I have 2 applications (MVC) like this :
Website
and
Admininistration
In each of them, I'm using asp.net membership provider (using mysql) like this :
Website web.config
<roleManager enabled="true" defaultProvider="MySQLRoleProvider">
<providers>
<clear />
<add name="MySQLRoleProvider" type="MySql.Web.Security.MySQLRoleProvider, MySql.Web, Version=6.8.3.0, Culture=neutral, PublicKeyToken=c5687fc88969c44d" connectionStringName="mySqlConnectionString" applicationName="Website" />
</providers>
</roleManager>
<membership defaultProvider="MySQLMembershipProvider" hashAlgorithmType="SHA1">
<providers>
<clear />
<add name="MySQLMembershipProvider" autogenerateschema="false"
type="MySql.Web.Security.MySQLMembershipProvider, MySql.Web, Version=6.8.3.0, Culture=neutral, PublicKeyToken=c5687fc88969c44d"
connectionStringName="mySqlConnectionString"
enablePasswordRetrieval="false"
enablePasswordReset="true"
requiresQuestionAndAnswer="false"
applicationName="Website"
requiresUniqueEmail="true"
passwordFormat="Hashed"
maxInvalidPasswordAttempts="25"
minRequiredPasswordLength="6"
minRequiredNonalphanumericCharacters="0"
passwordAttemptWindow="10"
passwordStrengthRegularExpression="" />
</providers>
</membership>
Adminitration web.config
<roleManager enabled="true" defaultProvider="MySQLRoleProvider">
<providers>
<clear />
<add name="MySQLRoleProvider" type="MySql.Web.Security.MySQLRoleProvider, MySql.Web, Version=6.8.3.0, Culture=neutral, PublicKeyToken=c5687fc88969c44d" connectionStringName="mySqlConnectionString" applicationName="Administration" />
</providers>
</roleManager>
<membership defaultProvider="MySQLMembershipProvider" hashAlgorithmType="SHA1">
<providers>
<clear />
<add name="MySQLMembershipProvider" autogenerateschema="true" type="MySql.Web.Security.MySQLMembershipProvider, MySql.Web, Version=6.8.3.0, Culture=neutral, PublicKeyToken=c5687fc88969c44d" connectionStringName="mySqlConnectionString" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" applicationName="Glocalapps" requiresUniqueEmail="true" passwordFormat="Hashed" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="6" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10" passwordStrengthRegularExpression="" />
</providers>
</membership>
<profile defaultProvider="MySqlProfileProvider">
<providers>
<clear />
<add name="MySQLProfileProvider" type="MySql.Web.Profile.MySQLProfileProvider, MySql.Web, Version=6.8.3.0, Culture=neutral, PublicKeyToken=c5687fc88969c44d" connectionStringName="mySqlConnectionString" applicationName="Administration" />
</providers>
</profile>
Both use same connection string.
Everything works without a problem, I can register and login on both sites and users are created perfectly within it's own application.
I'm trying to implement a Create User from the Administration web application for the Website application like this :
Membership.ApplicationName = "Website";
var membership = Membership.CreateUser(username, password);
this does create the user without a problem, but if I try to log in from the website application, it returns a password error. I did testing and this is indeed a password error. (if i copy another hash/salt from other user created on the website I can then login with this new created user, so the user is created OK, but for some reason the password is not recognized when the user is created from the Administration application)
Anyone has already faced this problem or have any idea on why is not working ?
The problem was that on one config I have this :
<membership defaultProvider="MySQLMembershipProvider" hashAlgorithmType="SHA1">
while the other application
<membership defaultProvider="MySQLMembershipProvider">
adding the hashAlgorithType solved the issue. Application name CAN be changed on runtime.
Related
I have Custom Membership Provider in asp.net 4. it's:
public class CustomMembershipProvider : SqlMembershipProvider
{
}
and Custom Role Provider:
public class CustomRoleProvider : RoleProvider
{
}
I use this code for set Custom Membership in web.config:
<membership defaultProvider="CustomMembershipProvider">
<providers>
<clear/>
<add name="CustomMembershipProvider" type="Login1.Code.CustomMembershipProvider" connectionStringName="LoginDB1Entities" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" requiresUniqueEmail="false" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="6" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10" applicationName="/" />
</providers>
</membership>
<roleManager enabled="true" defaultProvider="CustomRoleProvider">
<providers>
<clear/>
<add name="CustomRoleProvider" type="Login1.Code.CustomRoleProvider" connectionStringName="LoginDB1Entities" applicationName="/" />
<add name="AspNetWindowsTokenRoleProvider" type="System.Web.Security.WindowsTokenRoleProvider" applicationName="/" />
</providers>
</roleManager>
<profile>
<providers>
<clear/>
<add name="AspNetSqlProfileProvider" type="System.Web.Profile.SqlProfileProvider" connectionStringName="ApplicationServices" applicationName="/" />
</providers>
</profile>
and this connection string:
<connectionStrings>
<add name="LoginDB1Entities" connectionString="metadata=res://*/Code.EFModel.csdl|res://*/Code.EFModel.ssdl|res://*/Code.EFModel.msl;provider=System.Data.SqlClient;provider connection string="Data Source=.;Initial Catalog=LoginDB1;Integrated Security=True;MultipleActiveResultSets=True"" providerName="System.Data.EntityClient" />
</connectionStrings>
my application its working in localhost but i use this site in host and get this error:
Server Error in '/' Application.
I am setting up my MVC 4 website to use SqlMembershipProvider with data store as SQL Server Express 11.0.21xx
I have installed Universal Providers via NuGet
PM > Install-Package Microsoft.AspNet.Providers
When I run the app and go to localhost/Accounts/Register and submit the form, I get this error
To call this method, the "Membership.Provider" property must be an instance of "ExtendedMembershipProvider".
at this line
WebSecurity.CreateUserAndAccount(model.UserName, model.Password);
Accounts controller has attribute [InitializeSimpleMembership] set. But the tables are not created due to aforementioned error.
web.config section updated by NuGet
<profile defaultProvider="DefaultProfileProvider">
<providers>
<add name="DefaultProfileProvider"
type="System.Web.Providers.DefaultProfileProvider, System.Web.Providers, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35"
connectionStringName="DefaultConnection"
applicationName="/" />
</providers>
</profile>
<membership defaultProvider="DefaultMembershipProvider">
<providers>
<add name="DefaultMembershipProvider"
type="System.Web.Providers.DefaultMembershipProvider, System.Web.Providers, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35"
connectionStringName="DefaultConnection"
enablePasswordRetrieval="false"
enablePasswordReset="true"
requiresQuestionAndAnswer="false"
requiresUniqueEmail="false"
maxInvalidPasswordAttempts="5"
minRequiredPasswordLength="6"
minRequiredNonalphanumericCharacters="0"
passwordAttemptWindow="10"
applicationName="/" />
</providers>
</membership>
<roleManager enabled="true" defaultProvider="DefaultRoleProvider">
<providers>
<add name="DefaultRoleProvider"
type="System.Web.Providers.DefaultRoleProvider, System.Web.Providers, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35"
connectionStringName="DefaultConnection"
applicationName="/" />
</providers>
</roleManager>
<sessionState mode="InProc" customProvider="DefaultSessionProvider">
<providers>
<add name="DefaultSessionProvider"
type="System.Web.Providers.DefaultSessionStateProvider, System.Web.Providers, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35"
connectionStringName="DefaultConnection" />
</providers>
</sessionState>
ConnectionString
<add name="DefaultConnection" connectionString="server=servername\instance;Database=imdb;User Id=sa; Password=passbird;" providerName="System.Data.SqlClient" />
Where's the problem? Should I use universal providers at all? I dont believe I should run aspnet_regsql cos of the new Account controller.
All I had to do was change DefaultMembershipProvider to SimpleMembershipProvider in web.config. type attribute is important to get it right.
<membership defaultProvider="DefaultMembershipProvider">
<providers>
<add name="DefaultMembershipProvider"
type="WebMatrix.WebData.SimpleMembershipProvider, WebMatrix.WebData"
connectionStringName="DefaultConnection"
enablePasswordRetrieval="false"
enablePasswordReset="true"
requiresQuestionAndAnswer="false"
requiresUniqueEmail="false"
maxInvalidPasswordAttempts="5"
minRequiredPasswordLength="6"
minRequiredNonalphanumericCharacters="0"
passwordAttemptWindow="10"
applicationName="/" />
</providers>
</membership>
<roleManager enabled="true" defaultProvider="DefaultRoleProvider">
<providers>
<add name="DefaultRoleProvider"
type="WebMatrix.WebData.SimpleRoleProvider, WebMatrix.WebData"
connectionStringName="DefaultConnection"
applicationName="/" />
</providers>
</roleManager>
I am using MySQL Connector/.NET and a custom MySQL membership provider.
Here is a part of the web.config:
<roleManager enabled="true" defaultProvider="MySQLRoleProvider">
<providers>
<clear />
<add applicationName="name" description=""
connectionStringName="MySQLMP" writeExceptionsToEventLog="False"
autogenerateschema="True" name="MySQLRoleProvider" type="MySql.Web.Security.MySQLRoleProvider, MySql.Web, Version=6.4.4.0, Culture=neutral, PublicKeyToken=c5687fc88969c44d" />
</providers>
</roleManager>
<membership defaultProvider="MySQLMembershipProvider">
<providers>
<clear />
<remove name="MySQLMembershipProvider" />
<add name="MySQLMembershipProvider" type="MySql.Web.Security.MySQLMembershipProvider, MySql.Web, Version=6.4.4.0, Culture=neutral, PublicKeyToken=c5687fc88969c44d" applicationName="name" description="MySQL default application" connectionStringName="MySQLMP" writeExceptionsToEventLog="False" autogenerateschema="True" enablePasswordRetrieval="False" enablePasswordReset="True" requiresQuestionAndAnswer="True" requiresUniqueEmail="True" passwordFormat="Hashed" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="6" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10" passwordStrengthRegularExpression="" />
</providers>
</membership>
<profile defaultProvider="MySQLProfileProvider">
<properties>
<add name="AccountNumber" type="string" provider="" />
<remove name="MySQLProfileProvider" />
<add name="MySQLProfileProvider" type="MySql.Web.Profile.MySQLProfileProvider, MySql.Web, Version=6.4.4.0, Culture=neutral, PublicKeyToken=c5687fc88969c44d"/>
</properties>
<providers>
<clear />
<add name="MySQLProfileProvider" connectionStringName="MySQLMP" applicationName="name" type="MySql.Web.Profile.MySQLProfileProvider, MySql.Web, Version=6.4.4.0, Culture=neutral, PublicKeyToken=C5687FC88969C44D" />
</providers>
</profile>
In addition to that I am using ASP.NET authentication form.
What I am trying to do is: after a user logs in, I want to check if he/she is an admin and redirect to a certain page. Easy, right?
I believe, I am supposed to use the following:
if(Role.IsUserInRole(lgnCustomer.UserName, "Administrator"))
lgnCustomer.DestinationPageUrl = "~/admin";
However, for some reason I cannot use "Role". It seems like its missing reference to the MySQLRoleProvider.
Everything else (user registration, log in, role differentiation) works...
Thank you in advance!
The answer is not as difficult as I thought.
Apparently, it does not matter that a membership provider is something other than default SQL provider. I had to use using System.Web.Security; in the beginning, not the using MySQL.Web.Security;
My application has custom Role and MembershipProviders. I've registered them in web.config, but when I try to do if(User.IsInRole("Blah")), neither of my breakpoints in the RoleProvider's Initialize or IsUserInRole are hit. The membership provider works fine, so I guess there must be something I've missed from web.config. This is what I have:
<system.web>
...
<membership defaultProvider="MyAppMembershipProvider" userIsOnlineTimeWindow="15">
<providers>
<clear />
<add name="MyAppMembershipProvider"
type="MyAppMembership.MyAppMembershipProvider"
connectionStringName="MyApp"
enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" writeExceptionsToEventLog="false" />
</providers>
</membership>
<roleManager defaultProvider="MyAppRoleProvider">
<providers>
<clear />
<add name="MyAppRoleProvider"
type="MyAppMembership.MyAppRoleProvider"
connectionStringName="MyApp"
enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" writeExceptionsToEventLog="false" />
</providers>
</roleManager>
</system.web>
Is there something else which I need?
The attribute enabled of the the <roleManager>-Element defaults to false! Try:
<roleManager enabled="true" defaultProvider="MyAppRoleProvider">
<providers>
<clear />
<add name="MyAppRoleProvider"
type="MyAppMembership.MyAppRoleProvider"
connectionStringName="MyApp"
enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" writeExceptionsToEventLog="false" />
</providers>
</roleManager>
Have next problem: i setup the custom session state server (store sessions in Mysql). But the session data not added to database (the default .net session table is empty), but the authorization works (!). If I change the coockieless option to true, the session data start to add to database (but i dont want to use coockieless=true).
Sometimes I think that the framework choose what to use: inproc or my custom store...
My Config:
<sessionState mode="Custom" cookieless="false" timeout="20" customProvider="MySqlSessionStateStore">
<providers>
<add name="MySqlSessionStateStore" type="MySql.Web.SessionState.MySqlSessionStateStore, MySql.Web, Version=6.3.6.0, Culture=neutral, PublicKeyToken=c5687fc88969c44d" applicationName="/" description="" connectionStringName="MySqlMembershipConnection" writeExceptionsToEventLog="False" autogenerateschema="True" />
</providers>
</sessionState>
<authentication mode="Forms">
<forms loginUrl="~/Account/LogOn" timeout="2880" />
</authentication>
<membership defaultProvider="MySqlMembershipProvider">
<providers>
<clear />
<add name="MySqlMembershipProvider" type="MySql.Web.Security.MySQLMembershipProvider, MySql.Web, Version=6.3.6.0, Culture=neutral, PublicKeyToken=c5687fc88969c44d" applicationName="/" description="MySQL default application" connectionStringName="MySqlMembershipConnection" writeExceptionsToEventLog="False" autogenerateschema="True" enablePasswordRetrieval="False" enablePasswordReset="True" requiresQuestionAndAnswer="False" requiresUniqueEmail="True" passwordFormat="Hashed" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="6" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10" passwordStrengthRegularExpression="" />
</providers>
</membership>
<profile defaultProvider="MySqlProfileProvider">
<providers>
<clear />
<add name="MySqlProfileProvider" type="MySql.Web.Profile.MySQLProfileProvider, MySql.Web, Version=6.3.6.0, Culture=neutral, PublicKeyToken=c5687fc88969c44d" applicationName="/" description="" connectionStringName="MySqlMembershipConnection" writeExceptionsToEventLog="False" autogenerateschema="True" />
</providers>
</profile>
<roleManager enabled="true" defaultProvider="MySqlRoleProvider">
<providers>
<clear />
<add name="MySqlRoleProvider" type="MySql.Web.Security.MySQLRoleProvider, MySql.Web, Version=6.3.6.0, Culture=neutral, PublicKeyToken=c5687fc88969c44d" applicationName="/" description="" connectionStringName="MySqlMembershipConnection" writeExceptionsToEventLog="False" autogenerateschema="True" />
</providers>
</roleManager>
<connectionStrings>
<add name="photostorageEntities" connectionString="metadata=res://*/Models.Photos.csdl|res://*/Models.Photos.ssdl|res://*/Models.Photos.msl;provider=MySql.Data.MySqlClient;provider connection string="server=ip;User Id=user;password=pass;Persist Security Info=True;database=photostorage; Charset=utf8"" providerName="System.Data.EntityClient" />
<add name="MySqlMembershipConnection" connectionString="Data Source=ip;userid=user;password=pass;database=photostorage;Charset=utf8" providerName="MySql.Data.MySqlClient" />
</connectionStrings>
Fixed using separated connection string for Sessions (I don't know why it's not working in other way)