asp.net – Web.Config可能“不可读”

当前的项目:

> ASP.NET 4.5.2
> MVC 5

我有一个相当奇怪的问题.当我在VS2015中进行调试时,我能够使用并与站点进行交互而没有任何问题,但是每次我想通过调试来检查时都需要很长的时间来编译.另外,一旦我开始调试,文件被锁定,无法编辑;当我停止调试内部IIS到VS崩溃时(这适用于我使用的任何网站,而不仅仅是这个).因此,如果没有处于调试模式,则无法使用VS2015内部的IIS.

当我将IIS Express的本地安装附加到项目文件所在的目录或者编译项目吐出的目录时,该站点仅适用于普通页面.涉及数据库请求的任何操作都会因500服务器错误而失败.其他具有相同设置的站点(安装的IIS指向项目目录)工作得很好,但是这个站点在任何需要数据库连接的Action上都会失败:

Most likely causes:

  • IIS received the request; however, an internal error occurred during the processing of the request. The root cause of this error depends on which module handles the request and what was happening in the worker process when this error occurred.
  • IIS was not able to access the web.config file for the Web site or application. This can occur if the NTFS permissions are set incorrectly.
  • IIS was not able to process configuration for the Web site or application.
  • The authenticated user does not have permission to use this DLL.
  • The request is mapped to a managed handler but the .NET Extensibility Feature is not installed.

Things you can try:

  • Ensure that the NTFS permissions for the web.config file are correct and allow access to the Web server’s machine account.
  • Check the event logs to see if any additional information was logged.
  • Verify the permissions for the DLL.
  • Install the .NET Extensibility feature if the request is mapped to a managed handler.
  • Create a tracing rule to track failed requests for this HTTP status code. For more information about creating a tracing rule for failed requests, click here.
Detailed Error Information:
Module         ManagedPipelineHandler
Notification   ExecuteRequestHandler
Handler        System.Web.Mvc.MvcHandler
Error Code     0x00000000
Requested URL  http://project.localhost:80/Home/Test
Physical Path  D:\Source\Repos\Project\Project\Home\Test
Logon Method   Anonymous
Logon User     Anonymous

我已经查看了Web.Config的权限,但它们都很好,IUSR和IIS_IUSRS都被赋予了读/执行权限.应用程序池设置为Integrated,这似乎不是IIS问题,因为计算机上的许多其他数据库驱动的站点工作正常(我只是因为我经常进行维护而放弃它).所以在这里我认为这可能是一个Web.Config问题,至少在如何设置方面(同样,权限与机器上的其他站点相同).然而,Visual Studio中内置的IIS版本与网站一起工作得很好……每当调试停止时它就会死掉(崩溃)(这适用于任何网站).

所以我正在寻找建议 – 什么可以使VS2015内置的IIS版本正常工作,但Windows中的IIS在我当前的站点中失败了任何数据库连接?请记住,Windows IIS与其他站点和此站点中的静态页面一起使用,而不是具有任何类型的DB访问权限的操作.

我希望有人可以告诉我我的Web.Config是否有问题:

<?xml version="1.0" encoding="utf-8"?>
<configuration>
  <configSections>
    <section name="entityFramework" type="System.Data.Entity.Internal.ConfigFile.EntityFrameworkSection, EntityFramework, Version=6.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" requirePermission="false" />
    <sectionGroup name="nwebsec">
      <section name="httpHeaderSecurityModule" type="NWebsec.Modules.Configuration.HttpHeaderSecurityConfigurationSection, NWebsec, Version=4.2.0.0, Culture=neutral, PublicKeyToken=3613da5f958908a1" requirePermission="false" />
    </sectionGroup>
    <sectionGroup name="elmah">
      <section name="security" requirePermission="false" type="Elmah.SecuritySectionHandler, Elmah" />
      <section name="errorLog" requirePermission="false" type="Elmah.ErrorLogSectionHandler, Elmah" />
      <section name="errorMail" requirePermission="false" type="Elmah.ErrorMailSectionHandler, Elmah" />
      <section name="errorFilter" requirePermission="false" type="Elmah.ErrorFilterSectionHandler, Elmah" />
    </sectionGroup>
  </configSections>
  <connectionStrings>
    <add name="DefaultConnection" connectionString="censored" providerName="System.Data.SqlClient" />
    <add name="Elmah" connectionString="censored" providerName="System.Data.SqlClient" />
  </connectionStrings>
  <appSettings>
    <add key="webpages:Version" value="3.0.0.0" />
    <add key="webpages:Enabled" value="false" />
    <add key="ClientValidationEnabled" value="true" />
    <add key="UnobtrusiveJavaScriptEnabled" value="true" />
    <add key="elmah.mvc.disableHandler" value="false" />
    <add key="elmah.mvc.disableHandleErrorFilter" value="false" />
    <add key="elmah.mvc.requiresAuthentication" value="false" />
    <add key="elmah.mvc.IgnoreDefaultRoute" value="false" />
    <add key="elmah.mvc.allowedRoles" value="*" />
    <add key="elmah.mvc.allowedUsers" value="*" />
    <add key="elmah.mvc.route" value="elmah" />
    <add key="elmah.mvc.UserAuthCaseSensitive" value="true" />
    <add key="recaptchaPublicKey" value="censored" />
    <add key="recaptchaPrivateKey" value="censored" />
    <add key="recaptchaApiVersion" value="2" />
  </appSettings>
  <system.web>
    <authentication mode="None" />
    <compilation debug="true" targetFramework="4.5.2" />
    <httpRuntime targetFramework="4.5.2" enableVersionHeader="false" />
    <roleManager enabled="true" />
    <pages>
      <controls>
        <add tagPrefix="ajaxToolkit" assembly="AjaxControlToolkit" namespace="AjaxControlToolkit" />
      </controls>
    </pages>
    <httpModules>
      <add name="ErrorLog" type="Elmah.ErrorLogModule, Elmah" />
      <add name="ErrorMail" type="Elmah.ErrorMailModule, Elmah" />
      <add name="ErrorFilter" type="Elmah.ErrorFilterModule, Elmah" />
    </httpModules>
    <customErrors mode="On" redirectMode="ResponseRewrite" defaultRedirect="/Error/Index">
      <error statusCode="401" redirect="/Error/Unauthorized" />
      <error statusCode="404" redirect="/Error/NotFound" />
      <error statusCode="403" redirect="/Error/Forbidden" />
    </customErrors>
  </system.web>
  <system.webServer>
    <modules>
      <remove name="FormsAuthentication" />
      <remove name="RoleManager" />
      <add name="NWebsecHttpHeaderSecurityModule" type="NWebsec.Modules.HttpHeaderSecurityModule, NWebsec, Version=4.2.0.0, Culture=neutral, PublicKeyToken=3613da5f958908a1" />
      <add name="ErrorLog" type="Elmah.ErrorLogModule, Elmah" preCondition="managedHandler" />
      <add name="ErrorMail" type="Elmah.ErrorMailModule, Elmah" preCondition="managedHandler" />
      <add name="ErrorFilter" type="Elmah.ErrorFilterModule, Elmah" preCondition="managedHandler" />
    </modules>
    <handlers>
      <remove name="ExtensionlessUrlHandler-Integrated-4.0" />
      <remove name="OPTIONSVerbHandler" />
      <remove name="TRACEVerbHandler" />
      <add name="ExtensionlessUrlHandler-Integrated-4.0" path="*." verb="*" type="System.Web.Handlers.TransferRequestHandler" preCondition="integratedMode,runtimeVersionv4.0" />
      <add name="ELMAH" verb="POST,GET,HEAD" path="elmah.axd" type="Elmah.ErrorLogPageFactory, Elmah" preCondition="integratedMode" />
    </handlers>
    <httpProtocol>
      <customHeaders>
        <clear />
        <add name="X-Frame-Options" value="SAMEORIGIN" />
      </customHeaders>
    </httpProtocol>
    <httpErrors errorMode="Detailed" existingResponse="Replace">
      <remove statusCode="403" />
      <error statusCode="403" responseMode="ExecuteURL" path="/Error/Forbidden" />
    </httpErrors>
    <security>
      <requestFiltering>
        <hiddenSegments>
          <add segment="NWebsecConfig" />
        </hiddenSegments>
      </requestFiltering>
    </security>
    <validation validateIntegratedModeConfiguration="false" />
  </system.webServer>
  <runtime>
    <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
      <dependentAssembly>
        <assemblyIdentity name="Microsoft.Owin.Security" publicKeyToken="31bf3856ad364e35" />
        <bindingRedirect oldVersion="0.0.0.0-3.0.1.0" newVersion="3.0.1.0" />
      </dependentAssembly>
      <dependentAssembly>
        <assemblyIdentity name="Microsoft.Owin.Security.OAuth" publicKeyToken="31bf3856ad364e35" />
        <bindingRedirect oldVersion="0.0.0.0-3.0.1.0" newVersion="3.0.1.0" />
      </dependentAssembly>
      <dependentAssembly>
        <assemblyIdentity name="Microsoft.Owin.Security.Cookies" publicKeyToken="31bf3856ad364e35" />
        <bindingRedirect oldVersion="0.0.0.0-3.0.1.0" newVersion="3.0.1.0" />
      </dependentAssembly>
      <dependentAssembly>
        <assemblyIdentity name="Microsoft.Owin" publicKeyToken="31bf3856ad364e35" />
        <bindingRedirect oldVersion="0.0.0.0-3.0.1.0" newVersion="3.0.1.0" />
      </dependentAssembly>
      <dependentAssembly>
        <assemblyIdentity name="Newtonsoft.Json" culture="neutral" publicKeyToken="30ad4fe6b2a6aeed" />
        <bindingRedirect oldVersion="0.0.0.0-9.0.0.0" newVersion="9.0.0.0" />
      </dependentAssembly>
      <dependentAssembly>
        <assemblyIdentity name="System.Web.Optimization" publicKeyToken="31bf3856ad364e35" />
        <bindingRedirect oldVersion="1.0.0.0-1.1.0.0" newVersion="1.1.0.0" />
      </dependentAssembly>
      <dependentAssembly>
        <assemblyIdentity name="WebGrease" publicKeyToken="31bf3856ad364e35" />
        <bindingRedirect oldVersion="0.0.0.0-1.6.5135.21930" newVersion="1.6.5135.21930" />
      </dependentAssembly>
      <dependentAssembly>
        <assemblyIdentity name="System.Web.Helpers" publicKeyToken="31bf3856ad364e35" />
        <bindingRedirect oldVersion="1.0.0.0-3.0.0.0" newVersion="3.0.0.0" />
      </dependentAssembly>
      <dependentAssembly>
        <assemblyIdentity name="System.Web.Mvc" publicKeyToken="31bf3856ad364e35" />
        <bindingRedirect oldVersion="0.0.0.0-5.2.3.0" newVersion="5.2.3.0" />
      </dependentAssembly>
      <dependentAssembly>
        <assemblyIdentity name="System.Web.WebPages" publicKeyToken="31bf3856ad364e35" />
        <bindingRedirect oldVersion="1.0.0.0-3.0.0.0" newVersion="3.0.0.0" />
      </dependentAssembly>
      <dependentAssembly>
        <assemblyIdentity name="Antlr3.Runtime" publicKeyToken="eb42632606e9261f" culture="neutral" />
        <bindingRedirect oldVersion="0.0.0.0-3.5.0.2" newVersion="3.5.0.2" />
      </dependentAssembly>
      <dependentAssembly>
        <assemblyIdentity name="AngleSharp" publicKeyToken="e83494dcdc6d31ea" culture="neutral" />
        <bindingRedirect oldVersion="0.0.0.0-0.9.6.41832" newVersion="0.9.6.41832" />
      </dependentAssembly>
    </assemblyBinding>
  </runtime>
  <entityFramework>
    <defaultConnectionFactory type="System.Data.Entity.Infrastructure.LocalDbConnectionFactory, EntityFramework">
      <parameters>
        <parameter value="mssqllocaldb" />
      </parameters>
    </defaultConnectionFactory>
    <providers>
      <provider invariantName="System.Data.SqlClient" type="System.Data.Entity.SqlServer.SqlProviderServices, EntityFramework.SqlServer" />
    </providers>
  </entityFramework>
  <system.codedom>
    <compilers>
      <compiler language="c#;cs;csharp" extension=".cs" type="Microsoft.CodeDom.Providers.DotNetCompilerPlatform.CSharpCodeProvider, Microsoft.CodeDom.Providers.DotNetCompilerPlatform, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" warningLevel="4" compilerOptions="/langversion:6 /nowarn:1659;1699;1701" />
      <!--<compiler language="vb;vbs;visualbasic;vbscript" extension=".vb" type="Microsoft.CodeDom.Providers.DotNetCompilerPlatform.VBCodeProvider, Microsoft.CodeDom.Providers.DotNetCompilerPlatform, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" warningLevel="4" compilerOptions="/langversion:14 /nowarn:41008 /define:_MYTYPE=\&quot;Web\&quot; /optionInfer+" />-->
    </compilers>
  </system.codedom>
  <system.net>
    <mailSettings>
      <smtp from="info@lawyercase.ca">
        <network host="" port="587" userName="" password="" enableSsl="false" />
      </smtp>
    </mailSettings>
  </system.net>
  <nwebsec>
    <httpHeaderSecurityModule xmlns="http://nwebsec.com/HttpHeaderSecurityModuleConfig.xsd" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="NWebsecConfig/HttpHeaderSecurityModuleConfig.xsd">
      <redirectValidation enabled="true" />
      <securityHttpHeaders>
        <x-Frame-Options policy="Deny" />
        <x-Content-Type-Options enabled="true" />
      </securityHttpHeaders>
    </httpHeaderSecurityModule>
  </nwebsec>
  <elmah xmlns="http://Elmah.Configuration">
    <!--
        See http://code.google.com/p/elmah/wiki/SecuringErrorLogPages for 
        more information on remote access and securing ELMAH.
    -->
    <security allowRemoteAccess="false" />
    <errorLog type="Elmah.SqlErrorLog, Elmah" connectionStringName="Elmah" />
  </elmah>
  <location path="elmah.axd" inheritInChildApplications="false">
    <system.web>
      <httpHandlers>
        <add verb="POST,GET,HEAD" path="elmah.axd" type="Elmah.ErrorLogPageFactory, Elmah" />
      </httpHandlers>
      <!-- 
        See http://code.google.com/p/elmah/wiki/SecuringErrorLogPages for 
        more information on using ASP.NET authorization securing ELMAH.

      <authorization>
        <allow roles="admin" />
        <deny users="*" />  
      </authorization>
      -->  
    </system.web>
  </location>
</configuration>

最佳答案 这里有点像Mea Culpa,因为有可能向潜在的好撒玛利亚人指出问题最明显的信息被我审查了.为什么?因为我不想与世界狗分享DB connectionString.

事实证明,默认Web.Config还将在DefaultConnection connectionString中包含术语Integrated Security = True.为什么这是个问题?因为这告诉IIS在访问数据库时使用集成安全性 – 例如,忽略用户名和密码,只使​​用自己的凭据.

当然,这是史诗般的失败.

现在,我不确定Visual Studio 2015中构建的IIS是如何忽略和/或绕过此术语的.它要么完全忽略它,只是在字符串中使用用户名和密码,要么Visual Studio的安装以某种方式设置VS和MSSQL之间的自动握手.我只是不知道.

让我们粉笔这整个群集,这是我迄今为止所做的第一个真正独立(没有先前版本)的项目.在所有其他情况下,我有一个以前的版本的网站(以及这样的,DB),我必须刚刚从旧项目复制connectionString作为一个整体,而不是只编辑新的一个项目.

TL; DR:将connectionString更改为Integrated Security = False或将其删除完全解决了独立IIS(未集成到Visual Studio中的IIS)无法访问数据库的问题,尽管Visual Studio内置的IIS运行正常.

点赞