Asp.net - IIS7 Itegrated Pipeline Mode: Context.User Is Intermittently Null For Windows Auth?
May 19, 2010
Our code relies on checking the Context.User.Identity value in the Global.asax Application AuthenticateRequest(...) method to retrieve some information about the logged in user. This works fine in classic mode but when I flip IIS to use the Integrated Pipeline "Context.User" comes back as null, but only intermittently.I have < authentication mode="Windows"> and only Windows Auth enabled in the Virtual Directory.
we are running a complex 64-bit ASP.NET 2.0 application on W2008 R2 Standard and stress tests done with VS2008 Team System have indicated that integrated pipeline mode is 30% slower than classic mode.
We have compared the application traces extensively and it appears that integrated mode is uniformly slower than classic. That is, there is no single point that causes delays in integrated mode.
This is quite the opposite to everything Microsoft says about the integrated pipeline, so it might be that there is something quite wrong with the configuration of the integrated mode or the server. But we have not found any settings that would have any effect on this. Some complaints that Sharepoint and reporting services are slower in integrated mode can be found, but our application does not use them so this is quite likely unrelated.
am trying to write an HttpModule that will work in IIS7 with integrated pipeline mode AppPool. Within this module I need to access Session variables and to be able to capture the Session Start and End events. I have found a couple of articles on this topic that indicate the need to modify the behavior of the HttpHandler in PostAcquireRequestState to force the Session for the context to be initialized. The article I am using as a template is posted here:[URL]In my case I am getting the following error:
[NullReferenceException: Object reference not set to an instance of an object.] System.Web.PipelineModuleStepContainer.GetEventCount(RequestNotification notification, Boolean isPostEvent) +30 System.Web.PipelineStepManager.ResumeSteps(Exception error) +1112 System.Web.HttpApplication.BeginProcessRequestNotification(HttpContext context, AsyncCallback cb) +113 System.Web.HttpRuntime.ProcessRequestNotificationPrivate(IIS7WorkerRequest wr, HttpContext context) +616
I believe that this error implies a problem with attempting to attach an event handler multiple times. I am aware that the modules Init function can be called more than once and have set a static initialization flag which ensures that I will only ever attach the event handler once.In the most condensed form my code is as follows:
public class HttpModule : IHttpModule, IRequiresSessionState
We're running IIS7 and have windows authentication enabled. Everything else is disabled. When we go to the page though, we aren't prompted for a windows logon, but are redirected to the default forms authentication login page (Accoun
I need an app pool recycle to be completely transparent to the users of my web app. I use ASP.NET 3.5 MVC 1.
Currently, upon an IIS 7 App Pool recycle all users logged into my web app are kicked out and are required to log back in (Context.User.Identity.IsAuthenticated is set to false). I employ SQL State Server, I use forms authentication and both are configured to use cookies. I was under the impression that .NET and/or IIS handles authentication of cookies.
However, every time the app pool is recycled Context.User.Identity.IsAuthenticated is set to false my users are kicked out and are required to log back in. I can see that the session id remains the same throughout logins, I can also view this session information in the database/state server.
Firstly there's a great overview of the IIS7 HTTP request lifecycle and various settings that affect performance here:
ASP.NET Thread Usage on IIS 7.0 and 6.0
Very specifically though, in dotNet 4 the defaults for maxConcurrentRequestsPerCPU and requestsQueueLimit are set to 5000. E.g. equivalent to: (in aspnet.config):[code]....
Seems to me that on a multi-CPU/core server the requestQueueLimit here will always be invoked well berfore the 'perCPU' limit. Thus, if a max of 5000 requests per CPU is what you actually want then I would expect that the requestQueueLimit needs to be increased to 5000 * CPUCount or just disabled altogether.
Is my interpretation correct? If so can I disable requestQueueLimit? (set it to zero?). The documentation on this setting doesn't appear to address this question (so maybe I'm missing something or misreading?)
** side note from the above article: The requestQueueLimit is poorly named. It actually limits the maximum number of requests that can be serviced by ASP.NET concurrently. This includes both requests that are queued and requests that are executing. If the "Requests Current" performance counter exceeds requestQueueLimit, new incoming requests will be rejected with a 503 status code)
I've used the UrlRewriting.Net module for a couple years now without any problems in Windows XP and Windows 2003. I just recently upgraded my home PC to Windows 7 and started developing a new website.The plan was to use .html extensions and rewrite them to their .aspx counterparts using the UrlRewriting.Net module. Everything works flawlessly in VWD 2008, but when I try running it through IIS7 it is a different story.
When I try to access a page via the .html rewrite I can no longer access Page.User; it keeps returning null. If I hit the page using it's .aspx extension, Page.User is correctly populated. I should also mention that I have a LoginView controller in my Master Page and it suffers from the same symptoms: When accessing via .html extension it shows the AnonyousTemplate; When using .aspx extension it properly shows the LoggedInTemplate. I'm guessing the two are related.
[Note: I've also tried extensionless URLs and they exhibit the same problem]
The only way I've gotten it to work is to switch the application pool to Classic, which then requires me to add an ASP.Net ddl handler for the .html extension [otherwise it is handled by the StaticFileHandler and comes up as a 404 error]. However, I'd like my web app to run properly for people without having to fiddle around with IIS.So I am left with several questions:Does anyone have ideas as to why Page.User always equals null for .html => .aspx rewritten pages?
Why does it work in VWD 2008, but not IIS7?
What changed from IIS6 => IIS7 that could have caused this?
[Note: I just tried a .aspx => .aspx rewrite and it did not exhibit the problem. Not really what I want, but thought I should mention it.]
Is it possible to check if our code is executing in Integrated Pipeline Mode or not?
There are some ASP.NET class properties that only work in Integrated Pipeline Mode, and I want to avoid raising an exception if there is a way to test if our code is executing in that environment or not.
[FYI - Posted the same thing over at StackOverflow]I've used the UrlRewriting.Net module for a couple years now without any problems in Windows XP and Windows 2003. I just recently upgraded my home PC to Windows 7 and started developing a new website.The plan was to use .html extensions and rewrite them to their .aspx counterparts using the UrlRewriting.Net module. Everythingworks flawlessly in VWD 2008, but when I try running it through IIS7 it is a different story.
When I try to access a page via the .html rewrite I can no longer access Page.User; it keeps returning null. If I hit the page using it's .aspx extension, Page.User is correctly populated. I should also mention that I have a LoginView controller in my Master Page and it suffers from the same symptoms: When accessing via .html extension it shows the AnonyousTemplate; When using .aspx extension it properly shows the LoggedInTemplate. I'm guessing the two are related.[Note: I've also tried extensionless URLs and they exhibit the same problem]The only way I've gotten it to work is to switch the application pool to Classic, which then requires me to add an ASP.Net ddl handler for the .html extension [otherwise it is handled by the StaticFileHandler and comes up as a 404 error]. However, I'd like my web app to run properly for people without having to fiddle around with IIS.
So I am left with several questions:Does anyone have ideas as to why Page.User always equals null for .html => .aspx rewritten pages?Why does it work in VWD 2008, but not IIS7? What changed from IIS6 => IIS7 that could have caused this? Any other thoughts on workarounds?[Note: I just tried a .aspx => .aspx rewrite and it did not exhibit the problem. Not really what I want, but thought I should mention it.]
I try to install IIS 7 on my Win 7, whenever I check . Net Extensibility . AsP .net under Application Development Feature and run http://localhost I get http error 500.24. An asp .net setting has been detected that does not apply in Integrated managed pipeLine mode
I am trying to export crystal report to pdf inĀ asp.net, though the code is working well on localhost but on server I get error
HTTP Error 500.23 - Internal Server ErrorAn ASP.Net setting detected that does not apply in Integrated managed pipeline mode.
The crystal report is showing abnormal behaviors.I am using a CrystalReportViewer on which i have set the CrystalReportSource1 using the viewer Tasks.
The code on page load is :-
cn.Open(); DataSet ds = new DataSet(); string sql = "select * from Test"; OleDbDataAdapter da = new OleDbDataAdapter(sql, cn); da.Fill(ds);
[Code].....
During the troubleshooting i encountered another unusual issue, where i tried a new crystal report with just simple report. That simple crystal report is not showing data & the toolbar images are not rendered. I googled on this but didn't found conclusive thing.
I am working on a site that uses windows authentication, but I have one page for password resets that I want to allow anonymous access to.I have tried doing authorization, allow users="*", but it doesn't appear to work with this.Do I need to have another seperate site for this section?
I'm trying to setup my IIS 7.0 MVC2 site but having problems.I want to use Integrated Security so that the app can obtain the user's credentials. We can then do a look-up of some AD groups to determine what they can do from that point onwards.The problem is - Every time we browse to the application, instead of navigating to our main page immediately, we get a login prompt provided by IE. I've read that we need to make sure that in the browser's Tools->Options->Advanced-> (Securiy-> ENable Windows Intagrated Security) must be checked - which it is on ALL 3 machines where I try this.
The machines AND the server are all in the same domain.My config file states <authentication mode="Windows" /> and I've tried every combination for <identity...> and <authorization...> but to no avail. I can only get the "login" prompt to go away if I enable Anonymous Authentication - but then I can't detect the windows user or their group membership.
Is it possible to request an X509 certificate from a client without configuring the application to use Windows Authentication? The purpose would be to press an asp.net button and "digitially sign" a web-form's contents. I do not need any login information, just the X509 cert.
I wanted my local iis running application to connect my database in sql authentication mode rather than windows mode,
but it is showing errors of " Cannot open database "aspnetdb" requested by the login. The login failed. Login failed for user 'DBUser'. ". i also ublocked port from firewall,and allowed remote connection of mssql from sql manager, enabled TCP/IP and named piped protocols from SQL surface config, and with sql manager i also changed server authentication mode to sql from windows. my datastring is <add connectionString="Data Source=PARTHIV-PCSQLEXPRESS;Initial Catalog=aspnetdb;User ID=******;Password=******/" name="LocalSqlServer" providerName="System.Data.SqlClient" />
i made a user named DBUser in database as well i don't understand where it gone wrong ???
if it is possible to use a WCF Dataservice as the MemberShipProvider for a forms auth application. I have written code for a provider (below), but I do not know what to do as far as a connection string, or any other web.config properties. Please Help!!! Here is the code for my provider, anytime it says Odbc that is because I based this off of the custom Odbc provider on the msdn site. The only ACTUAL references to any odbc connection are in the comments:
Been scratching my head on this one today quite a bit. Time to ask the guru's.Implementing your basic Forms Auth for a 2.0 web app in conjunction with SQL Membership Provider and Role Provider. Web.Config from virtual directory root
[Code]....
All other subdirectories do not contain web.config files but rather wanted them to just work off inheritence from the root web.config. Upon publishing of this setup - I am having one hell of a time maintaining the user 'authenticated' state. (Not sure if that's the best explanation of what is going on.. but)
I have been trying to avoid the windows login userid and password window when I use the Windows Authentication mode for a web site. I need to capture the the windows logon user name without prompting for the user id and password and display that on the web site. I had tried almost everything... changed authentication,security setups on IE and IIS etc... still not being able to avoid the window...
I am trying to get a asp.net 4.0 beta 2. website running that is working on my dev machine, but not when I published to my server. Where I get the HTTP 500.22 error when using the 4.0 as application pool and "Integrated" in "Managed Pipeline Mode".
I'm having a tough time implementing mixed-mode authentication (windows & forms based) for my application using IIS 7. Doing it in IIS6 is easy, but the process doesn't translate to 7/7.5 - and my research has led to me to conflicting answers, none of which.
I have redirect page called WindowsLogin.aspx, and a forms-based one called Login.aspx. I'm having difficulty enabling Windows authentication for just WindowsLogin.aspx.