Session state can only be used when enableSessionState is set to true, either in a configuration file or in the Page directive. Please also make sure that System.Web.SessionStateModule or a custom session state module is included in the <system.web><httpModules> section in the application configuration.
, i want to deploy project in local lan , in IIS . i follow all thing but this error is not resolving .
i add below code in web config but not work.
<system.web>
<pages enableSessionState="true" />
</system.web>
enter image description here
You try the below workaround to resolve the issue:
1.Removing and Re-adding the in your web.config :
<configuration>
<system.webServer>
<modules>
<remove name="Session" />
<add name="Session" type="System.Web.SessionState.SessionStateModule"/>
</modules>
</system.webServer>
</configuration>
2.Setting the runAllManagedModulesForAllRequests="true" in the element of your web.config
<system.webServer>
<modules runAllManagedModulesForAllRequests="true" />
</system.webServer>
3.Run the below PowerShell command:
Enable-SPSessionStateService –DefaultProvision
I encountered this error when I tried to host my asp .net core project on local iis.
I have installed the asp .net hosting bundle, checked the permissions to my web.config file but still of no use.
My web.config file is as follows:
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<location path="." inheritInChildApplications="false">
<system.webServer>
<handlers>
<add name="aspNetCore" path="*" verb="*" modules="AspNetCoreModuleV2" resourceType="Unspecified" />
</handlers>
<aspNetCore processPath=".\SampleApp1.exe" stdoutLogEnabled="false" stdoutLogFile=".\logs\stdout" hostingModel="inprocess" />
</system.webServer>
</location>
</configuration>
<!--ProjectGuid: e4b7dcc7-c9c3-48c5-9a12-0a9ee0c9ac2c-->
My asp .net version is 3.1.201.
Also, usually at the error page you should see the physical path as well but in my case that's empty though I set the physical path to my web files.
Recently I have developed a very simple .net core API and then deployed the same on IIS and want to enable Windows Authentication for some users. To be able to implement it, my web.config looks like
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<system.web>
<authentication mode="Windows" />
<authorization>
<allow users="Tow\USER1"/>
<deny users="*"/>
</authorization>
</system.web>
<location path="." inheritInChildApplications="false">
<system.webServer>
<handlers>
<add name="aspNetCore" path="*" verb="*" modules="AspNetCoreModuleV2" resourceType="Unspecified" />
</handlers>
<aspNetCore processPath="dotnet" arguments=".\Oculus.WebApi.dll" stdoutLogEnabled="false" stdoutLogFile=".\logs\stdout" hostingModel="InProcess" />
</system.webServer>
</location>
</configuration>
As it can be seen only User1 should be allowed access but everyone is able to access. My IIS authentication looks like this:
Can some one help please?
From this thread, ASP.NET Core does not support nor use web.config. The published web.config is there only for IIS hosting, since IIS requires this.
A wrokaround is that you could try to place inside system.webServer, which is directly for configuration of IIS.
<configuration>
<system.webServer>
<security>
<authorization>
<remove users = "*" roles="" verbs="" />
<add accessType = "Allow" users="Tow\USER1"/>
</authorization>
</security>
</system.webServer>
</configuration>
But the recommend way is that you'd better write you own custom authorization policy in asp.net core
https://learn.microsoft.com/en-us/aspnet/web-api/overview/security/authentication-and-authorization-in-aspnet-web-api
https://learn.microsoft.com/en-us/aspnet/core/security/authorization/policies?view=aspnetcore-2.2
As title, I want to disable Anonymous Authentication for my ASP.NET Boilerplate web site (MVC) in IIS Server and use Form Authentication instead. Is it possible to do this because if I disable Anonymous Authentication, my website cause an error "HTTP Error 404.15 - Not Found"
Update 1: Here is my web.config
<system.web>
<globalization culture="auto" uiCulture="auto" />
<compilation debug="true" targetFramework="4.6.1">
<assemblies>
<add assembly="System.Runtime, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
</assemblies>
</compilation>
<httpRuntime targetFramework="4.5.1" />
<customErrors mode="Off">
<error statusCode="404" redirect="~/Error/E404" />
</customErrors>
<httpHandlers>
<add path="Reserved.ReportViewerWebControl.axd" verb="*" type="Microsoft.Reporting.WebForms.HttpHandler, Microsoft.ReportViewer.WebForms, Version=11.0.0.0, Culture=neutral, PublicKeyToken=89845dcd8080cc91" validate="false" />
</httpHandlers>
<authentication mode="Forms" />
</system.web>
I still remember the first time I had to implement Forms Authentication in ASP. All I can say is there is a reason I only do linux based web-development now!
It is a real pain, but this should work if you don't intend on using a database to manage the users.
If you do intend to use a database then prepare yourself for a long road. U need to have the correct MSSQL database for the correct Visual studio tool and they also removed the management interface completely so you either have to design your own or use a tool that is available on the internet somewhere. I still remember I got so frustrated by the whole idea of it, that I literally wrote my own management tool I could deploy on developed sites. If it wasn't on a broken harddrive I would give it to you.
<authentication mode="Forms">
<forms loginUrl="login.aspx" defaultUrl="welcome.aspx">
<credentials passwordFormat="Clear">
<user name="abhishek" password="abhi#123"/>
<user name="Kantesh" password="sinha#123" />
</credentials>
</forms>
</authentication>
<authorization>
<deny users="?"/>
</authorization>
If you plan on using a database to store your users google some tutorials.
The reason why you are getting a 404 is because you are not specifying loginUrl or it is incorrect and pointing to a non-existant page.
Hope this helps
When you disable anonymous access to all pages you cannot let users to see login page as well. what you need to to do is allowing some specific pages like login or register to be accessible.
This might not completely fits for you but you get the idea.
If it doesn't work, try removing the backslash "/" for the "/account/login" and set it like "account/login"
<configuration>
<system.web>
<authentication mode="Forms" />
<authorization>
<deny users="?" /> //this will restrict anonymous user access
</authorization>
</system.web>
<location path="/account/login"> //path here is path to login page
<system.web><authorization><allow users="*" /> // this will allow access to everyone to login page
</authorization></system.web></location>
</configuration>
We have a internal NuGet server (ASP.net app using the NuGet.Server package) and we want to use it with Octopus to deploy packages. So the first thing you hit is that the packages are too large.
When you push a package larger than around 7 Meg you get:
Failed to process request. 'Request Entity Too Large'.
The remote server returned an error: (413) Request Entity Too Large..
Based on the documentation on Octopus, I updated the web.config file to have the changes.
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<configSections>
<sectionGroup name="elmah">
<section name="security" requirePermission="false" type="Elmah.SecuritySectionHandler, Elmah"/>
<section name="errorLog" requirePermission="false" type="Elmah.ErrorLogSectionHandler, Elmah"/>
<section name="errorMail" requirePermission="false" type="Elmah.ErrorMailSectionHandler, Elmah"/>
<section name="errorFilter" requirePermission="false" type="Elmah.ErrorFilterSectionHandler, Elmah"/>
</sectionGroup>
</configSections>
<system.web>
<compilation debug="true" targetFramework="4.0"/>
<httpModules>
<add name="ErrorLog" type="Elmah.ErrorLogModule, Elmah"/>
<add name="ErrorMail" type="Elmah.ErrorMailModule, Elmah"/>
<add name="ErrorFilter" type="Elmah.ErrorFilterModule, Elmah"/>
</httpModules>
<httpRuntime maxRequestLength="419430400" executionTimeout="3600"/>
</system.web>
<system.webServer>
<validation validateIntegratedModeConfiguration="false"/>
<modules runAllManagedModulesForAllRequests="true">
<add name="ErrorLog" type="Elmah.ErrorLogModule, Elmah" preCondition="managedHandler"/>
<add name="ErrorMail" type="Elmah.ErrorMailModule, Elmah" preCondition="managedHandler"/>
<add name="ErrorFilter" type="Elmah.ErrorFilterModule, Elmah" preCondition="managedHandler"/>
</modules>
<staticContent>
<mimeMap fileExtension=".nupkg" mimeType="application/zip"/>
</staticContent>
<security>
<requestFiltering>
<requestLimits maxAllowedContentLength="419430400"/>
</requestFiltering>
</security>
</system.webServer>
<elmah>
<security allowRemoteAccess="false"/>
<errorLog type="Elmah.XmlFileErrorLog, Elmah" logPath="~/App_Data"/>
</elmah>
<location path="elmah.axd" inheritInChildApplications="false">
<system.web>
<httpHandlers>
<add verb="POST,GET,HEAD" path="elmah.axd" type="Elmah.ErrorLogPageFactory, Elmah"/>
</httpHandlers>
</system.web>
<system.webServer>
<handlers>
<add name="ELMAH" verb="POST,GET,HEAD" path="elmah.axd" type="Elmah.ErrorLogPageFactory, Elmah" preCondition="integratedMode"/>
</handlers>
</system.webServer>
</location>
<appSettings>
<add key="apiKey" value="KeyHere"/>
<add key="packagesPath" value=""/>
</appSettings>
<system.serviceModel>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true"/>
</system.serviceModel>
</configuration>
That does not work. Other posts talk about running something like (IIS7):
appcmd.exe set config -section:system.webServer/serverRuntime /uploadReadAheadSize:"419430400" /commit:apphost
or (IIS6):
cscript adsutil.vbs set w3svc/1/uploadreadaheadsize 419430400
I tried both to no avail. Neither command returned an error, so I assume that the value '419430400' is correct for all of the calls (bytes vs. some other unit of size).
Anyone have any idea what I am missing?
I ended up just copying the package to a share on the web server, but I would really like the push command to work.
Not exactly answering the OP's question, but related to the topic, I was getting the (413) Request Entity Too Large error while using NuGet push to push to a local SymbolSource server - turned out I was submitting to a slightly incorrect URL, once I corrected the command to point to the base /NuGet/ URL, it ran just fine.
No idea why an incorrect URL results in the 413 error, but there you go. Hope this helps someone.
EDIT: based on comments below, you may have more luck just referencing the base http://www.myserver.com/ URL rather than including the /NuGet as well. Worth playing around a bit.
I know this is an old question, but today I was faced with the same error. It's worth noticing that I'm using TeamCity package building and publishing. Anyway, when I try to Publish my huge package (about 200 MB) I was blocked with this. The solution was simple:
Instead of publishing to http://mynugetserver/api/v2/, use: http://mynugetserver/
You'll have to set these guys to higher values:
system.web - httpRuntime - maxRequestLength to, say, 1048576
system.webserver - security - requestFiltering - requestLimits -
maxAllowedContentLength to, say 1073741824
Both values are in a different unit so the second one should be larger than the first.
Also, have a look at www.myget.org which I found great when working with Octopus Deploy.
Check your serverRuntime configuration.
The maxRequestEntityAllowed and uploadReadAheadSize attributes respectively configure limits for the maximum number of bytes allowed in the entity body of a request and the number of bytes a Web server will read into a buffer and pass to an ISAPI extension.
More details: http://www.iis.net/configreference/system.webserver/serverruntime
My guess is that you are using SSL and setting uploadReadAheadSize will solve the issue. Because during client renegotiation process,the request entity body must be preloaded using SSL preload. SSL preload will use the value of the uploadReadAheadSize property, which is used for ISAPI extensions.
Here are the defaults
<location path="Default Web Site">
<system.webServer>
<serverRuntime enabled="true"
uploadReadAheadSize="49152"
maxRequestEntityAllowed="4294967295" />
</system.webServer>
</location>
Based on #Keith and #Nubigetter's answers, I did some further research, because the behavior seemed really weird to me.
The answer is actually in the documentation for Nuget.Server (if you look very carefully), it's just not very obvious:
use http://mynugetserver/nuget for list/restore
use http://mynugetserver/ for push
I've raised this with the Nuget team here https://github.com/NuGet/NuGetGallery/issues/2903 because I regard this behavior as 'presenting opportunity for improvement'.
This is due to nginx limitations, the nuget server in Linux system use nginx as proxy and config file under:
/etc/nginx/conf.d/nuget.conf
server_name localhost;
root /var/www/public/;
client_max_body_size 200M;
change client_max_body_size 200M is working for me.
I had the same issue:
[Step 1/2] Publishing package to feed at http://localhost/OctopusDeploy/nuget/packages...
[Step 1/2] Failed to push to package feed at 'http://localhost/OctopusDeploy/nuget/packages/'.
[Step 1/2] (The server responded with: [413] Request Entity Too Large)
[Step 1/2] Process exited with code 1
but the Octopus Deploy service had stopped!
What worked for me was in this article:
http://blogs.blackmarble.co.uk/blogs/rfennell/post/2012/10/31/403-and-413-errors-when-publishing-to-a-local-Nuget-Server.aspx
"Important: This second error was a red herring, you don't need the /nuget on the end of the URL"