2

Currently we have a working ASP.NET WebAPI 2 project which is compiling and running with IdentityServer3.AccessTokenValidation. After uninstalling the NuGet package and installing the newer IdentityServer4.AccessTokenValidation the project now stops running and exhibits an HTTP Error 500.19 - Internal Server Error. We've tried a lot of things but we're not sure how to identity the root issue and resolve. Consistently upgrading to IdentityServer4 reproduces the error.

Detailed Error Information:

Module:       CustomErrorModule
Notification: SendResponse
Handler:      Not yet determined
Error Code:   0x80070490
Config Error: The configuration section 'system.webServer/httpErrors' cannot be read because it is missing a section declaration
Config File:  \\?\C:\Users\joe\AppData\Local\dftmp\Resources\91a2e717-5753-4ca7-b31d-40e068e91e84\temp\temp\RoleTemp\applicationHost.config

At present all the Identity Server code in Startup.cs is commented out so essentially the only change is the replacement of the IdentityServer libraries which reliable recreates this issue

For additionally context, here are some details:

  • This is WebAPI 2
  • .NET 4.6
  • This would be hosted as an Azure Cloud Service but currently we are just working locally until we identify the issue
  • We had no httpErrors section defined and adding one which had no impact on the presence of the error
  • This listed file does not exist
  • We have made no permissions changes and shouldn't have too since its a Cloud Service

UPDATE 1

After additional analysis we have observed another error which is occurring just before the one mentioned above. We have confirmed the same thing is also occurring on the 'clean' VM mentioned in the comments

Detailed Error Information:

Module:       CustomErrorModule
Notification: SendResponse
Handler:      ExtensionlessUrl-Integrated-4.0
Error Code:   0x80070002
Config Error: Cannot read configuration file
Config File:  applicationHost.config

Our config section contains the following handlers. None of this changed as part of the upgrade and removing it has no impact on the error

<handlers>
  <remove name="ExtensionlessUrlHandler-Integrated-4.0" />
  <remove name="OPTIONSVerbHandler" />
  <remove name="TRACEVerbHandler" />
  <add name="ExtensionlessUrlHandler-Integrated-4.0" path="*." verb="*" type="System.Web.Handlers.TransferRequestHandler" preCondition="integratedMode,runtimeVersionv4.0" />
</handlers>
JoeGeeky
  • 3,746
  • 6
  • 36
  • 53
  • Can you reproduce this issue on clean dev manchine/vm or after deployment to dev env? – abatishchev Dec 19 '17 at 00:52
  • @abatishchev, good question... Yes... I just repro'd on a clean Windows Server VM. Exact same process of upgrade resulting in the same error although the folder path was obviously not the same. Please note, this means I can repro on Windows Desktop and Windows Server. – JoeGeeky Dec 19 '17 at 02:26
  • Stupid question: what if you do add section declaration or/and section itself? How that temp config looks like, what's the deviation with your Web.config? Do you know why it's appHost.config rather than Web.config? Built-in section declaration is usually done in machine.config or appHost.config, error also mentions it, I don't think that's a coincidence. – abatishchev Dec 19 '17 at 05:13
  • @abatishchev, we've always had the section `system.webServer` just not the `httpErrors` part, adding it has no impact on this error. As for `web.config`, we do have one, and the only changes were to `runtime/assemblyBinding` made by the IS NuGet package installation (and it's dependencies). – JoeGeeky Dec 19 '17 at 13:53
  • How C:\Users\joe\AppData\Local\dftmp\Resources\91a2e717-5753-4ca7-b31d-40e068e91e84\temp\temp\RoleTemp\applicationHost.config looks like? – abatishchev Dec 19 '17 at 20:04
  • @abatishchev, The file does not exist in the folder – JoeGeeky Dec 19 '17 at 23:25

1 Answers1

1

V4 is for ASP.NET Core only...

leastprivilege
  • 18,196
  • 1
  • 34
  • 50
  • I wanted to continue under the following issue, but the repo is archived: https://github.com/IdentityServer/IdentityServer3/issues/3017 Nevertheless, lot's of people still use OWIN, use it together with IdSrv4 and supporting Validation from v.3 up to date is highly appreciated. I've upgraded it locally for Ms.IdentityModel 5.2 and Owin 4 and everything's fine. Currently for local mode only, but fixing the server validation via IdSrv4 could be useful too. What do you think regarding unfreezing that particular lib from v.3, or publishing a fork: "v.3 client for v.4 server"? – d_f Sep 20 '18 at 16:48