On (not) catching ASP.NET errors - mike's web log/comments

New comments for this entry are disabled.

January 19, 2007 | On (not) catching ASP.NET errors | 1819 hit(s)

Had an unusual one today. (For me, anyway.) I have a little app at work that for various reasons has to impersonate an identity. For the time being, I do this with this element in the Web.config file:

<identity impersonate="true"  userName="user"  password="password" />

This all works fine, no problem. However, recently the user underwent a password change -- IOW, the password in this entry was now wrong. This threw a big ol' ASP.NET YSOD error (click to enlarge):

This is a bad error -- you'll note that it displays highly sensitive data right there for everyone to see. (I'm not showing you the real data, of course.)

The first order of business was to set the <customErrors> section to RemoteOnly so that ASP.NET wouldn't be splashing credentials around like that. But I also thought it would be a good idea to catch this error. The password will change again, and since it's likely that no one will remember update the credentials on file, the error is almost certain to show up again. Although the error message that ASP.NET displays is now benign (if confusing and ugly), it would be nicer to have a proper error message.

This has proved quite challenging, who knew. I began with the error handling techniques that are generally recommended -- adding an Application_Error handler to the Global.asax file[1] and, for good measure, adding a default redirect to the <customErrors> section in the Web.config file.

Made no difference -- still got the error. I posted to our internal alias for some help. Rahul Soni pointed me to a post on his blog that suggested using a module to capture the request (or response) and redirect appropriately.

Alas, that didn't work either. It's a strange error ... it's clearly an ASP.NET error, so it's being thrown after IIS hands the request to aspnet_isapi.dll. But it's being thrown before the application is instantiated -- we never even get to Application_Start.

Rahul poked around and noted that the problem comes up when the thread for the application was being created; the impersonation is used to assign an identity to the thread. But of course the thread never makes it, coz the credentials are bad. He dove in a bit further and decided that it might be possible to handle the error by overriding a method in one of the way-early classes, like AppDomainFactory. (He had it more precise than that, but foolish me, I closed the IM window in which we were discussing this and lost the conversation, d'oh.)

In any event, that looked like way too much trouble for my little app. If this were a production application for a public Web site, it might be worth investigating further. Although even then, it's not perfectly clear either where in the pipeline you can catch this error, and if you do, how exactly you can handle it. If you know how, tho, by all means let us (me) know.

[1] I note that the docs for this are broken -- the example doesn't show up. Weird, eh?

Rik Hemsley 20 Jan 07 - 1:02 AM

This is a really shocking bug from Microsoft. I came across it when a customer called to ask why their username and password was being displayed to the users of the ASP.NET app we'd installed at their site. Very embarrassing for us, I'm sure you can imagine!

After some investigation, I found that it's possible to put the username and password in the registry, encrypted. See this for instructions: http://support.microsoft.com/kb/329290

mike 20 Jan 07 - 11:32 AM

The credentials can be encrypted, which I should be doing anyway, but one thing at a time. :-) I assume, however, that there would still be an error, if not necessarily this error, and that it would still be hard to catch that error -- ?

Incidentally, we have a section in the docs on encrypting sections of the config file:

http://msdn2.microsoft.com/en-gb/library/53tyfkaw.aspx

:-)

Rahul Soni 22 Jan 07 - 12:19 AM

Thanks Mike!

Just wanted to add that the reason why we have to override is because the Application is not starting up in the first place!

Try creating a breakpoint on Application start event and you will see that the bookmark is not hit at all!!! So, the event is most likely thrown by something at the lower level, while trying to create the app domain for the faulty app.

I don't have a handy code at this moment, but let me see if I can find an easy one for this. If I do get it, I will get another interesting entry for me blog (and yours too :o)!

Cheers,
Rahul

Rahul Soni 22 Jan 07 - 12:21 AM

Ooops... I forgot to add the link related to Application Life cycle...

http://msdn2.microsoft.com/en-us/library/ms178473.aspx

Hope that helps!
Rahul

DC 22 Jan 07 - 6:44 AM

I have a similar problem, from time to time I get a "server too busy" framework error page, and I cannot customize it. It also seems to happen before application_start.

I would be most delighted if someone has a solution for this.

Rahul Soni 22 Jan 07 - 8:16 AM

Is it "Server too busy" or "Server is too busy"?

If it is the former, the following blog entry should help...

http://blogs.msdn.com/rahulso/archive/2006/09/08/How-to-repro-_2200_Server-Too-Busy_2200_-Errors_3F00_.aspx

Cheers,
Rahul

DC 22 Jan 07 - 11:16 PM

Hi Rahul,

thank you for the link, very useful for me since I am troubled with the same error. Let me ask you anyway: did you manage to finally customize that error page?

Regards
DC

Rahul Soni 23 Jan 07 - 12:47 AM

Oh yes DC, it is pretty simple.

You can try it out on any test Win2k3 box with the blog entry which I specified. Let me know if you face any issues with that!

The catch line is "Server too busy" is thrown by IIS, "Server is too busy" is thrown by ASP.NET. So ensure that you are not getting the latter!

Cheers,
Rahul

Yaron 05 Feb 07 - 8:25 AM

Not related to the main topic of the post, but most IM programs allow you to keep a log of previous conversations, so you won't lose anything if you close the window...