DefaultDocument suddenly not working on IIS7 - iis-7

I have a website which has been running on IIS7 for about 2 months. We have the default documents set up to load a default.asp page when users go to the domain with no page. Suddenly this morning, I am getting errors and the default document will not load. If I type the default.asp, the file loads just fine.
Error Info:
Module: DefaultDocumentModule
Notification: ExecuteRequestHandler
Handler: StaticFile
Error Code: 0x80070002
here is a section from my applicationhost.config:
<system.webServer>
<asp>
<cache diskTemplateCacheDirectory="%SystemDrive%\inetpub\temp\ASP Compiled Templates" />
</asp>
<defaultDocument enabled="true">
<files>
<clear />
<add value="Default.asp" />
<add value="Default.htm" />
<add value="index.htm" />
<add value="index.html" />
<add value="iisstart.htm" />
</files>
</defaultDocument>
<directoryBrowse enabled="false" />
<globalModules>
<add name="UriCacheModule" image="%windir%\System32\inetsrv\cachuri.dll" />
<add name="FileCacheModule" image="%windir%\System32\inetsrv\cachfile.dll" />
<add name="TokenCacheModule" image="%windir%\System32\inetsrv\cachtokn.dll" />
<add name="HttpCacheModule" image="%windir%\System32\inetsrv\cachhttp.dll" />
<add name="StaticCompressionModule" image="%windir%\System32\inetsrv\compstat.dll" />
<add name="DefaultDocumentModule" image="%windir%\System32\inetsrv\defdoc.dll" />
<add name="DirectoryListingModule" image="%windir%\System32\inetsrv\dirlist.dll" />
<add name="ProtocolSupportModule" image="%windir%\System32\inetsrv\protsup.dll" />
<add name="HttpRedirectionModule" image="%windir%\System32\inetsrv\redirect.dll" />
<add name="ServerSideIncludeModule" image="%windir%\System32\inetsrv\iis_ssi.dll" />
<add name="StaticFileModule" image="%windir%\System32\inetsrv\static.dll" />
<add name="AnonymousAuthenticationModule" image="%windir%\System32\inetsrv\authanon.dll" />
<add name="RequestFilteringModule" image="%windir%\System32\inetsrv\modrqflt.dll" />
<add name="CustomErrorModule" image="%windir%\System32\inetsrv\custerr.dll" />
<add name="HttpLoggingModule" image="%windir%\System32\inetsrv\loghttp.dll" />
<add name="RequestMonitorModule" image="%windir%\System32\inetsrv\iisreqs.dll" />
<add name="IsapiModule" image="%windir%\System32\inetsrv\isapi.dll" />
<add name="IsapiFilterModule" image="%windir%\System32\inetsrv\filter.dll" />
<add name="CgiModule" image="%windir%\System32\inetsrv\cgi.dll" />
<add name="FastCgiModule" image="%windir%\System32\inetsrv\iisfcgi.dll" />
<add name="ManagedEngine" image="%windir%\Microsoft.NET\Framework\v2.0.50727\webengine.dll" preCondition="integratedMode,runtimeVersionv2.0,bitness32" />
<add name="ConfigurationValidationModule" image="%windir%\System32\inetsrv\validcfg.dll" />
<add name="ManagedEngine64" image="%windir%\Microsoft.NET\Framework64\v2.0.50727\webengine.dll" preCondition="integratedMode,runtimeVersionv2.0,bitness64" />
<add name="RewriteModule" image="%SystemRoot%\system32\inetsrv\rewrite.dll" />
<add name="ManagedEngineV4.0_32bit" image="C:\Windows\Microsoft.NET\Framework\v4.0.30319\webengine4.dll" preCondition="integratedMode,runtimeVersionv4.0,bitness32" />
<add name="ManagedEngineV4.0_64bit" image="C:\Windows\Microsoft.NET\Framework64\v4.0.30319\webengine4.dll" preCondition="integratedMode,runtimeVersionv4.0,bitness64" />
<add name="WebDAVModule" image="%SystemRoot%\system32\inetsrv\webdav.dll" />
<add name="WindowsAuthenticationModule" image="%windir%\System32\inetsrv\authsspi.dll" />
</globalModules>
I have also verified that the modules physically exist on disk. I am not aware of any changes on this server, and the default document has definitely been working up till yesterday. Server is Windows Server 2008 x64 with IIS 7.0.
I've recycled the app pool, booted the server, removed and reentered the default documents. the error looks like it cant find the default document module..
What else can I try?

My coworker and I have been chasing this all morning and someone on IRC pointed us to the resolution. Turns out that IIS was having trouble with the default document b/c the website root folder had gotten marked as Hidden. Apparently, when the folder is Hidden, the default document module cannot find it and you get the ERROR_FILE_NOT_FOUND shown above.
We verified this behavior on a Dev server by setting the web root folder to Hidden and sure enough got the same error for the default document. Removed the Hidden attribute and the default document loads correctly.
I have seen a lot of questions about this today, and no one has posted an answer that fit our problem. I want to say thanks to whoever that was on IRC! And hopefully this will help others to post it here.

Related

Request.Server variables blank for classic ASP

We are running a classic ASP app, and the upgrade to IIS 8.5 caused our Request.Server variables to be blank:
AUTH_USER
LOGON_USER
Windows Auth is the default authentication type, and server admin has verified all other options are disabled like Anonymous Authentication
Anything else we should be trying?
I saw this in another forum, but not sure how to use:
Response.Write(User.Identity.Name.ToString())
...the above line with User.Identity breaks our ASP page.
Tried both:
<% WindowsIdentity.GetCurrent().Name %>
<% HttpContext.Current.User.Identity.Name %>
...and it breaks the page.
The web.config file is:
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<tracing>
<traceFailedRequests>
<remove path="*.asp" />
<add path="*.asp">
<traceAreas>
<add provider="ASP" verbosity="Verbose" />
<add provider="ASPNET" areas="Infrastructure,Module,Page,AppServices" verbosity="Verbose" />
<add provider="ISAPI Extension" verbosity="Verbose" />
<add provider="WWW Server" areas="Authentication,Security,Filter,StaticFile,CGI,Compression,Cache,RequestNotifications,Module,FastCGI" verbosity="Verbose" />
</traceAreas>
<failureDefinitions timeTaken="00:00:00" statusCodes="500" />
</add>
</traceFailedRequests>
</tracing>
<httpErrors errorMode="Detailed" />
</system.webServer>

IIS Compression setting for batch request mime type 'multipart/mixed'

I have a web api service that accepts batch requests from a web app. I have defined the mime type 'multipart/*' to be compressed in the web.config but the response is not compressed. I'm not sure why it is not working as normal single requests (not sent as a multipart/mixed are compressed fine).
<httpCompression>
<dynamicTypes>
<clear />
<add enabled="true" mimeType="text/*" />
<add enabled="true" mimeType="application/javascript" />
<add enabled="true" mimeType="application/json" />
<add enabled="true" mimeType="multipart/*" />
<add enabled="false" mimeType="*/*" />
</dynamicTypes>
<staticTypes>
<clear />
<add enabled="true" mimeType="text/*" />
<add enabled="true" mimeType="application/javascript" />
<add enabled="true" mimeType="application/json" />
<add enabled="true" mimeType="multipart/*" />
<add enabled="false" mimeType="*/*" />
</staticTypes>
</httpCompression>
The actual response mime type starts with 'multipart/mixed' but varies depending on the boundary id appended to it.
Content-Type:multipart/mixed; boundary="0bb00cbc-234a-4264-87dc-60109719e79f"
The request is sending up an Accepted-Encoding header so I don't think the problem is there I think it is something to do with IIS match the mime type.
Any ideas would be awesome!
Thanks,
Jon
I also ran into this, and was able to get around this by using this NuGet package:
https://www.nuget.org/packages/Microsoft.AspNet.WebApi.MessageHandlers.Compression/
This also supports the compression of the batch responses.
Info on how to use it is on the github page:
https://github.com/azzlack/Microsoft.AspNet.WebApi.MessageHandlers.Compression

Browser Link In Visual Studio Is Not Working

I'm trying to launch my web application (asp.net MVC) with debugging mode using Browser Link To Enable Edit Operations during Browser
but actually when i try to do this (Browser Link Not Working and it ask me to register the page inspector in the Web.Config)
Edit
and when i add the following to web.config nothing Happens
<add key="VisualStudioDesignTime:Enabled" value="true" />
<add key="PageInspector:ServerCodeMappingSupport" value="Enabled"/>
still i can't see that any browser connect through Browser Link
with knowledge that I Have Enabled debug=true in web.config
<compilation debug="true" targetFramework="4.6" />
and knowing that i have uninstall web essentials Package
I found this post very useful.
<system.webServer>
<handlers>
<add name="Browser Link for HTML" path="*.html" verb="*"
type="System.Web.StaticFileHandler, System.Web, Version=4.0.0.0,
Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
resourceType="File" preCondition="integratedMode" />
</handlers>
<modules runAllManagedModulesForAllRequests="true" />
</system.webServer>
Take care in that the <modules> element might already exist.
Add the following in your web.config:
<appSettings>
<add key="VisualStudioDesignTime:Enabled" value="true" />
<add key="PageInspector:ServerCodeMappingSupport" value="Enabled"/>
</appSettings>

Do credentials in web.config allow access to one user at time only?

I have a very small website that is used by a couple of users to share the same data in a table that they fill in. The plan is to sort this out properly very soon but for now is like that.
I am just comparing the user and password input with some keys in web.config:
<configuration>
<connectionStrings>
<add name="PMIcommConnectionString" connectionString="xxxxxx />
</connectionStrings>
<appSettings>
<add key="UserName" value="xxxxxx" />
<add key="Password" value="xxxxxxx" />
<add key="Telerik.Skin" value="Windows7" />
</appSettings>
<system.web>
<customErrors mode="On" defaultRedirect="~/Error.aspx" />
<compilation debug="true" targetFramework="4.5">
<assemblies>
.........
</assemblies>
</compilation>
<httpRuntime targetFramework="4.5" />
<pages>
<controls>
<add tagPrefix="telerik" namespace="Telerik.Web.UI" assembly="Telerik.Web.UI" />
</controls>
</pages>
<httpHandlers>
........
</httpHandlers>
<httpModules>
<add name="RadUploadModule" type="Telerik.Web.UI.RadUploadHttpModule" />
<add name="RadCompression" type="Telerik.Web.UI.RadCompression" />
</httpModules>
</system.web>
<system.webServer>
<validation validateIntegratedModeConfiguration="false" />
<modules runAllManagedModulesForAllRequests="true">
<remove name="RadUploadModule" />
<add name="RadUploadModule" type="Telerik.Web.UI.RadUploadHttpModule" preCondition="integratedMode" />
<remove name="RadCompression" />
<add name="RadCompression" type="Telerik.Web.UI.RadCompression" preCondition="integratedMode" />
</modules>
<handlers>
......
</handlers>
</system.webServer>
</configuration>
My question is: can such login system be used to log on two users simultaeously?
Yes it can and every user will have its own session, but in turn it depends on how you implemented server side logic of user authentication. Is there forms authentication used?
Yes, it can, you'd want to have a way of linking them together though.
<add key="JON-Username" value="JON" />
<add key="JON-Password" value="jonspassword" />
<add key="MMC-Username" value="MMC" />
<add key="MMC-Password" value="mccspassword" />
Obviously, you'd need to write your server-side logic so that it knows how to get the proper key for the username.
Alternative, you could do something like this...
<add key="JON" value="jonspassword" />
<add key="MMC" value="mmcspassword" />
But the downside of that is that if you want to use any other AppSettings, you don't be able to tell which is intended for other settings and which is intended for credentials, which is why I recommend the first method.
That being said, my top recommendation is to use a proper database for storing this type of information, and provide an administrative view within the site for configuring who has access.
Ok, probably you can use this system to handle access to 'private' areas of your website, and yes, you can easily retrieve your key in appsetting by:
string jonUsername = WebConfigurationManager.AppSettings["JON-Username"];
string jonPassw = WebConfigurationManager.AppSettings["JON-Password"];
if(myUsernameInputfield.Text == jonUsername && myPasswInputfield.Text == jonPassw)
{
// ok this guy have the right to access to my page
}
to compare values inserted by your users
If you would do this, maybe you should you also encrypt your webconfig

Why is my MVC3 web page not sending Windows credentials to IIS Express?

I have been struggling with getting Windows Authentication to work with my MVC3 application in development (VS 2010 SP1), with no real luck so far. I am running XP on my dev machine (no money until next year for an upgrade), if that makes a difference. I should also mention I am using IIS Express as the default web development server from VS 2010.
I started with an empty MVC3 app awhile back, as I didn't have the Intranet template available from the VS menu until I upgraded the MVC3 tools yesterday (OK, I was a little slow). Once I installed and inspected that template, I added a reference to DirectoryServices to my project and added the bit of code that displays the current logged-on user in the upper right corner of the page. According to the graphics, it should now say "Welcome PCE\dnewman!"
I followed the excellent instructions in this post: IIS Express Windows Authentication and did make some headway. However, I now get the 401.2 error from IIS Express, telling me I am not authorized...
So, I went in to my project properties and set Anonymous Authentication to Enabled. Now I can access the web page, but what I see in the upper right corner of my page is "Welcome !" -- no username.
I tried this with both IE and Firefox, with the same result. What the $#^&! am I missing here? It seems I am not logged in to Windows!! Where do I need to start looking for the problem?
At a previous employer a couple of years back, I wrote a Windows Forms app that authenticated the user with their Windows logon credentials. In that case, I had to take special care to both send the credentials and then to explicitly authenticate them on the service end. Is there something I have to do to make the browser include credentials with every GET or POST?
By request, here's the contents of my web.config, with apologies for all the Glimpse config stuff.
<?xml version="1.0"
encoding="utf-8"?>
<configuration>
<configSections>
<section name="glimpse"
type="Glimpse.Core.Configuration.GlimpseConfiguration" />
</configSections>
<appSettings>
<add key="ClientValidationEnabled"
value="true" />
<add key="UnobtrusiveJavaScriptEnabled"
value="true" />
</appSettings>
<system.web>
<compilation debug="true"
targetFramework="4.0">
<assemblies>
<add assembly="System.Web.Abstractions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
<add assembly="System.Web.Routing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
<add assembly="System.Web.Mvc, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
<add assembly="System.Web.Helpers, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
<add assembly="System.Web.WebPages, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
</assemblies>
</compilation>
<pages>
<namespaces>
<add namespace="System.Web.Mvc" />
<add namespace="System.Web.Mvc.Ajax" />
<add namespace="System.Web.Mvc.Html" />
<add namespace="System.Web.Routing" />
<add namespace="System.Web.Helpers" />
<add namespace="System.Web.WebPages" />
</namespaces>
</pages>
<trace writeToDiagnosticsTrace="true"
enabled="true"
pageOutput="false" />
<httpModules>
<add name="Glimpse"
type="Glimpse.Core.Module" />
</httpModules>
<httpHandlers>
<add path="glimpse.axd"
verb="GET,POST"
type="Glimpse.Core.Handler" />
</httpHandlers>
</system.web>
<system.webServer>
<security>
<authentication>
<anonymousAuthentication enabled="false"/>
<windowsAuthentication enabled="true" />
</authentication>
</security>
<modules runAllManagedModulesForAllRequests="true">
<add name="Glimpse"
type="Glimpse.Core.Module,Glimpse.Core"
preCondition="integratedMode" />
</modules>
<validation validateIntegratedModeConfiguration="false" />
<handlers>
<add name="Glimpse"
path="glimpse.axd"
verb="GET,POST"
type="Glimpse.Core.Handler,Glimpse.Core"
preCondition="integratedMode" />
</handlers>
</system.webServer>
<system.serviceModel>
<bindings>
<netTcpBinding>
<binding name="NetTcpBinding_IReporting"
maxBufferSize="1024000"
maxBufferPoolSize="1000000"
maxReceivedMessageSize="1024000">
<readerQuotas maxDepth="200"
maxStringContentLength="65536"
maxArrayLength="32768"
maxBytesPerRead="4096"
maxNameTableCharCount="16384" />
<security mode="None" />
</binding>
<binding name="normalBinding">
<security mode="None" />
</binding>
</netTcpBinding>
</bindings>
<client>
<endpoint name="tcpAdminServiceEndpoint"
address="net.tcp://PCESRV22.pce.local:9000/ProductionMonitor/AdminService"
binding="netTcpBinding"
bindingConfiguration="normalBinding"
contract="Contracts.IAdmin" />
<endpoint name="tcpMasterDataServiceEndpoint"
address="net.tcp://PCESRV22.pce.local:9010/ProductionMonitor/MasterDataService"
binding="netTcpBinding"
bindingConfiguration="normalBinding"
contract="Contracts.IMasterData" />
<endpoint name="tcpReportingServiceEndpoint"
address="net.tcp://PCESRV22.pce.local:9030/ProductionMonitor/ReportingService"
binding="netTcpBinding"
bindingConfiguration="NetTcpBinding_IReporting"
contract="Contracts.IReporting" />
</client>
</system.serviceModel>
<runtime>
<assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
<dependentAssembly>
<assemblyIdentity name="System.Web.Mvc"
publicKeyToken="31bf3856ad364e35" />
<bindingRedirect oldVersion="1.0.0.0-2.0.0.0"
newVersion="3.0.0.0" />
</dependentAssembly>
</assemblyBinding>
</runtime>
<glimpse enabled="true" />
</configuration>
I am more than willing to divulge more details as needed, but I really don't even know where to start looking. Every post or article I can find seems to assume this part just happens as part of the Windows/MVC3/ASP.NET setup.
Thanks, Dave
If you follow all the recommendations in the referenced post, you'll end up with a non-working mess, like I did. Each answer has its own merit, but applying all of them only ends in frustration.
The post from Microsoft that answered all questions and got me working is here: How to Create an Intranet Site Using ASP.NET MVC
Save this link, it's golden...
I also found the "Add Deployable Dependencies" option can break Windows authentication. If I selected the "ASP.NET Web Pages with Razor syntax" option in the "Add Deployable Dependencies" dialog box, it immediately broke Windows authentication and seemed to go back to forms authentication -- I got a 404 error "The resource cannot be found" looking for /Account/Login. I didn't have to deploy it, just selecting that option broke it. The only way to fix it then is to start over. I was unable to remove enough of anything to get it to start working again, and I was unable to determine what change was made that caused this behavior.
This blog post saved the day: How to Deploy an ASP.NET MVC 3 App to Web Hosting with "\bin Deployment" - it shows which assemblies are needed and how to get them included with your web app when you deploy it WITHOUT using the "Add Deployable Dependencies" nonsense.
I hope this saves somebody the hours I spent trying to get it all to work.

Resources