473,320 Members | 1,951 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,320 software developers and data experts.

IIS/ASP.NET not recognizing writes to web.confg


I'm experiencing problems related to IIS/ASP.NET not recognizing writes
to web.config that my web application performs.

Specifically I have a web application that provides an interface
allowing authenticated domain users to be written to the "authorization"
section of the web.config file. Since i'm using Integrated Windows
Authentication, these users should then be able to issue the various
HTTP POSTS to the web application. However what I'm seeing is that the
users I add to the web.config file still are unauthorized.

IIS/ASP.NET simply doesn't detect modifications to the web.config file
I'm doing programmatically in my web application using the .NET
Configuration / WebConfigurationManager API.

If I use a non programatic way of modifying the web.config file after a
user has been added i.e. use notepad to open web.config. and save,
without making any changes, then IIS/ASP.NET recognise the change to
web.config and now the users become authorized to use my web
application.

Is this a bug?

-John Gonsalves

*** Sent via Developersdex http://www.developersdex.com ***
Mar 28 '07 #1
15 1794


By the way, I'm using .NET 2.0 and my web application is running on
Windows 2003 Server Enterprise Edition.

-John

*** Sent via Developersdex http://www.developersdex.com ***
Mar 28 '07 #2
If your code is able to add the users to the config file, could you
try adding the users programatically and then restarting the site
once, and then test it? Normally a web.config change causes the site
to be reloaded in memory for future hits, but the current requests
are served using the old settings. I am just taking an educated guess
but maybe when you are modifying the config file programatically, the
site never gets unloaded from memory to allow the new settings to take
effect.

If this is the case, maybe you can try picking up the users
dynamically from another xml file instead of web.config, which i think
is always tricky to modify on the fly.
Hope this helps.

Latish

Mar 29 '07 #3


I still have not received a response that works.

The feature I'm trying to use is the one where "allow users=" in the
authorization section while using Integrated Windows Security enforces
who can access the web application.

One of the services this web application offers is the ability to issue
a http post that includes a domain/user who I desire to give
authorization to (i.e. they are added to the web.config authorization
section using the Configuration / WebConfigurationMgr API).

Unfortunately IIS does not recognized any changes I make to web.config
programmatically, unless I manually use notepad to open the web.config
file and force a save without any additional modifications. (i.e. file
watcher is triggered on the notepad save but not on the
Configuration.save()).

This is clearly a bug and I need a workaround!

-John Gonsalves
Hewlett Packard

*** Sent via Developersdex http://www.developersdex.com ***
Apr 5 '07 #4
Did you try what i had suggested in the last post?
Latish

Apr 6 '07 #5
Also, is there a compelling reason for you to use web.config for this?
Can't you pick the settings from a Sql Server table or another config
file?

Apr 6 '07 #6


I could save the users to another file or database and do some
personalization in my web application to authorizing by comparing the
LogonUserIdentity.Name.ToString() with what I have stored.

But I was hoping that by adding these users programmatically to
web.config in the authorization section, would force IIS to do this for
me.

-John Gonsalves

*** Sent via Developersdex http://www.developersdex.com ***
Apr 6 '07 #7


Latish,

What you're suggesting won't work for me. The users are added to the
web.config file authorization section spuriously and infrequently. When
they are added I don't have the liberty of restarting the web site. I
need the new users to be given authorization by IIS automatically.

The functionality I need is using Windows Integrated Security:

1) Add a user to the authoriztion section in web.config as 'allow
users="newuser"', programmatically

2) Have IIS honor the added user, allowing them access to the web site.

There must be a way to do this using web.config.

-John Gonsalves

*** Sent via Developersdex http://www.developersdex.com ***
Apr 6 '07 #8
This seems to be a common problem ( i see similar questions in other
forums out there).
Check out http://www.developer.com/net/cplus/article.php/3531746

Perhaps you can use the Enterprise Library Configuration block.

Apr 6 '07 #9


Enterprise Library Configuration block appears to deal with
configuration changes being detectable by the web application.

I need IIS to detect my application changes, namely the authorization
section of the web.config file.

-John Gonsalves

*** Sent via Developersdex http://www.developersdex.com ***

Apr 6 '07 #10
On Mar 29, 12:39 am, John Gonsalves <john.gonsal...@hp.comwrote:
I'm experiencing problems related to IIS/ASP.NET not recognizing writes
to web.config that my web application performs.

Specifically I have a web application that provides an interface
allowing authenticated domain users to be written to the "authorization"
section of the web.config file. Since i'm using Integrated Windows
Authentication, these users should then be able to issue the various
HTTP POSTS to the web application. However what I'm seeing is that the
users I add to the web.config file still are unauthorized.

IIS/ASP.NET simply doesn't detect modifications to the web.config file
I'm doing programmatically in my web application using the .NET
Configuration / WebConfigurationManager API.

If I use a non programatic way of modifying the web.config file after a
user has been added i.e. use notepad to open web.config. and save,
without making any changes, then IIS/ASP.NET recognise the change to
web.config and now the users become authorized to use my web
application.

Is this a bug?

-John Gonsalves

*** Sent via Developersdexhttp://www.developersdex.com***
I believe it's an error in your code. The following code is working
well for me

string[] users = {"alexey"};
AuthorizationRule authorizationRule = new
System.Web.Configuration.AuthorizationRule(Authori zationRuleAction.Deny);
authorizationRule.Users.AddRange(users);
Configuration config =
WebConfigurationManager.OpenWebConfiguration("~");
AuthorizationSection authorizationsection =
config.GetSection("system.web/authorization") as AuthorizationSection;
authorizationsection.Rules.Add(authorizationRule);
config.Save();

Once it is executed the web.config is updated and I'm blocked

Apr 6 '07 #11
On Mar 29, 12:39 am, John Gonsalves <john.gonsal...@hp.comwrote:
I'm experiencing problems related to IIS/ASP.NET not recognizing writes
to web.config that my web application performs.

Specifically I have a web application that provides an interface
allowing authenticated domain users to be written to the "authorization"
section of the web.config file. Since i'm using Integrated Windows
Authentication, these users should then be able to issue the various
HTTP POSTS to the web application. However what I'm seeing is that the
users I add to the web.config file still are unauthorized.

IIS/ASP.NET simply doesn't detect modifications to the web.config file
I'm doing programmatically in my web application using the .NET
Configuration / WebConfigurationManager API.

If I use a non programatic way of modifying the web.config file after a
user has been added i.e. use notepad to open web.config. and save,
without making any changes, then IIS/ASP.NET recognise the change to
web.config and now the users become authorized to use my web
application.

Is this a bug?

-John Gonsalves

*** Sent via Developersdexhttp://www.developersdex.com***
I believe it's an error in your code. The following code is working
well for me

string[] users = {"alexey"};
AuthorizationRule authorizationRule = new
System.Web.Configuration.AuthorizationRule(Authori zationRuleAction.Deny);
authorizationRule.Users.AddRange(users);
Configuration config =
WebConfigurationManager.OpenWebConfiguration("~");
AuthorizationSection authorizationsection =
config.GetSection("system.web/authorization") as AuthorizationSection;
authorizationsection.Rules.Add(authorizationRule);
config.Save();

Once it is executed the web.config is updated and I'm blocked

Apr 6 '07 #12
"John Gonsalves" <jo************@hp.comwrote in message news:%2****************@TK2MSFTNGP05.phx.gbl...
Enterprise Library Configuration block appears to deal with
configuration changes being detectable by the web application.

I need IIS to detect my application changes, namely the authorization
section of the web.config file.

-John Gonsalves

*** Sent via Developersdex http://www.developersdex.com ***

John, were you aware that IIS has nothing to do with the web.config? It's all ASP.NET.

I would strongly suggest not using the authentication section of web.config to store users. You should use a database for that. If nothing else, consider that writes to web.config are not transactional, and a system crash while you're writing could result in an invalid web.config file, which would leave your entire application unavailable.

John

Apr 7 '07 #13
On Apr 7, 2:16 am, "John Saunders" <john.saunders at trizetto.com>
wrote:
"John Gonsalves" <john.gonsal...@hp.comwrote in messagenews:%2****************@TK2MSFTNGP05.phx.gb l...

Enterprise Library Configuration block appears to deal with
configuration changes being detectable by the web application.

I need IIS to detect my application changes, namely the authorization
section of the web.config file.

-John Gonsalves
John, did you check my response to this thread?

Apr 7 '07 #14


Yes John, I read and understand your recommendation. Apparently
web.config authorization section wasn't meant to be updated and have
those changes be honored as far as IIS/ASP.NET enforcing any rule
changes made.

I'll add a database table for users.

Thanks for the help. I'd still like to know if what I've been
experiencing is a defect.

-John Gonsalves

*** Sent via Developersdex http://www.developersdex.com ***
Apr 9 '07 #15
On Apr 9, 6:34 pm, John Gonsalves <john.gonsal...@hp.comwrote:
Yes John, I read and understand your recommendation. Apparently
web.config authorization section wasn't meant to be updated and have
those changes be honored as far as IIS/ASP.NET enforcing any rule
changes made.

I'll add a database table for users.

Thanks for the help. I'd still like to know if what I've been
experiencing is a defect.

-John Gonsalves

*** Sent via Developersdexhttp://www.developersdex.com***
http://groups.google.com/group/micro...e7c450bf9cd102

Apr 9 '07 #16

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

2
by: Greg Lindstrom | last post by:
Hello- I am writing an application where I need to recognize when a file arrives in a given directory. Files may arrive at any time during the course of the day. Do I set up a cron job to poll...
2
by: Dale Anderson | last post by:
I have a schema that I'm trying to read. The schema has an element named 'GrantApplication' and one with a namespace prefix named 'SF424:GrantApplication'. When I try to read this schema in, I...
0
by: Feldman Alex | last post by:
Hello friends. Do anyone know wich C# api's should i use for recognizing removable/network drives? Example : I need to know when cd inserted to CD drive Thank a lot Alex
5
by: Marc Violette | last post by:
<Reply-To: veejunk@sympatico.ca> Hello, I'm hoping someone can help me out here... I'm a beginner ASP.NET developper, and am trying to follow a series of exercises in the book entitled...
0
by: Glenn Venzke | last post by:
I'm using a ColdFusion app to consume a .NET webservice with 3 methods and I'm running into a problem. The first time I added a web reference & compiled the service (with VS.NET standard edition...
3
by: john.enevoldson | last post by:
Hi, When running a job that inserts data into a particular table we are seeing a significant number of direct writes against the tablespace containing the table. This is the only table in the...
2
by: Brisingman | last post by:
Hi, I set PYTHONPATH to /home/me/bin in bash.bashrc, however the IDLE path browser is not recognizing this. Not sure why. Grateful for any insight. Best
6
by: ahmadbaseet | last post by:
Hello every one. I am new to MS Access. I am using data SQL command SELECT to fetch some data from Access tables. I want to use DAO.Recordset object to get the data, but somehow my compiler is not...
1
by: thulaseeram | last post by:
hi, i am using the following code for uploading <div id="iframe" name="iframe" style="width:850px; height:120px;"> <iframe name="attach_frame" id="attach_frame"...
0
by: DolphinDB | last post by:
The formulas of 101 quantitative trading alphas used by WorldQuant were presented in the paper 101 Formulaic Alphas. However, some formulas are complex, leading to challenges in calculation. Take...
0
by: DolphinDB | last post by:
Tired of spending countless mintues downsampling your data? Look no further! In this article, you’ll learn how to efficiently downsample 6.48 billion high-frequency records to 61 million...
0
by: ryjfgjl | last post by:
ExcelToDatabase: batch import excel into database automatically...
0
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
1
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
0
by: ArrayDB | last post by:
The error message I've encountered is; ERROR:root:Error generating model response: exception: access violation writing 0x0000000000005140, which seems to be indicative of an access violation...
0
by: Shællîpôpï 09 | last post by:
If u are using a keypad phone, how do u turn on JavaScript, to access features like WhatsApp, Facebook, Instagram....
0
by: af34tf | last post by:
Hi Guys, I have a domain whose name is BytesLimited.com, and I want to sell it. Does anyone know about platforms that allow me to list my domain in auction for free. Thank you
0
by: Faith0G | last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.