=OTHER_ERROR: Unable to resolve imported document at 'http://sql2008:47672/_vti_bin/StoryboardingDatabaseConnect.asmx?WSDL'.: java.io.IOException: Authentication failure
Edit :-
Have added the video showing the error at http://www.youtube.com/watch?v=moXfxmiHAqQ
The Data Services Wizard does not support (as of now, afaik) connection to https services, neither to ones that need authentication.
So you should add your credentials manually to your soap request's header using name-value pairs:
[{name: "userName", value: "yourUserName"},
{name: "password", value: "yourPassword"}].
You can read more about it in the Working with SOAP Headers section of this article (Using WebService components).
You might also find this post from the Adobe forums useful, elaborating this issue.