Is it possible to catch all errors in Blazor Server like in MVC 5 in global.asax on Application_Error and send an email to application administrator?
Related
I have the task to develop a Blazor Webassembly App. This app is only used within the companys network and for security reasons we would like to use the existing AD and NTLM Authentication.
So far I have a minimal Blazor App configured and running in IIS. Its configured to use Windows Authentication and that works so far. When I open the app in Browser I get asked for my credentials.
The app should also communicate with a .net core webapi which is also secured by windows authentication. This webapi security too works as it should. When I open an URL to it in Browser I get asked for my credentials and the page loads as it should.
Now the Problem: When I call the same url (that works in Browser) from my Blazor app with HttpClient.GetAsync I get an "401: Not Authorized" error. Even though the app itself is loaded with the same authentication. Is there something I have to do?
The MSDN Documenations a gigantic and I couldnt find a Solution.
In the WebApi Startup.cs in ConfigureServices() I added
services.AddAuthentication(IISDefaults.AuthenticationScheme);
services.AddAuthorization();
and in Configure()
app.UseCors(x => x.AllowAnyMethod().AllowAnyHeader().SetIsOriginAllowed(origin => true).AllowCredentials());
app.UseAuthentication();
app.UseAuthorization();
PS:
The Blazor App uses .NET Core 3.1
The WebApi uese .NET 5.0
I recommend checking Blazor WebAssembly additional security scenarios (all the examples are there)
To authorize your request, you can use HttpClient with BaseAddressAuthorizationMessageHandler:
builder.Services.AddHttpClient("ServerAPI",
client => client.BaseAddress = new Uri("https://www.example.com/base"))
.AddHttpMessageHandler<BaseAddressAuthorizationMessageHandler>();
BaseAddressAuthorizationMessageHandler will automatically add Authorize header to all outgoing requests.
Note: This works only with Blazor Wasm, not Server.
I have an ASP.Net Core 3.1 MVC Application that makes use of OIDC authentication provided by IdentityServer4.
In the Identity Project (also ASP.Net Core 3.1) the login process sometimes fails on the following routes with the following errors:
/connect/token fails with Invalid authorization code
/connect/authorize fails with Request validation failed or client_id is missing or too long
These result in the general Exception page being returned to the user. I suspect that these stem from users that are using bad browser shortcuts (but I'm not 100% sure about this, so any advice on the source of these would be appreciated). But my actual question is... What exception handling can I put in place to return a more meaningful message to the user, something like an error response that says
please check the browser shortcut you used to access this logon page!
You have several options here, you can use the
app.UseExceptionHandler("/Home/Error");
or create your own middleware to capture the exceptions thrown by the authentication middleware in ASP.NET Core to present the user with a meaningful errors.
Some errors/events can also be caught and handled using the OpenID Connect middleware event model
I have two application, both running on the same Windows machine. One application is IdentityServer4, and the other is my own web application (Server side Blazor app).
Both web apps are build with .NET Core 3.1.
When I navigate to my web app, I first get redirected to my IdentityServer4 app. I login, and after that I get redirected back to my web app.
The login was successful, because there are no errors in the logs of IdentitServer. Also, I see a certain claim value on my Blazor webpage. I display this claim through CascadingAuthenticationState in my Blazor page. Through that path everything works fine.
But, whenever I try to get the logged in user through HttpContext in my "code behind" files, I get a Null reference back. For example:
public UserService(IHttpContextAccessor httpContextAccessor)
{
// HttpClient is NULL...
var httpCtx = _httpContextAccessor.HttpClient;
}
The strange thing is, that it all works fine when I run my application locally in Visual Studio. When I debug in Visual Studio I see that the HttpContext is set with all my user data.
But, for some reason HttpContext is NULL when I run the app from IIS.
How can I solve this issue?
If the HttpContext null-reference exception happens after deployment to Azure App Services or IIS, you might have forgotten to enable WebSockets.
Here is the deal:
If the app runs on Windows with IIS: WebSockets must be enabled.
See the IIS/IIS Express support section.
It seems that this is a prerequisite that you have to follow. I only recently discovered this myself after dealing with the same issue and deciding to publish my app to Azure from within Visual Studio. After I did so, Visual Studio gave me a nice warning telling me to enable WebSockets protocol on the Azure App Service.
To enable websockets in azure app service. Open app service in azure portal -> configuration -> general settings -> websockets on or off. Described here
How to control ASP.Net 5 application from console application? All examples of self-hosted application I've found assume that the lifetime of the webserver matches the lifetime of application. Is it possible to have assembly of ASP.Net 5 application with Startup.cs file and main assembly (console app) which allows to start and stop web application using this Startup class when I need?
For example, Node.js allows to initiate new server at any place in code, like this
http.createServer(function (req, res) { /* processing request }).listen(80, '127.0.0.1');
Is it possible to implement anything like this in ASP.Net 5?
When you use the hosting API in your Program.Main, you can achieve the same thing.
UPDATE:
This is the RC1 API:
https://github.com/aspnet/Hosting/blob/1.0.0-rc1/src/Microsoft.AspNet.Hosting/Program.cs
post RC1 is very different
You can (re)create/(re)start the server when you like during the lifetime of the application.
I've built a Silverlight Dashboard to be hosted in Dynamics 4.0 UI (sitemap link) - It calls a WCF service which inturn uses Linq to Sql (with a CrmImpersonator) to query the CRM database. It all works on my Dev machine but when I deploy it to our development server I get the following javascript errors:
"Unhandled Error in Silverlight Application. An Exception occurred during the operation, making the result invalid. Check inner exception for System.ComponentModel.AsyncCompletedEventArgs.RaiseExceptionIfNecessary at ...SilverlightDash.CRMObjService.CRMMethodCompletedEventArgs.get_Result
at ...MainPage.svc_GetMethod.get_Result(object sender, CRMObjService.GetValueCompletedEventArgs e)
I have enabled anonymous access to see if the wsdl is available from the ISV folder which it is - Please help :)
Well I found the answer or rather two steps:
First step was to alter the silverlight clients service url doh!
But on the way I found that I had to add crossdomain.xml into the root of the Web App (which was hosting the wcf service).
TTFN ... Ashley