I am developing a net core 3.1 web application.
One of authentication schemes is Certificate, so I want to protect a page with client certificate authentication.
This is Web.config IIS configuration (Obviously i set <section name="access" overrideModeDefault="Allow" in solution applicationHostConfig ):
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<location path="." inheritInChildApplications="false">
<system.webServer>
<handlers>
<add name="aspNetCore" path="*" verb="*" modules="AspNetCoreModuleV2" resourceType="Unspecified" />
</handlers>
<aspNetCore processPath="%LAUNCHER_PATH%" arguments="%LAUNCHER_ARGS%" stdoutLogEnabled="false" stdoutLogFile="\\?\%home%\LogFiles\stdout" hostingModel="inprocess">
<environmentVariables>
<environmentVariable name="ASPNETCORE_HTTPS_PORT" value="44300" />
<environmentVariable name="COMPLUS_ForceENC" value="1" />
<environmentVariable name="ASPNETCORE_ENVIRONMENT" value="Development" />
</environmentVariables>
</aspNetCore>
</system.webServer>
</location>
<location path="certificate/login">
<system.webServer>
<security>
<access sslFlags="Ssl,SslNegotiateCert,SslRequireCert" />
</security>
</system.webServer>
</location>
<system.webServer>
<security>
<access sslFlags="Ssl" />
</security>
</system.webServer>
</configuration>
Application starts successfully, and when I call localhost://33400/Certificate/login, browser show certificate page handshake correctly, I choose a certificate and ... IIS surprise me with
404 Static File Handler! All others pages work perfectly.
I am struggle with this error, please someone help me.
Thanks to #treborgero in aspnet core issue Optional client certificates #21193
TIP: Make sure you remove the <location path="." inheritInChildApplications="false"> tag
and it work like a charm!
Related
I want to restrict access to my ASP.NET Core application by only configuring it in IIS (10).
This is not the problem, as I enable only "Windows authentication" and then I can do
<location path="." inheritInChildApplications="false">
<system.webServer>
<handlers>
<add name="aspNetCore" path="*" verb="*" modules="AspNetCoreModuleV2" resourceType="Unspecified" />
</handlers>
<aspNetCore processPath="dotnet" arguments=".\MyDLL.dll" stdoutLogEnabled="false" stdoutLogFile=".\logs\stdout" hostingModel="inprocess" >
</aspNetCore>
<security>
<authorization>
<remove users="*" roles="" verbs="" />
<add accessType="Allow" users="user.withaccess />
</authorization>
</security>
</system.webServer>
</location>
This works fine, but every user without access just gets a 401 response and no error page.
Normally you could configure something like that:
<location path="." inheritInChildApplications="false">
<system.webServer>
<!-- ... -->
<httpErrors errorMode="Custom" existingResponse="PassThrough">
<remove statusCode="401" subStatusCode="-1" />
<error statusCode="401" subStatusCode="2" prefixLanguageFilePath="" path="401.htm" responseMode="File" />
</httpErrors>
</system.webServer>
</location>
but the custom error page is only accessible by users who already can access the application (trying to open the error page results in a 401 too for unauthorized users).
Now in my case it's currently not possible to change the ASP.NET Core application itself, so I have to do it in IIS.
What do I have to configure that the custom error page can be served, but everything else is protected?
Good day.
I am having trouble with setting up app.config.
The issue starts when I try to access a PayPal node from appConfig.
I ran into the following error "Unrecognized configuration section system.webServer."
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<system.webServer>
<handlers>
<remove name="aspNetCore"/>
<add name="aspNetCore" path="*" verb="*" modules="AspNetCoreModule" resourceType="Unspecified"/>
</handlers>
<aspNetCore processPath="%LAUNCHER_PATH%" arguments="%LAUNCHER_ARGS%" stdoutLogEnabled="false" stdoutLogFile=".\logs\stdout" />
<security>
<requestFiltering>
<!-- This will handle requests up to 100MB -->
<requestLimits maxAllowedContentLength="102400" />
</requestFiltering>
</security>
</system.webServer>
<configSections>
<section name="paypal" type="PayPal.SDKConfigHandler, PayPal" />
</configSections>
<paypal>
<settings>
<add name="mode" value="sandbox"/>
<add name="clientId" value="xxx"/>
<add name="clientSecret" value="xxx"/>
</settings>
</paypal>
</configuration>
I am publishing my ASP.Net Core 3.1 MVC project to IIS. The project includes a web api controller along with mvc controllers. It generates a web.config file as below. Once published, the app shows the page but the web api doesn't work unless I add the < environmentVariables > pointing to Development. If I put Production instead, it doesn't work.
Web.config Generated
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<location path="." inheritInChildApplications="false">
<system.webServer>
<handlers>
<add name="aspNetCore" path="*" verb="*" modules="AspNetCoreModuleV2" resourceType="Unspecified" />
</handlers>
<aspNetCore processPath=".\MyApp.exe" stdoutLogEnabled="false" stdoutLogFile=".\logs\stdout" hostingModel="inprocess" />
</system.webServer>
</location>
</configuration>
Web.config Modified:
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<location path="." inheritInChildApplications="false">
<system.webServer>
<handlers>
<add name="aspNetCore" path="*" verb="*" modules="AspNetCoreModuleV2" resourceType="Unspecified" />
</handlers>
<aspNetCore processPath=".\MyApp.exe" stdoutLogEnabled="false" stdoutLogFile=".\logs\stdout" hostingModel="inprocess">
<environmentVariables>
<environmentVariable name="ASPNETCORE_ENVIRONMENT" value="Development" />
</environmentVariables>
</aspNetCore>
</system.webServer>
</location>
</configuration>
Modified portion of web.config
<environmentVariables>
<environmentVariable name="ASPNETCORE_ENVIRONMENT" value="Development" />
<environmentVariables>
Update Visual Studio to v16.6.3, which was just release (June 30). It apparently includes a fix for this issue. I just went through this similar problem, posted here:
Why do environmentVariables from launchSettings.json profiles not load when aspNetCore web.config sections exist?
I am publishing an asp.net core v3.1 app in visual studio 2019
since core apps do not create a web.config
webdeploy creates it and publishes its own web.config on every publish
while it does that
it sets the stdout=false and i would like to be true -
anyone know how to control this?
i was toying around with trying to configure something in the .csproj
but never found the correct combination
heres what the published web.config looks like:
<aspNetCore processPath="dotnet" arguments=".\myproj.dll" stdoutLogEnabled="false" stdoutLogFile=".\logs\stdout" hostingModel="InProcess" />
and of course heres what i want it to look like:
<aspNetCore processPath="dotnet" arguments=".\myproj.dll" stdoutLogEnabled="true" stdoutLogFile=".\logs\stdout" hostingModel="InProcess" />
another post about this same issue here:
https://github.com/MicrosoftDocs/azure-docs/issues/31380
You can add a web.config to your poject by right click the project, add=>newItem=>Web=>Web Configuration File.And then you can set stdoutLogEnabled in it.
Example(pay attention you need to add hostingModel="inprocess"to web.config):
<system.webServer>
<handlers>
<remove name="aspNetCore"/>
<add name="aspNetCore" path="*" verb="*" modules="AspNetCoreModule" resourceType="Unspecified"/>
</handlers>
<aspNetCore processPath="%LAUNCHER_PATH%" arguments="%LAUNCHER_ARGS%" stdoutLogEnabled="true" stdoutLogFile=".\logs\stdout" hostingModel="InProcess"/>
</system.webServer>
And here is the published web.config:
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<location path="." inheritInChildApplications="false">
<system.webServer>
<handlers>
<add name="aspNetCore" path="*" verb="*" modules="AspNetCoreModuleV2" resourceType="Unspecified" />
</handlers>
<aspNetCore processPath="dotnet" arguments=".\case1(5-26).dll" stdoutLogEnabled="true" stdoutLogFile=".\logs\stdout" hostingModel="inprocess" />
</system.webServer>
</location>
</configuration>
This code:
var bytes = new ByteArrayContent(File.ReadAllBytes(targetDir + "../deploy.release.zip"));
var multiContent = new MultipartFormDataContent {{bytes, "version", "deploy.release.zip" } };
var upload = await http.PostAsync($"{host}API/files/Upload/ENG", multiContent);
worked in ASP.NET Core 2.2 through Kestrel.
After upgrading to ASP.NET Core 3.1 and InProcess hosting model, I am getting (for 40MB file):
413 - RequestEntityTooLarge
I already set requestFiltering, but it doesn't help. My web.config:
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<!--
Configure your application settings in appsettings.json. Learn more at https://go.microsoft.com/fwlink/?LinkId=786380
-->
<system.webServer>
<handlers>
<add name="aspNetCore" path="*" verb="*" modules="AspNetCoreModuleV2" resourceType="Unspecified" />
</handlers>
<aspNetCore
processPath="dotnet"
arguments=".\Web.Hosting.dll"
stdoutLogEnabled="true" stdoutLogFile="..\logs\stdout"
requestTimeout="23:00:00"
forwardWindowsAuthToken="false"
startupTimeLimit="3600"
hostingModel="InProcess">
<environmentVariables>
<environmentVariable name="ASPNETCORE_ENVIRONMENT" value="Production" />
<environmentVariable name="ASPNETCORE_HTTPS_PORT" value="50374" />
<environmentVariable name="COMPLUS_ForceENC" value="1" />
</environmentVariables>
</aspNetCore>
<security>
<requestFiltering>
<!-- Measured in Bytes 100MB -->
<requestLimits maxAllowedContentLength="104857600" />
</requestFiltering>
</security>
</system.webServer>
</configuration>
Did I miss something? Search on internet gives me result for WCF, old ASP.NET ...
I also try to add <serverRuntime uploadReadAheadSize="10485760" /> but my application failed with 500.19.
Edited:
IIS recognize 100MB but uploading anything more then 20MB fails with 413.