3

I came up with a necessity to work with my asp.net mvc site from a remote pc while developing. So, I configured it to use IIS Express.

At first, a problem raised with windows authentication. My site is supposed to work in windows domain intranet, so I wanted to use integrated windows authentication. I managed to make it work on firefox with How To: Firefox and Integrated Windows Authentication from IIS Express Windows Authentication (answer by bees73). But IExplorer still asks to print login/password, even if I open it locally, specifying my ip instead of localhost.

The issue with IE is still not resolved, but let it be - if I print in my credentials, it does work locally.

My question is: when I open my site on a remote PC (both in firefox (no need to print login/password) and IE (I do have to print login'n'password)) my page is rendered without applying styling. It looks like no css is available. But I don't get any errors.

In the source code of the loaded page I do have line

<link href="/Content/Site.css" rel="stylesheet" type="text/css" />

but when I try to see the Site.css, it says, there was some internal server error.

I think I did not configure IIS Express properly and that's the problem. If it was OK, the integrated windows authentication had to work without asking login and password on IE at least I guess.

So, my config:

  1. The project itself - to IIS Express, windows authentication - on, anonymous - off.
  2. netsh http add urlacl url=http://myip:myport user=domainname\mylogin
  3. netsh http add iplisten ipaddres=myip
  4. in applicationhost.config:

Bindings:

<site name="MySite" id="2">
    <application path="/" applicationPool="Clr4IntegratedAppPool">
        <virtualDirectory path="/" physicalPath="D:\..." />
    </application>
    <bindings>
       <binding protocol="http" bindingInformation="*:myport:localhost" />
        <binding protocol="http" bindingInformation="*:myport:myip" />
    </bindings>
</site>

Authentication:

<sectionGroup name="authentication">
   <section name="anonymousAuthentication" overrideModeDefault="Deny" />
   ...
   <section name="windowsAuthentication" overrideModeDefault="Allow" />
</sectionGroup> 

<authentication>
    <anonymousAuthentication enabled="false" userName="" />
    ...
    <windowsAuthentication enabled="true">
        <providers>
           <add value="Negotiate" />
           <add value="NTLM" />
        </providers>
     </windowsAuthentication>
</authentication>

<add name="AnonymousAuthenticationModule" lockItem="true" />

<location path="MySite">
    <system.webServer>
        <security>
            <authentication>
                <anonymousAuthentication enabled="false" />
                <windowsAuthentication enabled="true" />
            </authentication>
        </security>
    </system.webServer>
</location>
Community
  • 1
  • 1
horgh
  • 17,918
  • 22
  • 68
  • 123
  • Check your css path to make sure it is relative. Use the debug tools in firefox or chrome to see if you are getting any network errors when trying to load the file. Also open up fiddler and see if it offers any insight. – John Koerner Oct 25 '12 at 01:40
  • @JohnKoerner I tried to go to Site.css through FireFox page source code viewer, and got a message, saying, there was an internal error on a server – horgh Oct 25 '12 at 01:43
  • @JohnKoerner CSS is relative: `http://myip:myport/Content/Site.css` – horgh Oct 25 '12 at 01:45
  • [Turn custom errors off](http://stackoverflow.com/questions/5385714/deploying-website-500-internal-server-error) and see what the error is. It could be a permissions error. – John Koerner Oct 25 '12 at 01:51
  • @JohnKoerner I don't get any error at all. The only way to get an error is to refuse authorization dialog in IE, then I get HTTP 401.2 - Unauthorized – horgh Oct 25 '12 at 02:13
  • @JohnKoerner if I print localhost instead of my ip, I am not asked for authorization – horgh Oct 25 '12 at 02:14
  • You said you got an error when you tried to go to site.css. So do that again with the custom errors off. – John Koerner Oct 25 '12 at 02:17
  • @JohnKoerner that is HTTP 500.0 - Internal Server Error. From IIS Express logs, it's bad impersonation level – horgh Oct 25 '12 at 02:27

3 Answers3

4

The problem was connected with netsh and binding configuration in ISS Express. At first I setup it through my ip, and it resulted in confusing errors.

While searching for anything in the web I ran across Setting up IIS Express. All the same there, but it's suggested using pc name in netsh and iis applicationhost.config.

So, I added 

netsh http add urlacl url=http://MyPCName:MyPort/ user=everyone

and

<binding protocol="http" bindingInformation="*:MyPort:MyPCName" />

and a miracle!! It worked.

As for the IE, I had to turn off the "Use Windows authorization" flag to make it work. Many thanks to Internet Explorer - Enable Integrated Windows Authentication. But nevertheless IE still asks for login and password, if an ip is used in url. If pc name is used it works silently.

Firefox either asks for login and password (and works if one enters valid credentials) or you should apply How To: Firefox and Integrated Windows Authentication (mentioned in my question) and then it works silently both with ip and pc name.

Hope this helps someone else.

EDIT

One remark: I had to launch VS2010 with administrtor permissions. If not, I still get HTTP 500 error based on the bad impersonation error. So, it looks like IIS Express, launched by VS2010 without administrator permissions under Windows 7, won't be able to work correctly.

As far as I understood, the clue is to give the appropriate permissions to IIS_IUSRS. But until that it's easier to launch VS 2010 with administrator privilages.

horgh
  • 17,918
  • 22
  • 68
  • 123
2

It may be due to the error in resolving the root path where Css is located. You can try with Url helpers to resolve this issue.

<link rel="stylesheet" type="text/css" href="@Url.Content("~/Content/Site.css")"  media="screen" />

In Asp.net development server(In visual studio environments) <link href="/Content/Site.css" rel="stylesheet" type="text/css" /> will work fine.. but while hosting in IIS, root path cannot be resolved using a relative path. With the help of Url helpers we can resolve this issue. Using Firebug you can see the load error of resources if any.

Edit:

In the web.config under the <system.web> section modify as follows.

 <system.web>
  <identity impersonate="true" userName="ServerName\Administrator" password="password"/>
 </system.web>

Give the proper values for username and password. You can try giving folder permission to the IIS user groups(IUSR ,IIS_IUSR) to the folder where application is hosted.(Right click the hosted folder -> Properties under the Security tab, you can find the user groups and can give permissions)

amesh
  • 1,311
  • 3
  • 21
  • 51
  • This is my css link from _Layout.cshtml: . How am I expected to improve it???? Besides everything works, when I access site from local machine – horgh Oct 25 '12 at 04:26
  • Debug the webpage in the remote machine using Firebug(Its a free web debugger plugin). You can see the errors of loading any resources under the `errors` tab. You will get a start from there. – amesh Oct 25 '12 at 04:31
  • It's 500 internal server error...on iis error code says: bad impersonation – horgh Oct 25 '12 at 04:53
  • +1: The reason was completely different (please, see my answer), but anyway, thank for your time and effort! – horgh Oct 25 '12 at 06:10
-1

try placing a web.config file in you Content folder. and put the following code in it.

<?xml version="1.0"?>

<configuration>
    <system.web>
        <authorization>
            <allow users="*" />
        </authorization>
    </system.web>
</configuration>
th1rdey3
  • 4,176
  • 7
  • 30
  • 66