Hello guys i have an website online wich access the database. The database access for the connection String called GardenLadies is fine and works. I've added to the host database also the localsqlServer database info.
My problem is when i log in it gives me "Server Error in '/' Application.".
hereĀ“s my web config
<?xml version="1.0"?>
<configuration>
<connectionStrings>
<remove name="LocalSqlServer"/>
<add name="GardenLadies" connectionString="Database=GardenLadies.mdf; Data Source=195.22.11.199;Initial Catalog=GardenLadies;User ID=****;Password=*****;" providerName="System.Data.SqlClient"/>
<add name="LocalSqlServer" connectionString="Database=GardenLadies.mdf; Data Source=195.22.11.199;Initial Catalog=GardenLadies;User ID=****;Password=****;" providerName="System.Data.SqlClient"/>
</connectionStrings>
<system.web>
<authentication mode="Forms"/>
<authorization>
<allow users="*"/>
<deny users="?"/>
</authorization>
<compilation debug="true"/>
</system.web>
</configuration>
I've used this formula of webconfig in other website and it has worked for me, i don't get what i'm missing here.
Thanks
This tells me that the problem is not the BD or the login, but an image that i use in masterpage.
"Access to the path 'E:\inetpub\vhosts\garden-ladies.pt\httpdocs\images\Imagens\fundo.jpg' is denied. "
I have other images in similar location but in anonymous pages.
Any ideas?
Sounds like you have a conflict with some information in your machine config.
What does your provider section look like?
AND why do you have two connection strings with the same info? which is asking for issues.
Clear them all in your web config and set your default providers to use your GardenLadies connection string.
Hi guys i've solved it, problem was with permissions in some folders in host.
Gave the permissions and everything worked.
Thanks for the help.
Related
I have looked for this issue on the internet and nothing specifies how to solve my problem.
It is a very small web application hosted on IIS7. In my web.config i have this code:
<system.web>
<authorization>
<allow users="WORKGROUP\SOMEONE"/>
<deny users="?"/>
</authorization>
<roleManager enabled="true" />
<compilation debug="true" targetFramework="4.0" />
</system.web>
When i access my website, it gives me the following error
401 - Unauthorized: Access is denied due to invalid credentials.
I want to authenticate only one domain user and I think i have used everything correctly. Please Guide Me What am i missing here
You'll need to install Windows Authentication and enable that on the IIS website.
See this post for details on how to install and configure Windows Authentication on Windows 7 and Windows Server 2008R2: http://www.iis.net/configreference/system.webserver/security/authentication/windowsauthentication
Im getting the following error when I try to login to web page with a valid username and password:
Oops. The error: Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'.
This is my web.config :
<configuration>
<system.web>
<customErrors mode="Off"/>
<authentication mode="Forms">
<forms name=".ASPXFORUM" loginUrl="login.aspx" protection="All"
timeout="30" path="/" />
</authentication>
<authorization>
<deny users="?" />
</authorization>
</system.web>
</configuration>
Anyone know what this error mean?
Could you attach the stack trace maybe? The "Oops" in the message makes me think that some code is catching the real error and returning a friendly error message. Try putting the breakpoint in there to get the stack trace.
If I had to take a wild guess, I'd say your code is trying to connect to the backend SQL Server database using integrated auth. In this is case your web application is connecting using the web server process account and failing. Try changing the connection string to use a valid SQL Server user name and password to see if the error goes away.
Have you tried putting the allow users element after the deny element, see example
<authorization>
<deny users="?" />
<allow users="*" />
</authorization>
The simple solution is to check your web.config file and make sure one of these is part of the db connection string:
Trusted Connection=false
OR
Integrated Security=True
Remove "Integrated Security=true;" from Web.Config of the application resolved this for me.
.net 4.0
WCF application
IIS7 (hosted on server1)
SQL 2005 (hosted on server2
Hope that helps someone.
Scott
I'm trying to add a directory for anon access in IIS 7.5. It works under Web Dev but not IIS 7.5
I'm currently using this web.config in the directory. This is a directory with style sheets:
<?xml version="1.0"?>
<!--
Note: As an alternative to hand editing this file you can use the
web admin tool to configure settings for your application. Use
the Website->Asp.Net Configuration option in Visual Studio.
A full list of settings and comments can be found in
machine.config.comments usually located in
\Windows\Microsoft.Net\Framework\v2.x\Config
-->
<configuration>
<appSettings/>
<connectionStrings/>
<system.web>
<authorization>
<allow users="*" />
</authorization>
</system.web>
</configuration>
Update:
I've went to the folder and under Authentication, I've changed anonymous authentication from IIS_USR to pool. This seems to have correct it.
I will reward anyone who provides a very good explanation and resources for understanding this setting. Also, how to apply it globally would be good to know -- for all folders.
Since you answered your own question, here is the explanation that might help
Authorization deals with who IIS will offer resources to. Those resources, however, have their own security as they are just files on a file system.
The Authentication element in the config assists in determining how IIS will identify a user's requests after its accepted and as it accesses resources beyond/external to IIS.
This is set at the site level, typically in the applicationHost.config file for your server. It can, if properly setup, be overridden at the site level.
IIS.net pages about this:
http://www.iis.net/ConfigReference/system.webServer/security/authorization/add
http://www.iis.net/ConfigReference/system.webServer/security/authentication/anonymousAuthentication
The .config version of what you did in the UI is:
<location path="/yourSite">
<system.webServer>
<security>
<authentication>
<anonymousAuthentication enabled="true" username="" />
</authentication>
</security>
</system.webServer>
</location>
On the anon. auth method, the username field is who IIS will impersonate when resources are accessed. When you don't specify one, it defaults to use the identity of the apppool.
Now, as to why this mattered ... check the actual file on disk (the .css). If this fixed the problem that would mean IUSR doesn't have access to read that file.
You don't have a location defined for your authorization. You also don't specify what sort of authentication you're using within the web.config (if any).
<location path="/">
<system.web>
<authorization>
<allow users="*"/>
</authorization>
</system.web>
</location>
im building a asp.net web site with 2.0 framework.
I've been "fighting" with web.config, i've changed it quiet some times.
So to start from scracht this is what i have:
<?xml version="1.0" encoding="utf-16"?>
<configuration>
<connectionStrings>
<remove name="LocalSqlServer"/>
<add name="ABC" connectionString="Database=jsilvaqqc.mdf; Data Source=*****;Initial Catalog=jsilvaqqc;User ID=****;Password=*****;" providerName="System.Data.SqlClient"/>
<add name="LocalSqlServer" connectionString="Database=jsilvaqqc.mdf; Data Source=*****;Initial Catalog=jsilvaqqc;User ID=*****;Password=*****;" providerName="System.Data.SqlClient"/>
</connectionStrings>
<location path="Members">
<system.web>
<authorization>
<allow users="*"/>
<deny users="?"/>
</authorization>
</system.web>
</location>
<system.web>
<compilation debug="true"/>
</system.web></configuration>
It works fine im my machine. I've created the users for the login and the role to access the "Members" folder.
But in my host company, it doesnt work. I have the aspnet database from my computer in that databese "jsilvaqqc.mdf".
When i try to log on pops up box requiring autentication. But i've alreadu given that in the log in form.
Do i need aspnet "authentication" tag?
Why dont i need it in my machine if i access the same database?
Here is the print of the box that comes up, when i log. And only when i log with a valid user.
Link: http://www.freeimagehosting.net/image.php?c9425ff727.jpg
Thanks for you help.
It sounds like the pop-up login box you talk about is probably IIS asking for Windows Authentication. If you only want to use forms authentication, change the permissions on the Virtual Directory in IIS to allow anonymous access.
I was wondering if you could protect xml files through forms authentication in ASP.NET 3.5.
I have some licensekeys that are found online, but you shouldn't be able to download them unless you are logged on.
For aspx pages this works automatically but not for xml files.
Place the xml files in a certain folder, add web.config to this folder containing:
<configuration>
<system.web>
<authorization>
<deny users="?"/>
<allow roles="admin"/>
</authorization>
</system.web>
</configuration>
Change the '?' (which means anonymous users - i.e. not logged in users) to '*' in order to deny all users (the server will have access [e.g. via Server.MapPath etc.]).
Respectively you can play with the roles or remove this line.
Also, consider that in the web.config file you can deny and allow specific extensions as follows:
<system.web>
<httpHandlers>
<remove verb="*" path="*.xml" />
<!--or-->
<add verb="*" path="*.xml" type="System.Web.HttpForbiddenHandler" />
</httpHandlers>
</system.web>
Please don't rely on this last snippet till you make sure what are your needs.
You can find out more on Http Handlers, or take a look at How to: Register HTTP Handlers.
I also noticed someone asked a similar question here, you may find it helpful.
Hope you to find your quickly find your solution, good luck!