I have already a project that built top of the ASP.NET MVC 2.0 and it's working.
I tried to run it on Ubutuntu 10.4 Server on Apache2 and Mod mono.
As you know, when you created a new project on VS.NET it creates a Content folder for holds static content such as css, js, images etc.
Also my project has working with Forms authentication, and i separated some path of my project with below location element in web.config.
<location path="Content">
<system.web>
<authorization>
<allow users="*"/>
</authorization>
</system.web>
</location>
But above configuration hasn't worked on Apache.
The question is; how can i pass authentication for static contents on apache - mod mono ?
Thank you
Related
We've built and deployed many Optimizely sites but recently started exploring CMS 12 running on .net Core.
The issue at the moment is that we're not able to view the site when "hosted" by IIS.
We've followed the Optimizely instructions, cross referenced it with Jon D Jones' guide/video, and it seems that once you have installed the .net core hosting package and updated the app pool it should "just work". That is not what we're seeing.
eg
https://docs.developers.optimizely.com/content-cloud/v12.0.0-content-cloud/docs/installing-optimizely-net-5
https://www.jondjones.com/learn-optimizely/cms/how-to-install-optimizely-cms-12-and-configure-a-development-environment/
The Optimizely project is setup in VS2022 and runs fine using IIS Express (ie clicking "Start" in VS).
However, if pointing the IIS site at the obj/Debug/net6.0/ folder (or net5.0) the site returns a 404.
/util/login and /episerver/cms/ both work in IIS Express, but not via the host name set in IIS.
"Everyone" has all permissions to everything to ensure that is not an issue.
SDK and hosting bundle for .net 5, 6 and 7 have been installed.
In all examples we've seen, we've copied the steps and still end up with 404s returned no matter the path requested.
I've tried various publish options (target runtime, deployment mode etc). Nothing seems to help.
I suspect there is something we're missing but nobody here is very au fait with .net Core as most of our clients are still running .net framework apps.
Are there any pointers, links anyone has used that has helped them?
Current setup:
Windows 11
IIS 10
VS2022 Pro w/Resharper
Optimizely CMS 12
If you are to run the project using IIS directly from the debug folder use bin\Debug\net6.0 and not the obj\ folder. Also you must add a web.config to that folder with instructions for IIS how to start the project.
Some basics
The apppool must be setup using "No Managed Code"
The web.config if missing must be added manually and it should look like this
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<location path="." inheritInChildApplications="false">
<system.webServer>
<handlers>
<add name="aspNetCore" path="*" verb="*" modules="AspNetCoreModuleV2" resourceType="Unspecified" />
</handlers>
<aspNetCore processPath="dotnet" arguments=".\REPLACEWITHYOURPROJECTDLL.dll" stdoutLogEnabled="false" stdoutLogFile=".\logs\stdout" hostingModel="inprocess" />
</system.webServer>
</location>
</configuration>
Note the REPLACEWITHYOURPROJECTDLL
We recently converted a Framework 4.8 WebForms project that was using Forms Authentication to use Identity 2.0 Authentication and now we can't access default documents or images without allowing anonymous access.
Once authenticated with Identity, if you browse to a folder such as http://mysite/dashboard/default.aspx it works fine. However, if the default page is not in the path as in http://mysite/dashboard/ it returns 401.2 as though IIS needs permissions to server the page :
*Access is denied. Description: An error occurred while accessing the resources required to serve this request. The server may not be
configured for access to the requested URL.
Error message 401.2.: Unauthorized: Logon failed due to server
configuration. Verify that you have permission to view this directory
or page based on the credentials you supplied and the authentication
methods enabled on the Web server. Contact the Web server's
administrator for additional assistance.*
We have <authentication mode="None"> which I understand is correct for this situation. IIS is configured to use default documents just as it was when we were using Forms Authentication.
We also deny unauthenticated users with the System.Web.Security.UrlAuthorizationModule:
<authorization>
<deny users="?" />
</authorization>
If we allow anonymous on the folder it does work but we don't what anonymous access on these locations.
<location path="Dashboard">
<system.web>
<authorization>
<allow users="*" />
</authorization>
</system.web>
</location>
So, how do you configure IIS to access default documents without 'allow anonymous' so it works like it did under Forms Authentication.
Thanks!!!
Try to add this to the System.Webserver section
<modules>
<remove name="FormsAuthentication"/>
<add name="FormsAuthentication" type="System.Web.Security.FormsAuthenticationModule" />
</modules>
The key seems to be to remove the managedHandler Precondition from the FormsAuthentication module. As I understand it this is only supposed to optimize serving of static content.
Found that adding <modules runAllManagedModulesForAllRequests="true"> to the web.config resolved the issues. Not really sure why at this point. I did notice that the request for a static file did not include the user identity which was working before removing Forms Authentication. After adding this, the user identity started showing up in the request.
With web forms I can designate an individual ASPX page to require SSL and IIS will ask the user to pick a certificate from their CAC. However, in IIS Manager on the server for an MVC site, the individual views are not listed so I cannot require SSL for a particular view. Is there any way to do this?
My web.config has been changed:
<location path="FileSharing/Welcome" allowOverride="true"></location>
<location path="FileSharing/Index" allowOverride="true">
<system.webServer>
<security>
<access sslFlags="Ssl,SslNegotiateCert,SslRequireCert"/>
</security>
</system.webServer>
Error 500.19
Error Code
0x80070021
Config Error
This configuration section cannot be used at this path. This happens when the section is locked at a parent level. Locking is either by default (overrideModeDefault="Deny"), or set explicitly by a location tag with overrideMode="Deny" or the legacy allowOverride="false".
We have an Azure Website hosting a static site (just some HTML, CSS, Javascript), which then communicates with our Azure Mobile Services by AJAX calls.
We would like to add some very simple authentication to this site (just a static username/password will be sufficient).
Please recommend the easiest way to do this.
Or may be there is some better option for serving static content, other then Azure Websites?
A very simple form of authentication with a static username and password can be achieved by leveraging ASP.NET's authentication and authorization, integrated with IIS as described in this article: Apply ASP.NET Authentication and Authorization Rules to Static Content with IIS 7.0's Integrated Pipeline Feature.
Se this sample GitHub project for an example. The relevant pieces of code are this Web.config file that you should place in the root directory (which would be public):
<?xml version="1.0"?>
<configuration>
<system.web>
<compilation debug="false" />
<authentication mode="Forms">
<forms>
<credentials passwordFormat="Clear">
<user name="Alice" password="secret" />
</credentials>
</forms>
</authentication>
<!-- Unless specified in a sub-folder's Web.config file,
any user can access any resource in the site -->
<authorization>
<allow users="*" />
</authorization>
</system.web>
<system.webServer>
<modules>
<remove name="FormsAuthenticationModule" />
<add name="FormsAuthenticationModule" type="System.Web.Security.FormsAuthenticationModule" />
<remove name="UrlAuthorization" />
<add name="UrlAuthorization" type="System.Web.Security.UrlAuthorizationModule" />
</modules>
</system.webServer>
</configuration>
And this Web.config file that you could place in a subdirectory (which would be restricted):
<?xml version="1.0"?>
<configuration>
<system.web>
<!-- Anonymous users are denied access to this folder (and its subfolders) -->
<authorization>
<deny users="?" />
</authorization>
</system.web>
</configuration>
You also need a Login.aspx file with the HTML form and server-side authentication logic. See the Login.aspx in the sample project for an example.
This way you would be able to host both public files at root level and private files at subdirectories. If you want to protect even the root level, just adjust the authorization rules accordingly.
For documentation on configuration options see these MSDN pages:
authorization Element (ASP.NET Settings Schema)
allow Element for authorization (ASP.NET Settings Schema)
deny Element for authorization (ASP.NET Settings Schema)
This is an old question that's been previously answered, but if you're looking for the easiest possible solution that requires no code or config changes, you can use Azure Websites Authentication / Authorization (disclaimer, I helped build this feature). Here are some links:
Blog Post:
http://azure.microsoft.com/blog/2014/11/13/azure-websites-authentication-authorization/
Demo Video:
http://azure.microsoft.com/en-us/documentation/videos/azure-websites-easy-authentication-and-authorization-with-chris-gillum/
EDIT:
And here is a more recent blog post describing how you can use social providers (Twitter, Facebook, Google, Microsoft Accounts) in addition to the default Azure AD: https://azure.microsoft.com/en-us/blog/announcing-app-service-authentication-authorization/
We're running IIS 6 on Windows Server 2003 R2.
We want to add a virtual directory that runs under .NET 4.0 to a site that runs under .NET 2.0. We've given the virtual directory its own app pool, and we've configured the virtual directory to run under 4.0.
The parent site works fine, but the virtual directory throws errors that reference the parent site's web.config file. We need the virtual directory to use its own web.config file.
The GUI in the IIS Manager says that the virtual directory is using its own web.config file, but the error messages we get refer to items in the parent's web.config file.
I'm not sure how to solve the problem. My best lead so far is from a post on another site said that the problem could be solved with something like this:
<location path="." inheritInChildApplications="false">
</location>
Again, I'm not sure this will fix things, and I'm not sure how to figure out where to put it or what it ought to contain. The parent site is built on top of a CMS system, and its web.config file is reasonably complex.
I got this to work, so I want to leave the answer for the next person.
The location tags I mentioned in my question did the job. I got them to work by using them to enclose a system.web section:
<location path="." inheritInChildApplications="false">
<system.web>
.
.
(the stuff that made the site in the virtual directory break)
.
.
</system.web>
</location>