Captcha not working with IIS - dll

i m using a dll file MSCaptcha.dll for my web application its works fine on localhost but not with iis server..what should i do to make it work

Solution :
Select your application in IIS7. Open Handler Mappings under IIS either by double click the Handler Mappings or click "open feature" under Action.
Click "Add Managed Handler" under action.
Enter "CaptchaImage.axd" without quotes in Request Path
Under Type select MSCaptcha.CaptchaImageHandler
Enter "MSCaptcha" without quotes in Name and click OK

I had this problem and this worked for me.
In your web.config, instead of having the path as "CaptchaImage.axd":
<system.webServer>
<handlers>
<add name="MSCaptcha.captchaImageHandler" verb="GET" path="CaptchaImage.axd" type="MSCaptcha.captchaImageHandler, MSCaptcha" resourceType="Unspecified"/>
</handlers>
</system.webServer>
Try changing the path to "~/CaptchaImage.axd":
<system.webServer>
<handlers>
<add name="MSCaptcha.captchaImageHandler" verb="GET" path="~/CaptchaImage.axd" type="MSCaptcha.captchaImageHandler, MSCaptcha" resourceType="Unspecified"/>
</handlers>
</system.webServer>

Related

500 error : Unable to get required configuration section 'system.webServer/aspNetCore'

I have an internal server error at my .NET Core web service launch. Tuesday morning, the web-service was lauching well, Tuesday afternoon a windows update has been installed (KB4570720 package), Wednesday I have this 500 error...
The IIS error page tell me :
Module AspNetCoreModuleV2
Notification ExecuteRequestHandler
Gestionnaire aspNetCore
Code d'erreur 0x80004005
And IIS log event has this specific error :
Could not load configuration. Exception message: Unable to get required configuration section 'system.webServer/aspNetCore'. Possible reason is web.config authoring error.
This my web.config, I don't see what's wrong.
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<system.webServer>
<handlers>
<remove name="aspNetCore" />
<add name="aspNetCore" path="*" verb="*" modules="AspNetCoreModuleV2" resourceType="Unspecified" />
</handlers>
<aspNetCore processPath="dotnet" arguments=".\loemail.dll" stdoutLogEnabled="false" stdoutLogFile=".\logs\stdout" hostingModel="InProcess">
<environmentvariables />
</aspNetCore>
<httpErrors errorMode="Detailed" />
</system.webServer>
</configuration>
I have tried to change the encoding from UTF8 to ANSI.
I've tried to change the stdoutLogEnabled from false to true but there is no error there since it occurs before.
I've tried to remove completely the web.config and copy-paste the one from my backup.
I've tried to reinstall the web-service.
I have another .NET Core application running on this server, so I excluded issues with the .NET framework version but maybe I'm wrong? How could I check that? Both use .NET Framework 2.2.
Should I remove the last windows update package?
I fix the problem by copy/paste the web.config from my other application... And I still see no difference between them ! Computer makes us crazy sometimes...

Cannot add duplicate collection entry of type 'add' with unique key attribute 'name' set to 'aspNetCore

I have recently published my ASP.NET Core application to my host. I am hitting a HTTP Error 500.19.
IIS 8.5 says the issue is:-
"Cannot add duplicate collection entry of type 'add' with unique key attribute 'name' set to 'aspNetCore'"
It also highlights this key add line in my system.webServer config:-
<handlers>
<add name="aspNetCore" path="*" verb="*" modules="AspNetCoreModule"
</handlers>
I'm not really sure what to do on this. It looks as though there is a duplicate instance of this, so I have tried renaming this but it still asks to add this again?
Here is my web.config:-
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<!--
Configure your application settings in appsettings.json. Learn more at http://go.microsoft.com/fwlink/?LinkId=786380
-->
<system.webServer>
<handlers>
<add name="aspNetCore" path="*" verb="*" modules="AspNetCoreModule" resourceType="Unspecified" />
</handlers>
<aspNetCore processPath="%LAUNCHER_PATH%" arguments="%LAUNCHER_ARGS%" stdoutLogEnabled="false" stdoutLogFile=".\logs\stdout" forwardWindowsAuthToken="false"/>
</system.webServer>
<system.net>
<defaultProxy useDefaultCredentials="true" >
</defaultProxy>
</system.net>
</configuration>
The answer above didn't work for me, however DavidG's comment did solve my problem, so going to post as an answer in case it helps someone else.
For me, I was not running it as a sub-application, and a project that had been working for me no issue for over a year suddenly stopped working with this issue. Still not sure what changed. When I commented out or removed the <add name="aspNetCore".../> the error persisted, and then that line got automatically re-added.
To solve the problem, I added <remove name="aspNetCore" /> to the config file, right above the <add name="aspNetCore"... /> entry, and things started working again.
To continue running on IIS EXPRESS, go on root folder where the .sln file stays.
go to delete file from .vs\config\applicationhost.config or save
it in a temporary place if you have something there.
Close/Re Open VS Studio, run again, will work.
If you need to add something back from save applicationhost.config, just compare those two, but I don't see what you could have there.
None of the suggested solutions worked for me unfortunately. By some miracle I learned that my applicationhost.config file had been modified in an unfortunate matter, making that "Cannot add duplicate collection entry" error appear when I navigated to a specific page in my .NET Core website application.
Under the <sites> tag in applicationhost.config, I had the following:
<site name="MyWebsite" id="2">
<application path="/" applicationPool="Clr4IntegratedAppPool">
<virtualDirectory path="/" physicalPath="C:\Users\___\solutionname\MyWebsite" />
</application>
<application path="/SomePage" applicationPool="Clr4IntegratedAppPool">
<virtualDirectory path="/" physicalPath="C:\Users\___\solutionname\MyWebsite" />
</application>
<bindings>
<binding protocol="https" bindingInformation="*:12345:localhost" />
</bindings>
</site>
The 500.19 HTTP error was shown to me when I navigated to the page "/SomePage". As you can see, for some reason there was a separate <application> tag for this specific page. I have no idea why.
I removed that entire <application> tag for the "/SomePage" path, and everything started working again.
I faced this issue with vs 2017 on a project that was working fine without changing the web.config. Looking at this posts I realized that it might be an IIS express issue and I solved simply deleting .vs folder and restarting vs.
I had the same problem and in my case commenting the line
<add name="aspNetCore"...
solved the issue and brought up the question "why is it working without AspNetCoreModule".
The problem in my case was that I was adding the site as a sub-application in defaultwebsite and it was located in the wwwrootfolder. I think the config was automatically picked up by the defaultwebsite and applied for all sub-application sites.
This link helped
So the solution was to move it as a separate site on another port.
In my case, the issue was caused by putting a path in the Debug Tab of my web project so that the app would open at a particular page. This causes two silent additions to the file .vs\config\applicationhost.config, similar to the one observed by eightx2.
In :
<add name="api AppPool" managedRuntimeVersion="" />
In :
<application path="/blah" applicationPool="api AppPool">
<virtualDirectory path="/" physicalPath="your-path\src\your-proj" />
</application>
where a similar entry already exists. This is the root of the problem.
The error message, unfortunately, is completely misleading.
Solution is to rename applicationhost.config, restart VS, and let it rebuild the file. This is why Ricardo's solution of deleting the entire .vs folder also works.
That error is because there is a root file in ASP.NET Core that is called ".vs\config\applicationhost.config"
Initially it has 67 keys. You can see it for yourself here, in the Configuration Editor.
This file called ".vs\config\applicationhost.config" has the default settings carried by the Web.config to be able to work, and one of them is that handler.
You can also see it here.
The problem is that that file has that handler and what you publish is going to inherit that handler.
You have two solutions, comment on the line of your published web.config or delete that handler from the ".vs\config\applicationhost.config"
I just had this one, it turns out I had changed the App Url in Debug settings for the website Properties, in order to load a specific page (wrong but happened).
In IIS it automatically created a new application under the test domain called About (in this case).
Removing the rogue IIS application under the domain solves the issue as it doesn't attempt to reload the same web.config when navigating to the page.
I commented the below statement
<verbs allowUnlisted="true">
And its works
If you're running your site in IIS, check if your Application Pool has a "duplicate" Application attached.
I had this same problem debugging my site in IIS. While troubleshooting I found that the Application Pool for my site showed 2 applications connected to it. I checked each of my sites to make sure I hadn't accidentally assigned one of them to the same app pool but they were all correct. So I deleted my site in IIS and checked the app pool which then showed 0 applications. I recreated the site in IIS, attached it to the application pool which then showed only the 1 application. Restarted the site and it worked correctly.
Not sure how that phantom application got attached to my app pool but that's what was causing the duplicate aspNetCore key in my case.
I have a parent web application with multiple child applications.
This is what worked for me:
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<location path="." inheritInChildApplications="false">
<system.webServer>
<handlers>
<add name="aspNetCore" path="*" verb="*" modules="AspNetCoreModuleV2" resourceType="Unspecified" />
</handlers>
<aspNetCore processPath="dotnet" arguments="<pathToDll>" stdoutLogEnabled="false" stdoutLogFile=".\logs\stdout" hostingModel="InProcess" />
</system.webServer>
</location>
</configuration>
Basically, wrap the system.webServer element of the parent website with the location element and set inheritInChildApplications: <location path="." inheritInChildApplications="false">.
Then the child websites can stay the same and you do not need to add <remove name="aspNetCore" /> to each child website's web.config.
Note that this is in the project file:
<aspNetCore processPath="%LAUNCHER_PATH%" arguments="%LAUNCHER_ARGS%" stdoutLogEnabled="false" stdoutLogFile=".\logs\stdout" hostingModel="InProcess" />
And it gets changed to this during publish:
<aspNetCore processPath="dotnet" arguments="<pathToDll>" stdoutLogEnabled="false" stdoutLogFile=".\logs\stdout" hostingModel="InProcess" />

Trying to understand System.Web.HttpNotFoundHandler

I need to restrict access to all but one view in my ASP.NET MVC4 project on our public site. We have to prevent a login screen from appears because AD is not setup on our public server as well.
From what I've read about System.Web.HttpNotFoundHandler, the way I understand it is if I include the following line in my web.config all cshtml pages in my /Views folder will be restricted from view:
<httpHandlers>
<add path="*.cshtml" verb="*" type="System.Web.HttpNotFoundHander"/>
</httpHandlers>
However, when I play around with this setting in both of my web.config files, nothing is restricted from view on my local machine when I test. I have my program setup to run on my local IIS7 (our public site is IIS6). I feel I misunderstand how this works.
For IIS 6
<httpHandlers>
<add path="*.cshtml" verb="*" type="System.Web.HttpNotFoundHandler"/>
</httpHandlers>
For IIS 7
<httpHandlers>
<add name="BlockViewHandler" path="*.cshtml" verb="*" preCondition="integratedMode" type="System.Web.HttpNotFoundHandler"/>
</httpHandlers>
To deep dive in this topic read This Blog

AttributeRouting: Why is my POST, but not my PUT routed? [duplicate]

I have written a site that uses ASP.NET MVC Web API and everything is working nicely until I put it on the staging server. The site works fine on my local machine and on the dev web server. Both dev and staging servers are Windows Server 2008 R2.
The problem is this: basically the site works, but there are some API calls that use the HTTP PUT method. These fail on staging returning a 404, but work fine elsewhere.
The first problem that I came across and fixed was in Request Filtering. But still getting the 404.
I have turned on tracing in IIS and get the following problem.
168. -MODULE_SET_RESPONSE_ERROR_STATUS
ModuleName IIS Web Core
Notification 16
HttpStatus 404
HttpReason Not Found
HttpSubStatus 0
ErrorCode 2147942402
ConfigExceptionInfo
Notification MAP_REQUEST_HANDLER
ErrorCode The system cannot find the file specified. (0x80070002)
The configs are the same on dev and staging, matter of fact the whole site is a direct copy.
Why would the GETs and POSTs work, but not the PUTs?
For those of you who do not have WebDAV enabled but are still running into this issue using MVC 4's Web API's...
Steve Michelotti documented a solution that worked for me here.
At the end of the day, I enabled all verbs (verb="*") to the ExtensionlessUrlHandler-Integrated-4.0 handler in my web config.
<system.webServer>
<validation validateIntegratedModeConfiguration="false" />
<modules runAllManagedModulesForAllRequests="true" />
<handlers>
<remove name="ExtensionlessUrlHandler-Integrated-4.0" />
<add name="ExtensionlessUrlHandler-Integrated-4.0" path="*." verb="*" type="System.Web.Handlers.TransferRequestHandler" resourceType="Unspecified" requireAccess="Script" preCondition="integratedMode,runtimeVersionv4.0" />
</handlers>
</system.webServer>
Those IIS servers have web-dav module installed on them and i bet it is not needed and it was installed because the person installing ticked all boxes.
Just remove web-dav from iis.
Alternatively use web.config to remove web dav module:
<system.webServer>
<modules>
<remove name="WebDAVModule" />
</modules>
...
It seems there are a number of reasons that this occurs. None of the above quite worked for me. I already had the ExtensionlessUrlHandler settings in web.config with all the required HTTP verbs. In the end I had to make the following changes in IIS:
In IIS select your website and double-click Handler Mappings
Find ExtensionlessUrlHandler-ISAPI-4.0_32bit and double-click
In the dialog that appears, click Request Restrictions
On the Verbs tab add the missing HTTP verbs separated by commas (in my case it was PUT and DELETE
Click Ok where required and answer Yes in the Edit Script Map dialog that pops up.
Repeat for ExtensionlessUrlHandler-ISAPI-4.0_64bit
Hope this helps somebody :)
My hosting provider could NOT uninstall WebDAV as this would affect everyone.
This, runAllManagedModulesForAllRequests="true" , worked but was not recommended.
Many fixes included removing the module for WebDAVModule but that still didn't work. I removed the handler also, and finally I could use all verbs POST GET PUT DELETE.
Remove WebDAVModule and WebDAV in modules and handlers.
<modules>
<remove name="WebDAVModule" />
</modules>
<handlers>
<remove name="WebDAV" />
</handlers>
I fixed this removing the UrlScan ISAPI filter
In my case, none of these solutions applied.
I fixed it by changing my app pool to Integrated instead of Classic.
The handler:
<add name="ExtensionlessUrlHandler-Integrated-4.0" path="*." verb="*" type="System.Web.Handlers.TransferRequestHandler" preCondition="integratedMode,runtimeVersionv4.0" />
is not going to work with a Classic app pool, since its preCondition is integratedMode.
Rick Strahl from West-Wind recommended the following:
< handlers>
< remove name="ExtensionlessUrlHandler-Integrated-4.0"/>
< add name="ExtensionlessUrlHandler-Integrated-4.0"
path="*."
verb="GET,HEAD,POST,DEBUG,PUT,DELETE,PATCH,OPTIONS"
type="System.Web.Handlers.TransferRequestHandler"
preCondition="integratedMode,runtimeVersionv4.0"
/>
< /handlers>
Which Worked very well for me.
Hi For me none of the solutions worked. I finally got it working doing this :
1) In IIS select you application.
2) Go to Request Filtering
3) Then select the HTTP Verbs tab
4) I found the PUT and other verbs to have allowed to false but wasn't able to just edit so I removed the verb then either in the pane on the right select allow verb or right click on the list and select it. Enter the verb you're having troubles with and voilĂ  !
Hope this will help someone !
I resolved this by changing my application pool for the website to Integrated mode when it was previously on Classic mode.

HTTP Error 500.19 - Internal Server Error using WCF Data service Authentication

I'm following this tutorial http://blogs.msdn.com/b/astoriateam/archive/2010/07/21/odata-and-authentication-part-6-custom-basic-authentication.aspx.
I need to add to the web.config :
<system.webServer>
<modules>
<add name="BasicAuthenticationModule"
type="SimpleService.BasicAuthenticationModule"/>
</modules>
</system.webServer>
But I get Cannot add duplicate collection entry of type 'add' with unique key attribute 'name' set to 'BasicAuthenticationModule'
So, I search the net for some solution, many posts suggest adding this line
<system.webServer>
<modules>
<remove name="BasicAuthenticationModule"/>
<add name="BasicAuthenticationModule"
type="SimpleService.BasicAuthenticationModule"/>
</modules>
</system.webServer>
but now I get a "Lock Violation"
any help please??
Well, It's kind of disappeared and everything works great now.
At first I had to disable all Authentication for the Application in the IIS, but I had to do a system restore, after that it's all history.
Sorry I can't help .