ASP.NET OWIN UseCookieAuthentication Logs User Out After Sign In

I have a need to do manual cookie authentication. As I use OWIN with UseCookieAuthentication middleware, it is not that hard except when I had no idea what is actually required.

Problem

I know I had to create a ClaimsIdentity and I will need AuthenticationProperties object. Supplying both of them successfully created the cookie, but when I went to a different page, the authentication failed and the application kicked me out to the login page. The following is my initial problematic code in the authentication handler:

Dim claims As New List(Of Claim)
claims.Add(New Claim(ClaimTypes.NameIdentifier, user.Username))
Dim claimsIdentity As New ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationType)
context.GetOwinContext().Authentication.SignIn(New AuthenticationProperties With {
    .ExpiresUtc = expiration
}, claimsIdentity)

Solution

For my basic requirement, apparently there are required claims. In my case, I'm missing the Name claim. Adding the following claim solves my issue:

claims.Add(New Claim(ClaimTypes.Name, user.Name))

As of now, I'm still not sure why it is necessary and haven't had time to look it up. But a quick read on ClaimsIdentity reveal that NameClaimType is necessary.

https://docs.microsoft.com/en-us/dotnet/api/system.security.claims.claimsidentity?view=netframework-4.8

My final code thus becomes:

Dim claims As New List(Of Claim)
claims.Add(New Claim(ClaimTypes.NameIdentifier, user.Username))
claims.Add(New Claim(ClaimTypes.Name, user.Name))
Dim claimsIdentity As New ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationType)
context.GetOwinContext().Authentication.SignIn(New AuthenticationProperties With {
    .ExpiresUtc = expiration
}, claimsIdentity)

Windows Server 2016 Update Error 0x8007000e

This one server that I managed has not been updated for a while and I happened to need to create a new image out of it, so I thought I might as well update it to the latest via Windows Update. And I ended up spending hours troubleshooting how to update.

Problem

Windows Update ran into 0x8007000e error when checking for updates.

Solution

Searching online, some suggested installing Windows Update Troubleshooter or similar tools or update the Windows Update agent. And some people suggested that the OS actually runs out of memory or storage. 

My server has 10+ GB of free space and 2GB memory. I thought it shouldn't run out of resources until I read the following articles:

https://feedback.azure.com/forums/216843-virtual-machines/suggestions/31407055-low-on-memory-error-server-2016-b-series

I follow the suggestion in there to increase the memory to 4GB and it finally updates without issue. I also noticed while the check is running, it consumes about 45% of memory. And the download finally runs, it takes around 55-65% of memory. That definitely won't work on my previous configuration. So the solution in my case is to use 4GB or more memory.

ASP.NET Web Forms "External component has thrown an exception" Error

Every once in a while, I will get a random error for reasons too time consuming to dig. I have been using Azure DevOps to create CI/CD pipeline to deploy our web application and it has been going well so far. And today, I suddenly got a weird error but it was easily solved.

Problem

I had no trouble logging in and going to the main page of our web application. But when visiting a particular page, suddenly throws "External component has thrown an exception". I tested it locally and had no problem. And nothing changed on the code of that particular page. Sometimes it can be due to the server runs out of memory and that doesn't appear to be the case this time.

Solution

This is probably another hiccup I thought. So, I went inside the server and recycle the application pool in IIS. Then, I went back to the browser and reload the page that caused an error and this time it loads without any issue. And the solution this time is simply recycling the application pool.

Error Installing AWS CodeDeploy Agent in Windows Server 2016

It has been a while since I added an EC2 instance to our CI/CD pipeline. And this time, I need to allow a Windows Server 2016 to receive artifacts from AWS CodeDeploy by installing the agent. And installing the CodeDeploy agent is not straight forward.

Problem

I followed the instructions to install using Windows PowerShell:

https://docs.aws.amazon.com/codedeploy/latest/userguide/codedeploy-agent-operations-install-windows.html#codedeploy-agent-operations-install-windows-powershell

It went smoothly until it tried to start the windows service which failed with the following error message:

Service 'CodeDeploy Host Agent Service' (codedeployagent) failed to start. 
Verify that you have sufficient privileges to start system services

The error message can be found in the log file which is located at:

C:\temp\host-agent-install-log.

Solution

The following article helps me solving the installation issue:

https://github.com/aws/aws-codedeploy-agent/issues/189

Basically, we need to add Windows Defender exclusions for the installation and execution folders. In my case, it will be:

Add-MpPreference -ExclusionPath ("C:\ProgramData\Amazon\CodeDeploy","$env:windir\Temp")

The following worked in Windows Server 2016 but somehow didn't work in 2019:

Add-MpPreference -ExclusionPath ("C:\temp", "C:\ProgramData\Amazon\CodeDeploy") 

Updates

June 18, 2020

The last time I checked, it is no longer an issue in the following AMI:

Windows_Server-2016-English-Full-Base-2020.06.10

November 25, 2020

It happened to me again on Windows Server 2019. This time the EC2 is in private subnet, so I also checked the following:

- Permission attached to EC2 instance profile

- Access to endpoints:
  https://stackoverflow.com/questions/48023692/aws-codedeploy-not-working-in-private-vpc

- Event Viewer > Application

- Event Viewer > System. I noticed the following error message: 
 A timeout was reached (30000 milliseconds) while waiting for the CodeDeploy Host Agent Service service to connect.

The command above still worked, but need a slight change. Along with that, extending the timeout in the following article might help.

https://kevsoft.net/2017/10/02/codedeploy-agent-failing-to-start.html

Azure DevOps Build Failed for Project without Solution File

Our company has been using Azure DevOps as a source control server. Only lately, I have been expanding our usage to take advantage of its CI/CD offerings. It went smoothly until I bumped into a project that has no solution file. 

Problem

The project without solution file failed the Visual Studio Build task even when it has the same settings as other projects with solution file. 

I started by verifying settings from the Solution field. It does says that it can use MSBuild project. Since I was using VB.NET, I point it to .vbproj file.

Next is the Platform field, which according to the info bubble, I can specify "any cpu".

Last is the Configuration field. Since I want a Release build, I can specify "release" according to the info bubble.

The same values, with the exception of the Solution field, work well if I point the task to a solution file but break when I point it to a project file. Part of the error message is:

Please check to make sure that you have specified a valid combination of Configuration and Platform for this project. Configuration='release' Platform='any cpu'. You may be seeing this message because you are trying to build a project without a solution file, and have specified a non-default Configuration or Platform that doesn't exist for this project.

The error message indeed stated that the Configuration and Platform values are invalid. But it builds just fine locally without a solution file. Granted, Visual Studio will create a temporary solution file when opening a project file. 

Solution

Since it built fine locally, I decided to check inside the project file to find the values used.

The project file does use "Release" instead of "release" and "AnyCPU" instead of "any cpu". So, I gave it a try and the build was successful. 

Opening the solution file reveals the use of "Release" and "Any CPU", so the values might be case insensitive, but I didn't give it a try.

And my solution is:

• If pointing to solution file, use "release" as Configuration and "any cpu" as Platform
• If pointing to project file, use "Release" as Configuration and "AnyCPU" as Platform