Can I set up Windows Authentication in WebMatrix Beta 2? - asp.net

I have an ASP.NET site where authentication mode="Windows". Just downloaded WebMatrix beta 2 yesterday, trying to debug my app.
In WebMatrix, I'm getting 401 errors after pressing F5 in Visual Studio. Also in VS, getting "Unable to start debugging on the web server. An authentication error occurred while communication with the web server." When I click the help button, MSDN tells me I need to enable Windows authentication.
I don't see an option for authentication in WebMatrix. This question is similar, but doesn't seem to apply for me (and no answer).
More info (not sure if this applies). I've enabled SSL in WebMatrix. VS is set up to use a custom web server with the URL of https://localhost:44300/routing/development.aspx. In WebMatrix, the URL in the request view is https://localhost:44300/routing/development.aspx/debugattach.aspx (not sure where debugattach.aspx is coming from).

I think I found the answer. Looks like Beta 2 (I haven't used Beta 1) has a lot of options that are not accessible via the UI.
In %My Documents%\IISExpress\config\applicationhost.config, at line 349 is
<windowsAuthentication enabled="false">
Changing "false" to "true" works for me.

Just got this working today. You'll have to edit the server's applicationhost.config file manually since there isn't any UI to it. This is located under your my documents/IISExpress/config/applicationhost.config.
Once you have this open in your favorite text editor, near the bottom you'll have to add a section of XML to setup your site to run with custom settings. The line above the </configuration> terminator, copy and past the following into your file:
<location path="SiteName">
<system.webServer>
<security>
<authentication>
<anonymousAuthentication enabled="false" />
<basicAuthentication enabled="true" />
<windowsAuthentication enabled="true" />
</authentication>
</security>
</system.webServer>
</location>
Make sure you change path="SiteName" to have it match the website's name in WebMatrix. Also make sure you change anonymous, basic, or windows auth to true or false depending on what you need your website to run as.

I have the same issue and am also looking for a solution.
Frankly saying, I wouldn't even imagine that this should work (especially after seeing Scott Guthrie link to article that tells to use macros for attaching to iisexpress process: http://www.intrepidstudios.com/blog/2010/7/11/debug-your-net-web-project-with-iis-express-t.aspx), but this used to work properly for me in Beta 1. So, one solution for you could be to go back to Beta 1.

try
<appSettings>
<add key="enableSimpleMembership" value="false" />
</appSettings>

Related

HttpContext.Current.User.Identity.Name returns blank

I am using HttpContext.Current.User.Identity.Name to get the user name when the web application is in use. During development I was using my local iis, with integrated windows authentication enabled and anonymous access enabled and disabled, and I was able to get the username.
Now, when I publish the web application, it comes back blank. The setup on the published server is the same, and I have tried using Page.User.Identity.Name, which also returned blank.
Does anyone know why this is and how to fix it?
You probably had Anonymous Authentication on as well as Windows Authentication. Turn off Anonymous off.
So,
<system.web>
<authentication mode="Windows" />
</system.web>
In IIS config for the app,
look in Authentication tab
Set **Anonymous Authentication** to **Disabled** and
Set **Windows Authentication** to **Enabled**
This should work and the Identity.UserName should now show up properly.
HttpContext.Current.Request.LogonUserIdentity.Name always work for me in VS 2012 environment and IIS 7
To solve the problem, you have to enable the Windows Authentication feature. Follow the below steps:
-Click Start, and then click Control Panel. Open the Programs group.
-Under Programs and -Features, click Turn Windows Features on or off.
-Expand the item labeled Internet Information Services.
-Expand the item labeled World Wide Web Services.
-Expand the item Security ->
Make sure to select Windows Authentication
Also you need to disable Anonymous Authentication from the IIS as follows:
-Click on your application in IIS
-Double click Authentication under IIS group
-Click on Anonymous Authentication
-Click on Disable on the right side under Actions.
Hope this helps
When working with WIF you should use Thread.CurrentPrincipal.Identity.Name instead of User.Identity.Name.
Read more here: http://msdn.microsoft.com/en-us/magazine/ff872350.aspx to learn more about Windows Identity Foundation
Similar question: User.Identity.Name is null after authenticate via WIF
set <authentication mode="Forms"> in web.config file & Your Problem Will solve.
Test your web-site by using below code
if (Page.User.Identity.Name != "" )
{
Label1.Text = "Hello";
}
else
{
Response.Redirect("login.aspx?url=Upload.aspx");
}
This will not solve the original post, but want to put this here anyways in case others stumble across this when searching for why user.identity is returning nothing...
In my case User.Identity started returning nothing after updating a users ad username (specifically the pre-windows 2000 username).
The LSA cache on IIS was the issue. Even after restarting the IIS server while troubleshooting the issue persisted. It was not until adding the registry setting outlined here the the issue was fixed:
https://support.microsoft.com/en-us/help/946358/the-lsalookupsids-function-may-return-the-old-user-name-instead-of-the
For a blank return, my solution ended up being the web.config. I'm using Visual Studio 2010, and the default web.config did not work. I replaced it with a nearly empty web.config and then success! Perhaps the default vs2010 web.config called too many references or configured the IIS incorrectly for the use of User.Identity.Name. My system is Windows7.
Default asp.net web site web.config from vs2010 was about 100-115 lines long. As you can see below the nearly empty web.config is about 20 lines long.
the web.config that i used:
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.web>
<authentication mode="Windows" />
<authorization>
<allow roles="Doman Name\Group Name" users="" />
<deny users="*" />
</authorization>
</system.web>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true" />
<security>
<authorization>
<add accessType="Allow" users="" roles="Doman Name\Group Name" />
</authorization>
</security>
</system.webServer>
</configuration>
In IIS: click on your Site.
In Home Page: Authentication.
In Action menu: Open Feature.
Disable Anonymous Authentication.
Restart Site.
steps 1,2,3
step 4

Is "management" section not allowed in web.config?

I'm trying to add users to IIS Manager via web.config, but whenever I add the following lines, the web site stops working and says web.config is not valid.
The web site works if I add those lines in administration.config, but I like to keep the scope small by sticking with web.config.
<system.webServer>
<management>
<authorization defaultProvider="ConfigurationAuthorizationProvider">
<authorizationRules>
<scope path="/MyApp">
<add name="domain\user" />
</scope>
</authorizationRules>
</authorization>
</management>
</system.webServer>
A simple Google search can answer your question.
IIS Management element
From that page:
Note: The settings in the management element can only be configured in the Administration.config file.

Why is my VS 2011 ASP.NET Project Giving a 401.2 Error When Debugging with IIS Express 7.5?

Everything was working just fine...then one time running the debugger and I'm given a 401.2 error from IIS Express 7.5. I created a new project and tested - worked fine. I ensured the web.config and other project settings where identical - still getting the error in the original project!
(I actually resolved this issue...but haven't seen documentation for this exact issue with my resolution anywhere, I'll add the answer momentarily...Yes, I already reviewed other 401.2 questions on Stackoverflow (and elsewhere) and they are not the same as the issue I was facing...)
In my case, for some reason VS 2011 added a few lines to my applicationhost.config file located under Documents\IISExpress\config. The lines added (and which I removed) where as follows:
<location path="IRFEmpty">
<system.webServer>
<security>
<authentication>
<anonymousAuthentication enabled="false" />
<windowsAuthentication enabled="false" />
</authentication>
</security>
</system.webServer>
</location>
Don't ask me how they got there - I didn't add them. It is pretty annoying, since all the code in my VS project was 100% correct, it was the IISExpress configuration wrong.
Enable AnonymousAuthentication on the web project... See these instructions for enabling WindowsAuthentication EXCEPT in the same place you can enable AnonymousAuthentication: IIS Express Windows Authentication
In VS2011, debugging my MVC project was working until this setting mysteriously changed to "Disabled" and I began receiving 401.2 error. Enabling this setting fixed the problem.

ASP.NET Authentication Issues on IIS7 - User.Identity.Name is empty for Windows authentication

We have an ASP.NET application on ASP.NET 4.0 using MVC 3 which uses Windows authentication.
When run from Visual Studio 2010 everything works as expected but when rolled out to IIS7 the Windows logged in user never gets populated (checking User.Identity.Name). No dialog prompt for user credentials comes up either.
The web.config setting:
<authentication mode="Windows" />
In IIS I can see that Windows authentication is enabled, as is Anonymous (disabling Anonymous results in a 403 Forbidden and no content being shown).
I've tried both enabling and disabling "Kernel-mode authentication" (useKernelMode="true"), but this doesn't seem to make any difference. Though I do remember that we had to disable this setting on another site on a different server to get the authentication to work properly (might point to a potential issue further down the stack?).
In case it's useful, from IIS's applicationHost.config:
<security>
<authentication>
<anonymousAuthentication enabled="true" />
<digestAuthentication enabled="false" />
<basicAuthentication enabled="false" />
<windowsAuthentication enabled="true" useKernelMode="false">
<providers>
<clear />
<add value="NTLM" />
</providers>
</windowsAuthentication>
</authentication>
</security>
Any ideas what the issue could be?
Thanks in advance for any suggestions.
Update 1
I managed to find another IIS7 server to test on and I found if I disabled Anonymous access everything worked as desired. However I still have issues on the original IIS7 server even when I disable Anonymous access as well (I'm keeping Anonymous disabled now). So there must be some issue further down the stack I guess. Any ideas? Something I need to fix as it's going to keep popping up and biting us I imagine.
Update 2
If I enable Digest Authentication on the problem IIS7 box then I am challenged with the login prompt dialog and everything works as expected if I provide suitable credentials. But being an internal web app with users already logged in to the domain we don't really want to challenge them this way. Credentials should be passed through transparently as it works on the second IIS7 box.
Update 3
Some progress... I've found that if the web app is in the root and not a sub site then directly editing the applicationHost.config file for IIS7 to give the following authentication settings allows the site to work as expected:
<authentication>
<anonymousAuthentication enabled="false" />
<windowsAuthentication enabled="true">
<providers>
<clear />
<add value="NTLM" />
</providers>
</windowsAuthentication>
<digestAuthentication enabled="false" />
</authentication>
Using IIS7's UI to configure the authentication doesn't give quite the right results. authentication items are either missing after wards (as I guess IIS7 assumes they are being inherited) or they have the wrong settings (windowsAuthentication seems to need the providers configuration above present to work correctly).
Unfortunatly the web application in question is actually a sub application as there's an internal version (using windows authentication > www.site.com/internal) and an external version (using forms authentication > www.site.com/external). I still can't get the authentication to work as a sub application yet. I just get a "Error Code: 403 Forbidden".
In this case it was a Microsoft ISA Server issue. Seems the request was being routed internally through ISA for the Windows Authenticated site, once ISA was removed the problem disappeared.
I don't know a lot about ISA and how it routes requests but I assume it must have been stripping out some important information from the request because of some rule someone will have configured.
As a side note in case it helps diagnose similar setups: I was told by the network admin staff that internal traffic was not routed through ISA, but pinging the website internally showed that ISA was actually in play.
You mentioned that disabling anonymous access worked on another server, but on your main server you are experiencing 403 errors. Therefore, I would check the file based permissions on the folder where your site is running from. In the past I have needed to grant the \Network Serivce account full control to the site folder and all subfolders or I would experience 403 errors. Check the file permissions on the server that is working and see if there are differences with the server that is not working.
Also, if this is not the issue, I would recommend comparing all of the other IIS settings between the two servers, since you know it works on one and not the other. Find the difference.

HTTP 500 Internal Error - IIS websites

I have installed SP 2010 in a Windows Server 2008 R2 loaded environment. I have been using VS 2010 for developing application pages for SP 2010.
I make use of wsp builder to package all my dlls, pages, scripts and images into a solution package and deploy it in the web applications.
Everything was working like a charm. I started enduring a torrid time when all of a sudden my web applications started popping up with 'HTTP 500 Internal Server Error'. This started happening after I made some drastic changes in my application pages and deployed it.
I tried creating new web applications but its not doing me any good. Any insights on what could be the source of this issue?
Regards,
Raghuraman.V
Fixed this problem by editing the Web.config and applicationhost.config.
C:\Users\\Documents\IISExpress\config or right click the IIS Express icon on the tray and view all application and click the desired website and then click the configuration file link.
Comment out
<error statusCode="500" prefixLanguageFilePath="%IIS_BIN%\custerr" path="500.htm" />
Set the parent node to <httpErrors errorMode="DetailedLocalOnly"
Set the httpErrors to Allow
<section name="httpErrors" overrideModeDefault="Allow" />
Change your web project web.config HttpErrors
<httpErrors errorMode="Custom" existingResponse="Auto">
That should fix it, its basically saying that "I dont want IIS Express to override the configuration of my site".
To resolve, you should first instruct IIS to display detailed error messages, instead of just "500".
Adjust your web.config file and set custom errors to off:
<customErrors mode="Off" />
(case-sensitive).
In addition, if you are using Internet Explorer, turn of the advanced option "Show friendly error messages".
To help others, here there is a guide that helped me to find what was wrong with my setup (credits to Rick Barber):
Working past 500
Load the site from a browser located on the same server. In IE you may need to turn off ‘show friendly http errors.’
Temporarily add the following within the appropriate tags in your web.config file:
<configuration>
<system.webServer>
<httpErrors errorMode="Detailed" />
</system.webServer>
<system.web>
<customErrors mode="Off" />
<compilation debug="true" />
</system.web>
</configuration>
Open up IIS Manager and try to open up some of the different features by double clicking on the icon. If there is an error in the web.config file and it can’t even parse it, sometimes you will get a helpful error.
Look in Windows Event Viewer. Sometimes you can find the detailed error logged in there, particularly Application Event Viewer.
Setup Failed Request Tracing. This is especially helpful if it is an intermittent 500 error.
Look through the web log files. This is especially helpful for an intermittent 500 error. You can often parse the log files to see if there is a trend with a specific page that is throwing a 500 error.

Resources