Configuration :: .NET Windows 2003 Security Patch And Impersonation. IIS 6
Jun 30, 2010
I have an ASP.NET site that uses impersonation. As the impersonated user I use a domain user (not a local machine user). The site is hosted in IIS 6 running on Windows 2003. In IIS 6 for directory security windows authentication is ticked.The site has been running now for about 6 months without any problem. However since about a week back the site has started spuring up really wierd errors. For one, users cannot access the site anymore. When accessing a windows authentication dialog box appears having the user to enter the credentials. However these credentials are not accepted and the standard unauthorized page is displayed
I am getting an error with my custom RoleProvider (based on System.Web.Security.RoleProvider) initializing in my ASP.NET application. The error is: "Description: An error occurred during the processing of a configuration file required to service this request." I see this below error happening on a Windows 2003 server with .NET 3.5 SP1. I have not seen it on Windows 2008 servers, and have not seen the error when the ASP.NET application was built under .NET 2.0 (running on this same server). Any thoughts on the nature of the error?
Caveats: NONE Server Error in '/Assist' Application. Configuration Error
Description: An error occurred during the processing of a configuration file required to service this request. Please review the specific error details below and modify your configuration file appropriately.
Line 122: <clear /> Line 123: <add Line 124: type="Grb.Security.FrameworkRoleProvider" Line 125: applicationName="MyApplication1" /> Line 126: </providers>
Source File: D:inetpubAssistweb.config Line: 124
Version Information: Microsoft .NET Framework Version:2.0.50727.3603; ASP.NET Version:2.0.50727.3082
HERE'S THE INITIALIZING FUNCTION FOR THE ROLE PROVIDER:
Public Overloads Overrides Sub Initialize(ByVal name As String, ByVal config As System.Collections.Specialized.NameValueCollection)
Try If config Is Nothing Then Throw New ArgumentNullException("config") End If If String.IsNullOrEmpty(name) Then name = Me.GetType().BaseType.Name End If If String.IsNullOrEmpty(config(DescriptionKey)) Then config.Remove(DescriptionKey) config.Add(DescriptionKey, SR.GetString(SR.RoleSqlProvider_description)) End If MyBase.Initialize(name, config) ' Get the configuration settings Dim configurationSettings1 As Grb.Framework.Business.ConfigurationSettings = Grb.Framework.Business.FrameworkConfiguration.GetConfiguration() ' Load the DomainManager
Dim dataManager1 As New Grb.Framework.Data.Main(Nothing, configurationSettings1.FrameworkSchema, configurationSettings1.AssistSchema, _ configurationSettings1.ConnectionString, configurationSettings1.ProviderInvariantName, _ configurationSettings1.EnablePerformanceLogging, System.Web.HttpContext.Current.Request.PhysicalApplicationPath) ' Load the DomainManager Dim frameworkDomainManager As Grb.Framework.Business.DomainManager = New Grb.Framework.Business.DomainManager(dataManager1, -1, -1) m_ProductDomainManager = New Grb.PlugIn.Assist.Business.DomainManager(dataManager1, frameworkDomainManager) m_ApplicationName = config(ApplicationNameKey) If String.IsNullOrEmpty(m_ApplicationName) Then m_ApplicationName = SecUtility.GetDefaultAppName() End If If m_ApplicationName.Length > 256 Then
Throw New System.Configuration.Provider.ProviderException(SR.GetString(SR.Provider_application_name_too_long))
End If config.Remove(ApplicationNameKey) If config.Count > 0 Then Dim attribUnrecognized As String = config.GetKey(0) If Not String.IsNullOrEmpty(attribUnrecognized) Then
Throw New System.Configuration.Provider.ProviderException(SR.GetString(SR.Provider_unrecognized_attribute, attribUnrecognized))
End If End If Catch ex As Exception Throw New Grb.Framework.Core.Exceptions.FrameworkBusinessException( _ Resources.ExceptionMessages.FrameworkRoleProvider_Initialize, ex) End Try End Sub
Set compilation debug="true" to insert debugging symbols into the compiled page. Because this affects performance, set this value to true only during development.
--> <compilation defaultLanguage="vb" debug="false"> <assemblies> </assemblies> </compilation> <httpHandlers> <remove verb="*" path="*.asmx"/> <add verb="*" path="*.asmx" validate="false" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=18.104.22.168, Culture=neutral, PublicKeyToken=31BF3856AD364E35" /> <add verb="GET,HEAD" path="ScriptResource.axd" type="System.Web.Handlers.ScriptResourceHandler, System.Web.Extensions, Version=22.214.171.124, Culture=neutral, PublicKeyToken=31BF3856AD364E35" validate="false" /> <add verb="*" path="*_AppService.axd" validate="false" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=126.96.36.199, Culture=neutral, PublicKeyToken=31BF3856AD364E35" /> </httpHandlers> <httpModules> <add name="ScriptModule" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=188.8.131.52, Culture=neutral, PublicKeyToken=31BF3856AD364E35" /> </httpModules> <!-- 1 GB maxRequestLength --> <httpRuntime maxRequestLength="1048576" /> <sessionState mode="InProc" timeout="60" /> <!-- note: Set authentication timeout >= session timeout (session timeout will clear authentication timeout upon session_start) --> <!-- note: <forms name="xxxx" value must be unique for each "forms authenticated" web application run on an IIS web server --> <!-- note: For a more secure system, set requiresSSL="true" (and install/setup an SSL key on the web site) --> <authentication mode="Forms"> <forms loginUrl="TimedOut.aspx" slidingExpiration="false" requireSSL="false" timeout="60"/> </authentication> <authorization> <deny users="?"/> <allow users="*"/> </authorization> <membership defaultProvider="FrameworkMembershipProvider1" userIsOnlineTimeWindow="15"> <providers> <clear /> <add name="FrameworkMembershipProvider1" type="Grb.Security.FrameworkMembershipProvider" applicationName="Product1" passwordRetrieval="false" passwordReset="true" requiresQuestionAndAnswer="false" requiresUniqueEmail="true" passwordFormat="Hashed" minRequiredNonalphanumericCharacters="0" minRequiredPasswordLength="4" passwordStrengthRegularExpression="^[a-zA-Z0-9]+$" passwordStrengthFailedMessage="The password must be only alpha-numeric characters." frameworkDomainName="Master" maximumInvalidPasswordAttempts="3" maximumInvalidPasswordAttemptLockoutMinutes="30"/> </providers> </membership> <roleManager enabled="true" defaultProvider="FrameworkRoleProvider1"> <providers> <clear /> <add name="FrameworkRoleProvider1" type="Grb.Security.FrameworkRoleProvider" applicationName="MyApplication1" /> </providers> </roleManager> </system.web> <system.web.extensions> <scripting> <webServices> <!-- Uncomment this line to customize maxJsonLength and add a custom converter --> <!-- <jsonSerialization maxJsonLength="500"> <converters> <add name="ConvertMe" type="Acme.SubAcme.ConvertMeTypeConverter"/> </converters> </jsonSerialization> --> <!-- Uncomment this line to enable the authentication service. Include requireSSL="true" if appropriate. --> <!-- <authenticationService enabled="true" requireSSL = "true|false"/> --> <!-- Uncomment these lines to enable the profile service. To allow profile properties to be retrieved and modified in ASP.NET AJAX applications, you need to add each property name to the readAccessProperties and writeAccessProperties attributes. --> <!-- <profileService enabled="true" readAccessProperties="propertyname1,propertyname2" writeAccessProperties="propertyname1,propertyname2" /> --> </webServices> <!-- <scriptResourceHandler enableCompression="true" enableCaching="true" /> --> </scripting> </system.web.extensions> <system.webServer> <validation validateIntegratedModeConfiguration="false"/> <modules> <remove name="ScriptModule" /> <add name="ScriptModule" preCondition="managedHandler" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=184.108.40.206, Culture=neutral, PublicKeyToken=31BF3856AD364E35" /> </modules> <handlers> <remove name="WebServiceHandlerFactory-Integrated" /> <remove name="ScriptHandlerFactory" /> <remove name="ScriptHandlerFactoryAppServices" /> <remove name="ScriptResource" /> <remove name="WebServiceHandlerFactory-ISAPI-2.0"/> <add name="ScriptHandlerFactory" verb="*" path="*.asmx" preCondition="integratedMode" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=220.127.116.11, Culture=neutral, PublicKeyToken=31BF3856AD364E35" /> <add name="ScriptHandlerFactoryAppServices" verb="*" path="*_AppService.axd" preCondition="integratedMode" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=18.104.22.168, Culture=neutral, PublicKeyToken=31BF3856AD364E35" /> <add name="ScriptResource" preCondition="integratedMode" verb="GET,HEAD" path="ScriptResource.axd" type="System.Web.Handlers.ScriptResourceHandler, System.Web.Extensions, Version=22.214.171.124, Culture=neutral, PublicKeyToken=31BF3856AD364E35" /> </handlers> </system.webServer> <location path="Default.aspx"> <system.web> <authorization> <allow users="*"/> </authorization> </system.web> </location> <location path="Portal.aspx"> <system.web> <authorization> <allow users="*" /> </authorization> </system.web> </location> <location path="Login.aspx"> <system.web> <authorization> <allow users="*" /> </authorization> </system.web> </location> <location path="PasswordChange.aspx"> <system.web> <authorization> <allow users="*" /> </authorization> </system.web> </location> <location path="PasswordForgot.aspx"> <system.web> <authorization> <allow users="*" /> </authorization> </system.web> </location> <location path="PasswordEntry.aspx"> <system.web> <authorization> <allow users="*" /> </authorization> </system.web> </location> <!-- Give ControlLoader.aspx full access and let it check session/authentication validation.
The rational is that if a user is "timed-out" and presses a button to load a control into ControlLoader, the ControlLoader validation will catch this condition and tell the parent page to reload (so the Login page doesn't appear in the modal-dialog).
I'm running windows 7, so I installed on my machine the oracle client version 126.96.36.199.0 (ODP.NET - Oracle.DataAccess version 188.8.131.52) . I'm trying to deploy an asp.net web application to a server that is running windows 2003, which has the oracle client version 184.108.40.206.0 (ODP.NET - Oracle.DataAccess Version 220.127.116.11)
I've been given a virtual dev environment being windows server 2003 and I need to publish a web app to it. I've deployed apps quite easily using the publishing wizard but I'm not sure how to do deploy to a windows server.. can someone please provide a link or a guide on how to do this as I need to set it all up and I really don't know where to start.
I currently have a client with a SharePoint site that wants to incorporate an (already written) ASP.NET application within a webpart in the SharePoint site. The ASP.net application currently uses an IIS impersonation account to connect to the SQL database.
Some added functionality the client is requesting would require me to grab the user's windows login identity to use the SharePoint UserProfileWebService to query the PropertyPages for that specific user. Because the (already written) ASP.NET application uses impersonation, when I grab the WindowsIdentity.GetCurrent().Name, I get the impersonation account and not the actual user's account.
Is there a way to keep the current setup (impersonation account on IIS to connect to SQL) and still grab the logged in user's credentials? Or would a better way about this be to change IIS to consume the Windows Identity of the logged in user and encrypt the connection string in the web.config?
I have built my site using VS.Net 2010 on my XP machine. I would like to deploy it to my server which is a Windows 2003 Server. I have tried to do it with FTP, but it keeps failing with the error that "Front Page Extensions are not installed on the web server". When I check the server the extensions were installed and I also checked IIS and the service for the extension is allowed.
We have multiple websites deployed onto Windows 2003 WebServer running under .NET Framework 2.0 SP1 version and now we want to upgrade it to .NET Framework 2.0 SP2, so just wanted to check that after upgrading the .NET Framework on the server do we also need to re-deploy the websites by recompiling them in .NET Framwork 2.0 SP2 version or it's not necessary as they will automatically start referencing the latest assemblies?
I need to deploy an asp.net 4 website on a windows server 2003 remote server. I have updated the server's .net framework to 4.0 and installed IIS 7. how to deploy the website because I have no idea how to.
when I deploy a website in IIS Windows Server 2003 R2 . First time deploy, it seemed no problem at all (fyi, the one who deploy for the first time is not me, but my friend) but after one or two days this problem occur. I can't browse from IIS and Internet Explorer. In Internet Explorer the page display:
"Internet Explorer cannot display the website." The worse, no error log data ever produced in Application category in Event Viewer.
I've tried change the address from localhost to 127.0.0.1 but the response is still the same. I even tried access just localhost alone. It should display the default homepage from IIS but the response is still the same too. I've checked IIS' Web Service Extension, the Active Server Pages and ASP.NET 2.0 are set to allowed. I also have tried make a virtual directory with just index.html inside and the response is still the same.
FYI: The server seems run in 64 bit (HP Proliant server). The website I build only used ASP.NET Ajax 1.0 and Crystal Report for VS 2005. From the server, I can access the internet but not the localhost.
I want to deploy asp.net 4.0 web site on windows server 2003, Now I already have a classic asp site running on it. Would there be any problem if I install .net 4.0 framework for my new site. Will the existing site (the one in classic asp) be affected?
Can someone point me to a step-by-step guide on how to deploy ASP.Net applications to a totally empty and brand new Windows 2003 Server?The server has ASP.Net and the .Net framework installed on it. IIS is up and running. I have created a new application pool.
I have an application which is used by others on different server without problems. The app was programmed by a programmer who is not available now. It was developed on .net 2.0. The windows 2003 is a new server, asp.net is enabled. from iis, I can configure it to use asp.net 2.0....,
but, when I load the site, it always show the 404. even after I change the default.aspx to a blank page, it still shows 404. however, if I put a default.htm in the folder, and it can be loaded without problems.
what can cause this? how to fix it? if I installed a vs2005 express on the server, will it fix the problem?
it seems the asp.net 2.0 dll is not recognized on server. never had this problem before.
I have the same issue, I have added the On before the Application start, or Session Start and it is still not working.Application_OnStart or Application_Start is not firingSession_OnStart or Session_Start is not firing..Note that in my development environment it is firing (both of the names).When I am adding the Global.asax file, there is only one file (no .cs file). And when I am publishing the project, I am not getting the Global.asax file, I am getting a xxxxGlobal.asax.dll file on my bin folder...
We are running asp.net website on windows server 2003 with framework 2.0 and asp.net ajax 1.0 extensions. now we planned to migrate websites to windows server 2008 r2. since my websites on framwork 2.0, I need to install same framework on windows server 2008 r2 but I didnt find 2.0 version for windows server 2008 r2. Is it possible to install 2.0 version on windows server 2008 r2 ??
I am installing MS Visual Studio 2010 on my PC and will develop website on it. I have developed my old asp.net websites on MS Visual Studio2005.Our webserver where we publish our websites on Windows Server 2003.I want to know that whether we can publish websites develop in MS Visual Studio 2010 on Windows Server 2003?
I have an ASP.NET application that was working fine on my server up until last night when I installed a bunch of windows updates, now it's throwing this exception : System.Security.SecurityException: Requested registry access is not allowed.Unfortunately there is some things that makes this hard to debug. I added the debug="true" attribute to the web.config file to get the line where the exception is lauched. The line identified in my code is an End If and the code just before seems benign :
I have a really weird problem that I've been investigating for at least one week now. I deliver a website hosting both ASP classic and .NET 3.5 content in IIS6 on a Windows 2003 server environment with MySQL db backend. The solution has been installed on several servers (some hosted in WMWare) with no problems. On one specific server, also hosted in WMWare, the user experience great performance issues on the website. The problems are most seen when using database resources and is not limited to either .net or asp classic, but I am still not sure that the problem is only related to database calls.
Following components are involved:
IIS6 .NET FW 3.5 MyODBC 3.51 / 5.1 MySQL 4.x
Code executed on the server using all resources above runs smoothly when the IIS is not involved. The website shows times up to 2 minutes to execute code that takes 2 seconds outside the IIS. The exact same code is executed. Using profiling tools, I've seen that the great loss comes within calls to unmanaged code, for example when System.Data.ODBC namespace to calls into myodbc.dll.
The tricky part is: If at least one console user is logged in to the server, the performace problems are not seen anymore. When the user logs out, the problem appears again.I have tried to reinstall all components above, tried different versions of MyODBC, tried different website authentication methods, tried to run website under administrator privilegies, installed various MS KB's with no success.