Hi, I am developing a simple authentication webapp to test OWIN, but on my IIS8.5 the cookie authentication does not work after restarting IIS. Do you have any idea what the problem is?
You can also take a look at my StackOverflow post: http://stackoverflow.com/questions/39661593/owin-cookie-authentication-not-working-on-iis-8-5
Thx,
Danny

After following you article I'm getting blank page when I run the app as localhost/myPublishedFolder. What I may be missing? I've VS2015 and ASP.NET Core 1.0 on Windows 10. This is an ASP.NET MVC Core app on local machine.

Thanks so much for writing this excellent article. I was scratching my head and Googling for a couple hours before I came to this site, and now everything is so clear. Very well done, and very much appreciated.

in addition to get all headers list

.

Fantastic...after so many Hello World...this is the best, it explains how things work...!!!

Gives me confidence now..to move ...

In in your "Hooking into Drag Events" section, you erroneously list the hook as "onDragStop", but when you list the code in the "Implementation" section, you show that it's actually "onDragEnd".

Just wanted to point out a typo and maybe save someone 5-10 minutes.

David

Application Initialization module is available for IIs 7.5 onwords.Can you please help me to find some solution for IIS 7.

Can I access MySettings from a razor file?

I'm used to having MySettings as a static class and been able to access it anywhere by doing MySettings.MyValue

Can't figure out how to use the method in this tutorial in a razor view

Hi Rick,
I have a MVC4 web site which is currently uses simple membership and sql server for user management. Some of my users are already authenticated through facebook. I want to upgrade to OWIN identity to get the google authentication working. I was wondering if OWIN can consume existing user information in sql server or it has a different schema?

Thanks

This was a life-saver. I, too, consider myself at least an advanced level IIS admin but recently a co-worker had this exact issue and I was stumped. It has been a long time since I've seen a corrupted config so it wasn't on my radar. He just had a forced Windows 10 updated that ended up failing/freezing in the middle. His situation had nothing to do with using any beta releases of anything. This was a simple Windows update fumble which corrupted his IIS configuration. As you mentioned, uninstalling IIS and reinstalling it didn't do anything.

Thanks so much for the write-up!

when they exist an application with a 0000 decimal value here HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION, what does this mean?

Very helpful - Looking forward to the Conference next week: http://west-wind.com/WebConnection/training/DI_SWFox2016

when HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION has a keyname applicationname.exe, and this is set to a decimal value of 0, what does this mean?

@Pablo - unfortunately there are a number of issues with the renewals in Certify. Renewals don't appear to install the proper certificates into the Windows Cert store.

I've actually stepped back from Certify and I'm now using LetsEncrypt-win-simple which seems to be working better with renewals. Recent updates have also made this process much more seamless to get the certs created.

I wish I had time to help out with Certify - it seems such a shame that the project is largely abandoned by the developer (for the same time constraints). It'd be so nice to have a visual way of doing this in addition to the ACME library based solution.

I contacted the dev for the Certify program concerning how to handle automated renewals. I suggested adding a command line option to allow us to set a scheduled task. He responded with this:

"At some point in the future I intend to add auto renew as a service to the app. Until then though you could use the ACMESharp powershell scripts (which Certify uses) to script any action you like including renewal."

I'm hoping he develops something soon since Certify has been the easiest way to generate certs so far.

Thanks a million. Had exact same problem and didn't find a solution until stumbling into your splendid post.

You Saved my ass

<!DOCTYPE html>
<html>
<head>
<meta http-equiv="X-UA-Compatible" content="IE=edge" />
... other headers
</head>
<body>
... content
</body>
</html>

This really Worked thanks

@knagis - ah yes didn't think of that since this is a desktop application and not likely to use that to zoom text. I have a feeling that the zoom operations would still trigger key or scroll operations. I noticed when using the scrollwheel to zoom the keystrokes were actually triggered. I don't have a Windows touch device handy - maybe somebody can try that out and see if either of htese events fire in response to pinch zoom.

If that doesn't work then I guess you have to look at the mspointer events and gestures perhaps? https://msdn.microsoft.com/en-us/library/hh673557(v=vs.85).aspx.

How about pinch zoom on touch devices?

Hi Rick,
I have been working on the SignalR project. The project has 3 parts.
1. SignalR Hub - it runs as a Windows service on 2 different servers with SQL as back plane (SQL authentication).
2. SignalR web interface - it sends messages to clients vis the hubs
3. SignalR client - it receives the messages from web interface.

No windows authentication is used.

This project works fine when I have only one hub. However, when I have 2 hubs running on 2 different servers. I started to get random "ConnectionId is in incorrect format" errors.
I tried to add the static machine key on the hubs but it still failed.

Would you please help us to resolve the issue?
Thank you very much for your help.

How did Microsoft ever create the idea to not use the process' id to use with the performance counter... Doesn't make sense at all for me but ok. Thank you for this snippet, Rick. Works great :)

Nice bit of problem solving! You may want to consider handling CRTL-0 (zero). Reset to 100%.

Just realized that apostrophes are not encoded either, which messes up attempts to use generated urls in JavaScript calls.

I have the following:


The route values contain the user's email address. If this contains an apostrophe the JavaScript parameter gets wrongly truncated, producing something like


As a rough fix replacing apostrophes in the generated link works, but this is truly awkward:

Hi,

Would you have any ideas about clustering an asp.net web application on linux systems for multi core machines ?
I wonder if we need to do anything special for clustering or not. I previously using clustering on my nodejs web applications.

Regards

This was extremely helpful. I just converted my blog to flexbox and has this exact issue, and now it's resolved! Thanks!

Great article for beginners.
Thanks Rick!!

Great write up Rick. Also, no need to "restore" to a mac, all of these steps can be followed along from a mac directly from scratch. So awesome.

@MGorgon - uhm no. It depends on the rules for the Digest creation which can vary - different protocols, potentially different organization of the layout.

Not sure what you mean. If you change the behavior of an encrypted field then yes you'll have a problem because the behavior change is likely to result in invalid encryption keys. Once encrypted you can't make changes to the structure, encryption key or default field behavior otherwise existing values won't work and non-encrypted data can get encrypted. The class doesn't internally know whether the data is encrypted or not - just assumes when read the data is encrypted and when writing the data is not encrypted (yet).

Hi,
I followed your examples and built several 'projects' using the following simple folder structure : example 01, example 02, etc... Note the space in the folder names.
Everything built fine until I got to the mvc views example.
Turns out the space in the folder name was the culprit. Everything builds fine when the folder contains no spaces, otherwise you get an error like 'error CS2001 source file [path]views.deps.json could not be found'
Anyone else having the same issue or is it just my computer?
Steven

Your PasswordDigest is calculated wrong.
Here's the valid code:

public static string GetPasswordDigest(string nonce, string created, string pass)
{
byte[] bNonce = Convert.FromBase64String(nonce);
byte[] bCreated = Encoding.UTF8.GetBytes(created);
byte[] bPass = Encoding.UTF8.GetBytes(pass);
byte[] bAll = new byte[bNonce.Length + bCreated.Length + bPass.Length];

Buffer.BlockCopy(bNonce, 0, bAll, 0, bNonce.Length);
Buffer.BlockCopy(bCreated, 0, bAll, bNonce.Length, bCreated.Length);
Buffer.BlockCopy(bPass, 0, bAll, bNonce.Length + bCreated.Length, bPass.Length);

return Sha1Base64Digest(bAll);
}

public static String Sha1Base64Digest(byte[] phrase)
{
SHA1CryptoServiceProvider sha1Hasher = new SHA1CryptoServiceProvider();
byte[] hashedDataBytes = sha1Hasher.ComputeHash(phrase);
return Convert.ToBase64String(hashedDataBytes);
}

Hi,

settings encryption is buggy if the configuration class was extended (e.g. in a new version of the application) - tries to decrypt non-encrypted default values.

Regards,
Andrejka

I have tried your examples and there is something missing or our site is not configured due to Ninject that make it so the events don't fire. In the filter example the constructor for the basic fires (twice) and then even though I have the overridden OnAuthorizeUser hard coded to return false just for testing the method on the controller is still fired. The overridden OnAuthorization in the basic filter is overridden but it never fires.
Is there something I am missing?

@Ed - yes running inside of a VM will affect font sharpness drastically. If you're using Parallels playing with the varying scaling options can improve sharpness. I run my MBP mostly using Bootstrap in native Windows and sharpness is great at native 100% resolution.

Looks great - I did notice you're running a Mac Book though. I'm interested that you didn't have any problems with sharpness. I had problems on my Mac Book's second output in Windows (fonts didn't look as sharp), but your post got me thinking that it could be down to one of the following:

1. That I was running Windows inside of virtualization software on the Mac instead of natively
2. DPI scaling not being great as the second monitor was a "standard" dpi monitor. The Philips screen you've got will be high DPI

Sounds like I need to experiment with a few things

Thank goodness, it was a Pebkac issue.

At some point, they went from publishOptions exclude to publishOptions include, and I horked it up.

Once I figured out that it was serving static files, it became easier to track down.

Whew. I am always satisfied when it is idiot developer issue and not something more serious.

We're using this old hulking C++ MFC application and, you guessed it, the ActiveX WebControl stuck in IE 7 Land. We absolutely do not want to rely on HKLM keys though for server installation reasons where we'd then have to involve IT departments, explain ourselves as they look at us sternly, etc.

So I just added the infamous
<meta http-equiv="X-UA-Compatible" content="IE=9" >

... and I got out of IE 7 Land. :) No HKLM key necessary here at least.

I would imagine this behaviour will be due to the TCP window all the way down at the network layer. Part of the TCP networking code involves having a "window" of packets that get sent by the server before the client acknowledges the packets. The server will send these packets before you read any data from the socket, but will stop if you close the connection.

Using the range requests is the correct solution, as this will stop the server from sending any data that you don't want. If the server does not support range requests, you would need to look at ways to reduce the TCP window if you want to stop the server from sending too many packets before you have a chance to close the socket. I'm not sure if this is even possible through any of the .Net HTTP client libraries.

Also note that based on the wireshark traces, you will receive data 1514 bytes at a time, of which 1460 bytes will be payload data (there are 14 bytes ethernet header + 20 bytes IP + 20 bytes TCP). This means that for larger web pages you will receive data in 1514 byte chunks, and cannot receive only 1000 bytes for example.

If you are waiting to read any part of the HTML, you will need to receive enough packets for all the HTTP headers plus any HTML content that you want to read.

@Rick - I'm looking to do the same thing as @jdan, mostly because my client isn't ready for .NET Core yet. The only difference is that this will be deployed either on-prem or in Azure. Any reasons in particular why you'd recommend sticking with standard ASP.NET when targeting .NET Framework? Just want to make sure there's not something I'm unaware of before I go too far down the "ASP.NET Core with .NET Framework" path.

Rick:

I totally agree it should work.

I'm guessing my scenario is one that is going to be pretty common. I have a dependency that cannot as of yet be recompiled under .NET Core, so I have an otherwise 'pure' Asp.NET Core using all its shiny new features, but I have to target 461 until the dependency can be updated.

Trying various build options to see if that works.....

Hi Dear Rick,

Thanks for your excellent work!

I HAVE A QUESTION PLEASE HELP ME.

HOW TO USE CreateController<T> by sending controller string name instead controller type name
like this:
CreateController<HomeController> to CreateController("HomeController")

@Brian - Yeah the post was originally written for RC2 and then updated for RTM so I think the emitEntryPoint setting got added to the default template properly.

@jdan - Yes I haven't tried targeting net461 so not sure how that would work, although that's definitely a scenario that should work. Personally I think if you are targetting 461 you're better off just creating a standard ASP.NET app rather than a core app, but regardless this should work. I can't check this right now as I'm out travelling, but maybe somebody else can confirm that they got running net461 working under IIS.

Re: IIS Express - you can enable remote access with IIS Express by opening up the ports you can use 'netsh add urlacl url=http://*:23434/ user=username listen=yes'. Not automatic for sure, but it works.

I just spent hours/days trying to work with this and the asp.net docs (which I don't think are anywhere near as good as you suggest, but there you go), cursing all the while, wondering why this didn't work when I realized I was under a slightly different scenario:

I am creating an ASP.NET core app, but have to 'target' (not sure that's the right terminology here) net461 as the framework.

This creates an exe, not a dll, just for one obvious difference, but ultimately, the main difference is that I just don't think this scenario works yet. I can get a site deployed locally, but it just doesn't work (stdout tells me there's something running at a local port that is being fronted by IIS) but the site doesn't produce any output. No errors, just doesn't work.

BTW, I completely disagree about not being able to run under IIS for development. There are SO many differences running under IIS Express, the very least of which is, say, trying to browse from another machine to your dev box to test different scenarios (like, say, hitting it with a real mobile device instead of emulation). But that's another topic.

Hi @Guiseppe,

You can load it in to the configuration class like so:



I use this approach to inject the configuration class directly in to my IOC container in order to avoid the IOptions<> cruft

Hi Rick,

This is great. My web site when created had "emitEntryPoint": true in build options and was creating an .Exe by default. When I deployed it to IIS it worked fine. I wanted to change it to a DLL so I don't have to recycle the app pool every time I publish. I made the changes to web.config to processPath="dotnet" arguments="websitename.dll" (previously processPath was the .exe and arguments was empty). But now I get HTTP Error 502.5 - Process Failure and in the event log it just has:
Failed to start process with commandline '"dotnet" websitename.dll', ErrorCode = '0x80004005'.

Any other steps you are aware of to fix that, it seems Visual Studio defaults has emitEntryPoint: true when it creates a web site.

Thanks!

Brian Edwards

Hi Rick,

I'm having the same issue as Raman:
The namespace "Microsoft.Extensions.Options.ConfigurationExtensions" doesn't exist in Core 1.0.0 and hence there's no method signature that allows me to call "services.Configure<MySettings>(Configuration.GetSection("MySettings"));"
Could you explain exactly which package you get "Microsoft.Extensions.Options.ConfigurationExtensions" and the extension method from?
Is it really still the same (I just recently upgraded to Core 1.0.0 so I might be missing something)?

// Uli

Great articles, that's the approach I was looking for...very very good stuff :)

Thanks Rick

I am loving where dotnet core is going - stripping back dotnet and making a clean lean version of it.

But whats up with the project files?
is MS backing up and reverting to csproj files or staying the xproj course? - is the framework all changing again come core 1.x ?
the dot net core message seems to be very confused.

The lack of basic support and functionality for what is branded as a 1.0 release is very disconcerting.
So many people are having problems getting core to work meqaningfully is very little solutions beingf offered.
The biggest of all of them is an example that works with asp dotnet core and dotnet 4.5 libraries.

This is a basic necesity for me (or anyone else?) to do anything more than glorified hello world.

*hopping down off my soap box*

that said if anyone can point me to an example of how to use asp dotnet core with libraries and same solution projects that does not require an ugly hack,.. Please please! ;)

All of these future plans are great but if noone uses it, it looses mindshare along with relevence. :(

This is an awesome article.

While I rather dislike the design/layout/color of the website, I love your articles a lot.

They provide me in-depth information with a very good context, even if I have few background information of a topic. After reading your articles, I do _have_ good knowledge :-)

I am not surprised by the permission issue when attempting to ping. I had the same thing happen with Cygwin and for the same reason. As Ben indicated, the solution is to run the shell as administrator.