Fatal Communication Error with the Windows Process Activation Service

1
votes

I have a .NET WebAPI app working locally on my dev machine's IIS, but if I deploy it on a server, there I get the error

HTTP Error 503. The service is unavailable.

whenever I try to access the API. At the same moment, the AppPool stops (yes, it has started correctly and runs correctly until I make an API call) and I get the error in event viewer:

A process serving application pool 'MyNewTestAppPool' suffered a fatal communication error with the Windows Process Activation Service.

The controller I call is a really complicated one:

public class ExampleController : ApiController
{
    [HttpGet]
    public bool GetTrue()
    {
        return true;
    }
}

so this cannot be an issue with a stack overflow caused by endless loop inside my code. I fear that it is an endless loop inside the authentication and authorization chain.

The main change to another app that deployed correctly on the same server is that this app should have most controllers require authentication against local AD, with a single controller that doesn't - while the other apps either always require authentication, or never.

To achieve this hybrid mode, I did the following:

  • in Web.config, I added <authentication mode="Windows" />
  • in IIS, I enabled both Anonymous Authentication and Windows Authentication
  • in Global.asax.cs, I added the AuthorizeAttribute to all controllers: GlobalConfiguration.Configuration.Filters.Add(new System.Web.Http.AuthorizeAttribute());
  • the single function that should be accessible without authentication has got the [AllowAnonymous] attribute set.

Not sure what's happening there, does someone know what happens or how to debug this?

1
asp.netauthenticationiis
So this api works on IIS correctly if you remove authentication and only allow Anonymous access?Ravi A.
No, the api works correctly on IIS on my developer computer, with the app configured the same as on the server. If I remove Windows Authentication from IIS settings, nothing changes. If I remove the Authorize Attribute from my code, nothing changes. If I remove both, I can access everything as anonymous user.Alexander
It's really strange that application pool is getting disabled. Did you try with a different application pool or something ? Also you are saying there are other apps on the same server that has windows auth enabled and they don't crash the process ?Ravi A.
Yes, that is what I was saying. Since that old app is "in production", I moved the new app into a different (new) apppool after the first crash, so as to not crash a production apppool repeatedly. This didn't fix it. I have seen the issue going away an hour ago (not sure whether I should call that "fixed") after doing a Restart of my computer (it wanted to install a Windows Update), then Clean and Rebuild in Visual Studio and then deploying the app again... WTF!?Alexander

1 Answers

0
votes

Ensure \IIS_IUSRS (IIS 7.x) has read access to the app folder. Ensure the app pool identity you are using is in the IIS_IUSRS group (ex. IIS APPPOOL\DefaultAppPool)