You need URL Rewrite module, preferably v2 (I have no v1 installed, so cannot guarantee that it will work there, but it should). Here is an example of such web.config — it will force HTTPS for ALL resources (using 301 Permanent Redirect): <?xml version=”1.0″ encoding=”UTF-8″?> <configuration> <system.webServer> <rewrite> <rules> <clear /> <rule name=”Redirect to https” … Read more
If using IIS: control panel Programs open or close windows features tick internet information services then restart your visual studio If using IIS Express: Open ‘Add/Remove Programs’ from the old control panel and run a repair on IIS Express Or you might go Control Panel ->> Programs ->> Programs and Features ->> Turn Windows features … Read more
Got precisely the same error and came to this question. As @SpaceBison mentioned in comments, this answer describes the solution – https://stackoverflow.com/a/12867753/404099. I spotted it too late and it misses some steps. This is what worked for me: Windows Server 2012, IIS 8.5. Should work for other versions too. Go to server manager, click add … Read more
In asp.net WebApi v2, the OWIN pipeline becomes the default. It is eventually going to be the standard pipeline under any asp.net project. I cannot put it better than what is written here : http://www.asp.net/aspnet/overview/owin-and-katana/an-overview-of-project-katana The section “The Open Web Interface for .NET (OWIN)” explains perfectly the goals of OWIN. Without OWIN, the asp.net bits … Read more
Try to re-register ASP.NET with aspnet_regiis -i. It worked for me. A likely path for .NET 4 (from elevated command prompt): c:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_regiis.exe -i http://forums.iis.net/p/1190643/2026401.aspx
If you need to get the user from within the controller, use the User property of Controller. If you need it from the view, I would populate what you specifically need in the ViewData, or you could just call User as I think it’s a property of ViewPage.
Application pools allow you to isolate your applications from one another, even if they are running on the same server. This way, if there is an error in one app, it won’t take down other applications. Additionally, applications pools allow you to separate different apps which require different levels of security. Here’s a good resource: … Read more
If your page does not modify any session variables, you can opt out of most of this lock. <% @Page EnableSessionState=”ReadOnly” %> If your page does not read any session variables, you can opt out of this lock entirely, for that page. <% @Page EnableSessionState=”False” %> If none of your pages use session variables, just … Read more
In Windows 8/10, you have to use Open Control Panel → Programs and Features → Turn Windows features on or off → Internet Information Services (IIS) → World Wide Web Services → Application Development Features → Check the appropriate items, such as enabling ASP.NET. (i.e install the appropriate version you want to configure your websites … Read more
This is a very good question and sadly many developers don’t ask enough questions about IIS/ASP.NET security in the context of being a web developer and setting up IIS. So here goes…. To cover the identities listed: IIS_IUSRS: This is analogous to the old IIS6 IIS_WPG group. It’s a built-in group with it’s security configured … Read more