We are developing a ASP.NET Web Site that needs security. So we add a SSL Certificate to IIS and go. But, debugging with that pesky "https" prefix is a little harder.
The problem is that when you debug an ASP.NET Web Site you are using Cassini as you web server by default. You can go to Project->Properties->Start Options and tell Visual Studio.Net to launch with a "Custom Web Server" -- but that only works if you are using NT Authentication. We not.
So by default, you cannot debug as ASP.NET Web Site with an SSL certificate in use. Unless you know of a back door. (If I was using sound effects, I would have a drum role right here).
First you should know there are two types of web projects: ASP.NET Web Site and ASP.NET Web Application. The ASP.NET Web Site is new to .Net 2.0 and there are a number of differences between the two project types. You can look up most of them later, I'm only interested in one difference.
In the ASP.NET Web Application, when you go to Project->Properties->Web tab, you can specify to debug with the IIS Web server. You can even tell it which Url to use. So if your url is normally "http://localhost/MyWebApp" you can change it to "https://localhost/MyWebApp" and viola!, you are debugging a secure web site!
OK, but our current web application is not a ASP.NET Web Application, it is a ASP.NET Web Site, and I don't get that option -- but I still need to debug the web site with the certificate. Now I'm getting to the back door.
First note: to do this, your existing application must be a Web Application in IIS.
First off, don't change your project type, leave your existing web application as is, no changes. Create a new ASP.NET Web Application, call it DebuggableWebProject (or something like that). It should be created with a Default.aspx page. Make the changes I specified to the properties pages I specified up above. Also register the web site with IIS; if using IIS7, both web site must be part of the same application pool. The run the web site from Visual Studio.Net in debug mode.
Next, from your new web site in Visaul Studio.Net, open one of the code files (either .cs or a .vb). Set a break point somewhere obvious. Then open up your web site in IE/Firefox using the SSL address (https://localhost/MyWebApp/...) and hit a page that should go thru the code you set the breakpoint in and the breakpoint should catch.
That is basically it. You create a second web project to debug your existing web project. That is your back door. It is a little strange, but it works fine. It even allows you to debug a secure web service call.
Anyway, I found this by accident and I hope it helps someone else along the way. Also note: I am using IIS7 Visual Studio.Net 2005 and have not tested this with IIS6 or any other version of Visual Studio.NET. But it does work in both Integrated and Classic mode application pools in IIS7.
No comments:
Post a Comment