I have maintained aspnetdb.mdf on a sqlserver instance which I am using in my ASP.net web site application for roles and memberships.
Problem is that when I add roles using ASP.net web site configuration tool these roles are not getting populated in my aspnet_Roles table in aspnetdb.
On the other hand Users and application settings are nicely getting inserted into tables aspnet_Users and aspnet_Applications table respectively?
I know there is something wrong in my web.config file but do not know what?
web.config
<configuration>
<appSettings>
<add key="ValidationSettings:UnobtrusiveValidationMode" value="None" />
</appSettings>
<connectionStrings>
<add name="SqlSequrityConnectionString"
connectionString="Data Source=NASEER\SQLEXPRESS;Initial Catalog=aspnetdb;Integrated Security=True"
providerName="System.Data.SqlClient" />
</connectionStrings>
<system.web>
<authorization>
<allow users="56013" />
</authorization>
<authentication mode="Forms" />
<roleManager enabled="true" />
<compilation debug="true" targetFramework="4.5.1" />
<httpRuntime targetFramework="4.5.1" />
<membership defaultProvider="SecurityTutorialsSqlMembershipProvider">
<providers>
<!-- Add a customized SqlMembershipProvider -->
<clear/>
<add name="SecurityTutorialsSqlMembershipProvider"
type="System.Web.Security.SqlMembershipProvider"
connectionStringName="SqlSequrityConnectionString"
enablePasswordRetrieval="false"
enablePasswordReset="true"
requiresQuestionAndAnswer="true"
applicationName="SecurityTutorials"
requiresUniqueEmail="true"
passwordFormat="Hashed"
maxInvalidPasswordAttempts="5"
minRequiredPasswordLength="7"
minRequiredNonalphanumericCharacters="1"
passwordAttemptWindow="10"
passwordStrengthRegularExpression=""/>
</providers>
</membership>
</system.web>
</configuration>
By adding following code I got it working........!
<roleManager enabled="true" defaultProvider="SqlRoleManager">
<providers>
<add name="SqlRoleManager"
type="System.Web.Security.SqlRoleProvider"
connectionStringName="SqlSequrityConnectionString"
applicationName="MyApplication" />
</providers>
</roleManager>
Related
I have an error in my index page and my hosting support tell me that the "web config" file has a problem
http://schoolearn.ir/pay
this is my website
<?xml version="1.0"?>
<!--
For more information on how to configure your ASP.NET application, please visit
http://go.microsoft.com/fwlink/?LinkId=169433
-->
<configuration>
<connectionStrings>
<add name="ApplicationServices"
connectionString="data source=.\SQLEXPRESS;Integrated Security=SSPI;AttachDBFilename=|DataDirectory|\aspnetdb.mdf;User Instance=true"
providerName="System.Data.SqlClient" />
</connectionStrings>
<system.web>
<compilation debug="true" strict="false" explicit="true" targetFramework="4.0" />
<authentication mode="Forms">
<forms loginUrl="~/Account/Login.aspx" timeout="2880" />
</authentication>
<membership>
<providers>
<clear/>
<add name="AspNetSqlMembershipProvider" type="System.Web.Security.SqlMembershipProvider" connectionStringName="ApplicationServices"
enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" requiresUniqueEmail="false"
maxInvalidPasswordAttempts="5" minRequiredPasswordLength="6" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10"
applicationName="/" />
</providers>
</membership>
<profile>
<providers>
<clear/>
<add name="AspNetSqlProfileProvider" type="System.Web.Profile.SqlProfileProvider" connectionStringName="ApplicationServices" applicationName="/"/>
</providers>
</profile>
<roleManager enabled="false">
<providers>
<clear/>
<add name="AspNetSqlRoleProvider" type="System.Web.Security.SqlRoleProvider" connectionStringName="ApplicationServices" applicationName="/" />
<add name="AspNetWindowsTokenRoleProvider" type="System.Web.Security.WindowsTokenRoleProvider" applicationName="/" />
</providers>
</roleManager>
</system.web>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true"/>
</system.webServer>
</configuration>
I have no database and my pages are static but i need to implement my website using asp.net
As error says: This error can be caused by a virtual directory not being configured as an application in IIS, so in the IIS you should convert the pay directory to a application or move the files to the root of the host (instead of the pay directory) and try again.
My ASP.net web application works on my machine, but will not work properly on the test or production server. It redirects to the login page instead of allowing Anonymous Authentication. I know that my project properties in Visual Studio include Anonymous Authentication.
Here is my project properties window:
My web.config file looks like this:
<?xml version="1.0"?>
<configuration>
<connectionStrings>
<!-- Removed for privacy -->
</connectionStrings>
<appSettings>
<!-- Removed for privacy -->
</appSettings>
<location path="ResetPassword.aspx">
<system.web>
<authorization>
<allow users="?" />
</authorization>
</system.web>
</location>
<system.web>
<compilation debug="true" targetFramework="4.0" />
<authentication mode="Forms">
<forms loginUrl="~/Account/Login.aspx" timeout="2880" requireSSL="false" />
</authentication>
<webServices>
<protocols>
<add name="HttpGet" />
<add name="HttpPost" />
</protocols>
</webServices>
<membership>
<providers>
<clear/>
<add name="AspNetSqlMembershipProvider" type="System.Web.Security.SqlMembershipProvider" connectionStringName="<!-- Removed for privacy -->" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" requiresUniqueEmail="true" minRequiredNonalphanumericCharacters="0" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="8" passwordAttemptWindow="10" applicationName="/" />
</providers>
</membership>
<profile>
<providers>
<clear/>
<add name="AspNetSqlProfileProvider" type="System.Web.Profile.SqlProfileProvider" connectionStringName="<!-- Removed for privacy -->" applicationName="/" />
</providers>
</profile>
<roleManager enabled="false">
<providers>
<clear/>
<add name="AspNetSqlRoleProvider" type="System.Web.Security.SqlRoleProvider" connectionStringName="<!-- Removed for privacy -->" applicationName="/" />
<add name="AspNetWindowsTokenRoleProvider" type="System.Web.Security.WindowsTokenRoleProvider" applicationName="/" />
</providers>
</roleManager>
</system.web>
<system.web.extensions>
<scripting>
<webServices>
<jsonSerialization maxJsonLength="2147483647">
</jsonSerialization>
</webServices>
</scripting>
</system.web.extensions>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true" />
<httpProtocol>
<customHeaders>
<clear />
<add name="X-UA-Compatible" value="IE=edge" />
</customHeaders>
</httpProtocol>
</system.webServer>
</configuration>
I should also mention that this web.config file matches the web.config file that is currently being used in production. It should work, but I just don't understand if there are some additional settings or inherited properties in IIS that are messing things up on my test server.
*Update: I was able to get this site working on a different server without changing anything in the web.config. It must be something in the configuration of the server.
I upload my project to IIS ,I used my custome sqlmembership provider.and createed roles and users ,but when I tring to edit/delete/update data ,It tell me "u dont have a permission to do that" but inside the roles already define it can do that.
Plus I am using VS ASP.NET configuration tool,to add user and roles but when click the test button onAspNetSqlRoleProvider ,it tell me not found database.It works fine with VS build-in server but I upload the IIs ,it give error.
here is the a part of web.config
<system.web>
<roleManager enabled="true" />
<customErrors mode="RemoteOnly" defaultRedirect="~/Admin/Hata.aspx" />
<authentication mode="Forms">
<forms cookieless="AutoDetect" loginUrl="~/Login.aspx" />
</authentication>
<membership defaultProvider="MySqlMembershipProvider">
<providers>
<clear/>
<!--Add a customized SqlMembershipProvider -->
<add name="MySqlMembershipProvider" type="System.Web.Security.SqlMembershipProvider"
connectionStringName="OSProjeConnectionString" enablePasswordRetrieval="false"
enablePasswordReset="true" requiresQuestionAndAnswer="false" requiresUniqueEmail="false"
passwordFormat="Hashed" maxInvalidPasswordAttempts="15" minRequiredPasswordLength="5"
minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10"
passwordStrengthRegularExpression="">
</providers>
</membership>
<connectionStrings>
<add name="OSProjeConnectionString" connectionString="Data Source=.\SQLEXPRESS;Initial Catalog=OSProje;Integrated Security=SSPI; User ID=sa;Password=password;" />
</connectionStrings>
..............
...................
edıt :
I fix the problem adding this lines
<roleManager defaultProvider="roleProvider">
<providers>
<add connectionStringName="OSProjeConnectionString"
name="roleProvider"
type="System.Web.Security.SqlRoleProvider" />
</providers>
</roleManager>
Here is the line which is creating problem.
But you have not specified the DefaultProvider, so it takes AspNetSqlRoleProvider as the provider. Now you have to check the settings of AspNetSqlRoleProvider. Or you can add the following code:
<roleManager
enabled="false"
cacheRolesInCookie="false"
cookieName=".ASPXROLES"
cookieTimeout="30"
cookiePath="/"
cookieRequireSSL="false"
cookieSlidingExpiration="true"
cookieProtection="All"
defaultProvider="AspNetSqlRoleProvider"
createPersistentCookie="false"
maxCachedResults="25">
<providers>
<clear />
<add
connectionStringName="LocalSqlServer"
applicationName="/"
name="AspNetSqlRoleProvider"
type="System.Web.Security.SqlRoleProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
<add
applicationName="/"
name="AspNetWindowsTokenRoleProvider"
type="System.Web.Security.WindowsTokenRoleProvider, System.Web, Version=2.0.0.0,
Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
</providers>
</roleManager>
With some modifications.
Regarding App_Data folder, its automatically created for the application related data. For more details read this
i am facing a wierd problem
i use visual studio 2010, SQL express 2008 on win server 2008
after running the wizard of security (created single user, set permissions like deny anonymous and allow the created user) and pressing F5 --> the site works just fine.
when i move the folder to IIS 7 and "convert to application" the login page appears but it wont accept the password i provided.
i was told that only Stackoverflow geniuses will answer this question.
i am using .Net 4, manged pipleine mode --> inegrated
IIS settings:
Anonymous Auth. --> Enabled
Forms Auth. --> Enabled
ASP.Net Impersonation, Basic Auth, Digest Auth, Windows Auth--> Disabled
web.config
<configuration>
<connectionStrings>
<add name="ApplicationServices" connectionString="data source=.\SQLEXPRESS;Integrated Security=SSPI;AttachDBFilename=|DataDirectory|\aspnetdb.mdf;User Instance=true" providerName="System.Data.SqlClient"/>
</connectionStrings>
<system.web>
<authorization>
<deny users="?"/>
<allow users="statmaster"/>
</authorization>
<compilation debug="true" strict="false" explicit="true" targetFramework="4.0"/>
<authentication mode="Forms">
<forms loginUrl="~/Account/Login.aspx" timeout="2880"/>
</authentication>
<membership>
<providers>
<clear/>
<add name="AspNetSqlMembershipProvider" type="System.Web.Security.SqlMembershipProvider" connectionStringName="ApplicationServices" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" requiresUniqueEmail="false" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="6" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10" applicationName="/"/>
</providers>
</membership>
<profile>
<providers>
<clear/>
<add name="AspNetSqlProfileProvider" type="System.Web.Profile.SqlProfileProvider" connectionStringName="ApplicationServices" applicationName="/"/>
</providers>
</profile>
<roleManager enabled="false">
<providers>
<clear/>
<add name="AspNetSqlRoleProvider" type="System.Web.Security.SqlRoleProvider" connectionStringName="ApplicationServices" applicationName="/"/>
<add name="AspNetWindowsTokenRoleProvider" type="System.Web.Security.WindowsTokenRoleProvider" applicationName="/"/>
</providers>
</roleManager>
</system.web>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true"/>
</system.webServer>
</configuration>
the username exists in aspnet_Users table and the username "encrypted" in aspnet_Membership table
Read the article
Always set the "applicationName" property when configuring ASP.NET 2.0 Membership and other Providers
try creating a new website and put the application component in the root in case web.config application name = "/"
i hope this will solve it
<membership>
<providers>
<clear/>
<add name="AspNetSqlMembershipProvider"
type="System.Web.Security.SqlMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
connectionStringName="LocalSqlServer"
enablePasswordRetrieval="false"
enablePasswordReset="true"
requiresQuestionAndAnswer="true"
requiresUniqueEmail="false"
passwordFormat="Hashed"
maxInvalidPasswordAttempts="5"
minRequiredPasswordLength="7"
minRequiredNonalphanumericCharacters="1"
passwordAttemptWindow="10"
passwordStrengthRegularExpression=""
applicationName="/"
/>
</providers>
</membership>
http://weblogs.asp.net/scottgu/archive/2006/04/22/Always-set-the-_2200_applicationName_2200_-property-when-configuring-ASP.NET-2.0-Membership-and-other-Providers.aspx
I have created a user by using CreateUserWizard - control.
My web.config file is as follows:
<?xml version="1.0"?>
<configuration>
<appSettings/>
<connectionStrings>
<remove name="LocalSqlServer"/>
<add name="ConnString1" connectionString="Data Source=.\SQLEXPRESS;Initial Catalog=IceWebPortal_SQL2K5;user=sa;password=;integrated security=true;" providerName="System.Data.SqlClient"/>
<add name="LocalSqlServer" connectionString="Data Source=localhost;Initial Catalog=aspnet_membership_test;Integrated Security=True" providerName="System.Data.SqlClient"/>
</connectionStrings>
<system.web>
<!--
Set compilation debug="true" to insert debugging
symbols into the compiled page. Because this
affects performance, set this value to true only
during development.
-->
<compilation debug="true" />
<!--
The <authentication> section enables configuration
of the security authentication mode used by
ASP.NET to identify an incoming user.
-->
<authentication mode="Forms">
<forms
name="CookieDemo"
loginUrl="Default.aspx"
protection="All"
timeout="30"
path="/"
/>
</authentication>
<!--<authorization>
<deny users="?"/>
</authorization>-->
</system.web>
<location path="Default.aspx">
<system.web>
<authorization>
<allow users="*"></allow>
</authorization>
</system.web>
</location>
</configuration>
I am finding that, FormsAuthentication.Authenticate(username, password); is always returning false.
string username = this.usernameTextBox.Text;
string password = this.passwordTextBox.Text;
bool success = FormsAuthentication.Authenticate(username, password);
if (success)
{
}
What can be the problem?
You need to add e.g. a MembershipProvider configuration or add users directly to web.config (which is probably not a good idea)-
Example:
<membership>
<providers>
<clear />
<add name="AspNetSqlMembershipProvider"
type="System.Web.Security.SqlMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
connectionStringName="ApplicationServices"
enablePasswordRetrieval="false"
enablePasswordReset="true"
requiresQuestionAndAnswer="false"
requiresUniqueEmail="false"
passwordFormat="Hashed"
maxInvalidPasswordAttempts="5"
minRequiredPasswordLength="6"
minRequiredNonalphanumericCharacters="0"
passwordAttemptWindow="10"
passwordStrengthRegularExpression=""
applicationName="/" />
</providers>
</membership>