I hosted some service in my local IIS with Application Pool Identity as Identity in application pool.
Now I tried to add another WCF Application and set its identity as application pool identity, but the application pool will stop when it receives the first request.
When I tried with an existing application pool, its working.After googling I tried, to find some logs in event viewer, but there were no error.
If I set my user id and password, then its works fine.
How can I troubleshoot and figure out whats the issue with Application Pool Identity?
Related
In my AWS remote Desktop, I have hosted my web application and API service application using IIS(internet information service). In that, Application pools stopped my API service in remote desktop IIS at every midnight of lesser usage time. In the morning always I restart my API services in IIS then it works fine. I need a permanent solution to fix this problem always API service will be in Up. Please suggest your solution.Attachment for reference
I have a .NET Core MVC web application that is containerized and running in Azure Kubernetes Service. The application uses .NET Core Identities for user authentication.
The problem I have is that when I scale up the application to multiple instances, user authentication becomes unreliable. I believe this is because the load balancer does not guarantee that subsequent requests from the same user session go to the same instance, and as the authentication cookies creating on one instance are not valid on another instance, the user is directed to the login page again.
With the .NET Framework I would set the machineKey in the webconfig, and so multiple instances would be using the same key for encryption.
What is the appropriate way to manage this situation with a .NET Core application?
I have a website that's using ASP.NET Core MVC. It's hosted as an App Service in Azure. Authentication happens against Azure AD.
The authentication cookie is a session cookie.
Is there a way to force all existing session cookies to be invalid? Back in the day of .NET Web Forms I would have recycled the app pool or changed the machine key.
I don't care if the cookies still exist, I just want them to no longer be accepted by my web application.
In or to invalidate the auth cookies in an ASP.NET Core application, you need to delete the encryption keys. I am hosting my site an Azure and the encryption keys are stored at %HOME%\ASP.NET\DataProtection-API. There will be one or more XML files stored in that directory, those are the keys. Delete the XML files and restart the web application (you must restart the web application as the keys are stored in-memory).
I ran into an issue where I had scaled out my web application and both web apps started simultaneously. This caused each app to create its own key and (more importantly) be unaware of the other app's key. To help prevent this from happening, I perform the following steps:
Scale down my app service to 1 isntance
Delete the XML files
Restart the web application
Request a page from the web application (ensure it has been restarted)
Scale my app service back up
We have a web application built in ASP MVC 4.
We are storing our session data in database i.e. sessionState mode="SQLServer"
When we restart the application pool, we expect the session not to expire. However, for some reason it does. Session_end is not being called, however Session_Start is called.
Please can anyone suggest why this could be happening.
Thanks
I have a set of WCF Services Hosted in IIS7. I'm in the process of moving the services to a different folder in order to start specifying version and environment in the URL. For example:
http://myserver/MyServices/ServiceA.svc
Becomes:
http://myserver/MyServices/QA/1.1.0/ServiceA.svc
I configured the new folder to be an application in IIS, and set it up to run under the same service app pool we've been using. That has all worked fine, I am able to navigate to my .svc URL and view the WSDL or open up the endpoint in wcf test client. However, when trying to consume the service I am getting the following error:
The identity check failed for the outgoing message. The expected identity is 'identity(http://schemas.xmlsoap.org/ws/2005/05/identity/right/possessproperty: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn)' for the 'http://myserver/MyServices/QA/1.1.0/ServiceA.svc' target endpoint.
When I check the WSDL output, I noticed that the identity section seemed to leave out the identity of the app pool, which it usually includes:
<Identity xmlns="http://schemas.xmlsoap.org/ws/2006/02/addressingidentity">
<Upn>myappuser#mydomain.local</Upn>
</Identity>
After trying to redeploy and reconfigure the app in IIS, I was able to get the identity to appear in the metadata for only some of the services. Other services still don't include it, which is even more strange than before. There are zero configuration differences between the original stack and the new stack in IIS as far as I can tell. What sorts of issues could I be running in to that would causes these types of identity issues?
The issue was caused by trying to nest the new service stack web application inside of the existing service stack web application. I think that may have caused some confusion for IIS when services in the sub-application were exposing endpoints to the same contracts that the root web application (although in theory this should work just fine). I simply had to move the new service stack into a separate folder structure. Once I did that, I had no problems getting the app pool identity to be exposed in the metadata.