I am working on a WEB API 2 Project. I am using Swagger documentation.
I am also using ODATA V4.
I want to set my default page of my web api to swagger, How can I do it?
You can create a redirect, see an example here:
http://turoapi.azurewebsites.net/
All I did was create an index.html with the following code:
<!DOCTYPE html>
<html>
<head>
<title></title>
<meta charset="utf-8" />
<meta http-equiv="refresh" content="0; URL='/swagger'" />
</head>
<body></body>
</html>
With that make sure in Web.config
<system.webServer>
<handlers>
<remove name="ExtensionlessUrlHandler-Integrated-4.0" />
<remove name="OPTIONSVerbHandler" />
<remove name="TRACEVerbHandler" />
<add name="ExtensionlessUrlHandler-Integrated-4.0" path="*." verb="*" type="System.Web.Handlers.TransferRequestHandler" preCondition="integratedMode,runtimeVersionv4.0" />
</handlers>
</system.webServer>
... it should not include this tag.
<clear/>
Related
I want to restrict access to my ASP.NET Core application by only configuring it in IIS (10).
This is not the problem, as I enable only "Windows authentication" and then I can do
<location path="." inheritInChildApplications="false">
<system.webServer>
<handlers>
<add name="aspNetCore" path="*" verb="*" modules="AspNetCoreModuleV2" resourceType="Unspecified" />
</handlers>
<aspNetCore processPath="dotnet" arguments=".\MyDLL.dll" stdoutLogEnabled="false" stdoutLogFile=".\logs\stdout" hostingModel="inprocess" >
</aspNetCore>
<security>
<authorization>
<remove users="*" roles="" verbs="" />
<add accessType="Allow" users="user.withaccess />
</authorization>
</security>
</system.webServer>
</location>
This works fine, but every user without access just gets a 401 response and no error page.
Normally you could configure something like that:
<location path="." inheritInChildApplications="false">
<system.webServer>
<!-- ... -->
<httpErrors errorMode="Custom" existingResponse="PassThrough">
<remove statusCode="401" subStatusCode="-1" />
<error statusCode="401" subStatusCode="2" prefixLanguageFilePath="" path="401.htm" responseMode="File" />
</httpErrors>
</system.webServer>
</location>
but the custom error page is only accessible by users who already can access the application (trying to open the error page results in a 401 too for unauthorized users).
Now in my case it's currently not possible to change the ASP.NET Core application itself, so I have to do it in IIS.
What do I have to configure that the custom error page can be served, but everything else is protected?
I am getting 403 error when doing PUT and DELETE but GET and POST are fine.
Here is my web.config:
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<system.webServer>
<modules runAllManagedModulesForAllRequests="false">
<remove name="WebDAVModule" />
</modules>
<handlers>
<remove name="WebDAV" />
<remove name="ExtensionlessUrl-Integrated-4.0" />
<add name="ExtensionlessUrl-Integrated-4.0"
path="*." verb="GET,HEAD,POST,DEBUG,DELETE,PUT"
type="System.Web.Handlers.TransferRequestHandler"
preCondition="integratedMode,runtimeVersionv4.0" />
<remove name="aspNetCore" />
<add name="aspNetCore" path="*" verb="*" modules="AspNetCoreModuleV2" resourceType="Unspecified" />
</handlers>
<aspNetCore processPath="dotnet" arguments=".\MyApp.dll" stdoutLogEnabled="true" stdoutLogFile=".\logs\stdout" />
</system.webServer>
</configuration>
In my local machine it works fine, but not in the hosting server. I have contacted the server support. They said that they already allow the PUT and DELETE verbs from their server.
Is there anything I can do?
Try this code:-
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<location path="." inheritInChildApplications="false">
<system.webServer>
<modules runAllManagedModulesForAllRequests="false">
<remove name="WebDAVModule" />
</modules>
<handlers>
<add name="aspNetCore" path="*" verb="*" modules="AspNetCoreModuleV2" resourceType="Unspecified" />
</handlers>
<aspNetCore processPath="dotnet" arguments=".\XXXXXXXXXXX.dll" stdoutLogEnabled="false" stdoutLogFile=".\logs\stdout" hostingModel="inprocess" />
</system.webServer>
</location>
</configuration>
UPDATE
<system.webServer>
<modules runAllManagedModulesForAllRequests="true"/>
</system.webServer>
I am developing a net core 3.1 web application.
One of authentication schemes is Certificate, so I want to protect a page with client certificate authentication.
This is Web.config IIS configuration (Obviously i set <section name="access" overrideModeDefault="Allow" in solution applicationHostConfig ):
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<location path="." inheritInChildApplications="false">
<system.webServer>
<handlers>
<add name="aspNetCore" path="*" verb="*" modules="AspNetCoreModuleV2" resourceType="Unspecified" />
</handlers>
<aspNetCore processPath="%LAUNCHER_PATH%" arguments="%LAUNCHER_ARGS%" stdoutLogEnabled="false" stdoutLogFile="\\?\%home%\LogFiles\stdout" hostingModel="inprocess">
<environmentVariables>
<environmentVariable name="ASPNETCORE_HTTPS_PORT" value="44300" />
<environmentVariable name="COMPLUS_ForceENC" value="1" />
<environmentVariable name="ASPNETCORE_ENVIRONMENT" value="Development" />
</environmentVariables>
</aspNetCore>
</system.webServer>
</location>
<location path="certificate/login">
<system.webServer>
<security>
<access sslFlags="Ssl,SslNegotiateCert,SslRequireCert" />
</security>
</system.webServer>
</location>
<system.webServer>
<security>
<access sslFlags="Ssl" />
</security>
</system.webServer>
</configuration>
Application starts successfully, and when I call localhost://33400/Certificate/login, browser show certificate page handshake correctly, I choose a certificate and ... IIS surprise me with
404 Static File Handler! All others pages work perfectly.
I am struggle with this error, please someone help me.
Thanks to #treborgero in aspnet core issue Optional client certificates #21193
TIP: Make sure you remove the <location path="." inheritInChildApplications="false"> tag
and it work like a charm!
This code:
var bytes = new ByteArrayContent(File.ReadAllBytes(targetDir + "../deploy.release.zip"));
var multiContent = new MultipartFormDataContent {{bytes, "version", "deploy.release.zip" } };
var upload = await http.PostAsync($"{host}API/files/Upload/ENG", multiContent);
worked in ASP.NET Core 2.2 through Kestrel.
After upgrading to ASP.NET Core 3.1 and InProcess hosting model, I am getting (for 40MB file):
413 - RequestEntityTooLarge
I already set requestFiltering, but it doesn't help. My web.config:
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<!--
Configure your application settings in appsettings.json. Learn more at https://go.microsoft.com/fwlink/?LinkId=786380
-->
<system.webServer>
<handlers>
<add name="aspNetCore" path="*" verb="*" modules="AspNetCoreModuleV2" resourceType="Unspecified" />
</handlers>
<aspNetCore
processPath="dotnet"
arguments=".\Web.Hosting.dll"
stdoutLogEnabled="true" stdoutLogFile="..\logs\stdout"
requestTimeout="23:00:00"
forwardWindowsAuthToken="false"
startupTimeLimit="3600"
hostingModel="InProcess">
<environmentVariables>
<environmentVariable name="ASPNETCORE_ENVIRONMENT" value="Production" />
<environmentVariable name="ASPNETCORE_HTTPS_PORT" value="50374" />
<environmentVariable name="COMPLUS_ForceENC" value="1" />
</environmentVariables>
</aspNetCore>
<security>
<requestFiltering>
<!-- Measured in Bytes 100MB -->
<requestLimits maxAllowedContentLength="104857600" />
</requestFiltering>
</security>
</system.webServer>
</configuration>
Did I miss something? Search on internet gives me result for WCF, old ASP.NET ...
I also try to add <serverRuntime uploadReadAheadSize="10485760" /> but my application failed with 500.19.
Edited:
IIS recognize 100MB but uploading anything more then 20MB fails with 413.
I have hosted web api in iis 10.0 then accessing it's method through browser.
But the same method is not able to access through my MVC application.
Getting 404 Not found issue.
But when i run web api application i am able to access methods through application.
I did some googled and found some handlers that needs to be set in hosted web api web.config. But it also did not worked for me.
Below is my complete system.webserver tag used in web api web.config.
<system.webServer>
<modules runAllManagedModulesForAllRequests="true">
<remove name="WebDAVModule" />
<remove name="FormsAuthentication" />
</modules>
<handlers>
<remove name="ExtensionlessUrlHandler-ISAPI-4.0_32bit" />
<remove name="ExtensionlessUrlHandler-ISAPI-4.0_64bit" />
<remove name="ExtensionlessUrlHandler-Integrated-4.0" />
<remove name="UrlRoutingModule-4.0" />
<remove name="ApiURIs-ISAPI-Integrated-4.0" />
<add name="UrlRoutingModule-4.0" path="*." type="System.Web.Routing.UrlRoutingModule" preCondition="" verb="GET,HEAD,POST,DEBUG,PUT,DELETE" />
<add name="ApiURIs-ISAPI-Integrated-4.0" path="*." verb="GET,HEAD,POST,DEBUG,PUT,DELETE,PATCH,OPTIONS" type="System.Web.Handlers.TransferRequestHandler" resourceType="Unspecified" requireAccess="Script" preCondition="integratedMode,runtimeVersionv4.0" />
<!--<add name="ExtensionlessUrlHandler-ISAPI-4.0_32bit" path="*." verb="GET,HEAD,POST,DEBUG,PUT,DELETE,PATCH,OPTIONS,XYZ" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework\v4.0.30319\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv4.0,bitness32" responseBufferLimit="0" />
<add name="ExtensionlessUrlHandler-ISAPI-4.0_64bit" path="*." verb="GET,HEAD,POST,DEBUG,PUT,DELETE,PATCH,OPTIONS,XYZ" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework64\v4.0.30319\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv4.0,bitness64" responseBufferLimit="0" />
<add name="ExtensionlessUrlHandler-Integrated-4.0" path="*." verb="GET,HEAD,POST,DEBUG,PUT,DELETE,PATCH,OPTIONS,XYZ" type="System.Web.Handlers.TransferRequestHandler" preCondition="integratedMode,runtimeVersionv4.0" />-->
</handlers>
</system.webServer>
Need help.
I was doing some mistakes when passing the Web api url in application.
e.g: for web api Root url i was using like below:
http://localhost:25968
But it should be like : http://localhost:25968/
Last slash was missing due to it web api method was not accessing through application.