I'm attempting to make the login requirements for Password less strict. I set all of my attributes in the web.config file, but for some reason, it doesn't like my Type attribute. I've looked at all of the other posts concerning web.config Membership on StackOverflow, as well as other sites, and they all seem to have the exact line that I do for Type. I can't seem to find much about this error in my searches, either. I just can't figure out why I am getting this error:
Configuration Error
Description: An error occurred during the processing of a configuration file required to service this request. Please review the specific error details below and modify your configuration file appropriately.
Parser Error Message: Attribute not recognized 'writeExceptionsToEventLog'
Source Error:
Line 16: <clear />
Line 17: <add name="AspNetSqlMembershipProvider"
Line 18: type="System.Web.Security.SqlMembershipProvider"
Line 19: connectionStringName="CafeWorksConnectionString"
Line 20: requiresQuestionAndAnswer="false"
Here is my web.config file (slightly modified to remove sensitive info)
<?xml version="1.0"?>
<!--
For more information on how to configure your ASP.NET application, please visit
http://go.microsoft.com/fwlink/?LinkId=169433
-->
<configuration>
<appSettings>
<add key="validationSettings:UnobtrusiveValidationMode" value="None"/>
</appSettings>
<system.web>
<authentication mode="Forms" />
<compilation debug="true" strict="false" explicit="true" targetFramework="4.5"/>
<httpRuntime targetFramework="4.5"/>
<membership defaultProvider="AspNetSqlMembershipProvider" userIsOnlineTimeWindow="15">
<providers>
<clear />
<add name="AspNetSqlMembershipProvider"
type="System.Web.Security.SqlMembershipProvider"
connectionStringName="CafeWorksConnectionString"
requiresQuestionAndAnswer="false"
enablePasswordRetrieval="false" enablePasswordReset="true"
requiresUniqueEmail="false" passwordFormat="Hashed"
minRequiredNonalphanumericCharacters="0" writeExceptionsToEventLog="false"
minRequiredPasswordLength="4" passwordStrengthRegularExpression=""
passwordAttemptWindow="10" maxInvalidPasswordAttempts="8"/>
</providers>
</membership>
</system.web>
<system.net>
<mailSettings>
<smtp from="Name#EmailHost.com">
<network host="EmailHost" password="" userName="" />
</smtp>
</mailSettings>
</system.net>
<connectionStrings>
<add name="CafeWorksConnectionString" connectionString="Data Source=DB;Initial Catalog=DBCatalog;Integrated Security=True" providerName="System.Data.SqlClient"/>
</connectionStrings>
</configuration>
If anyone knows how to correct this error I'd appreciate the help. I have absolutely no idea where "writeExceptionsToEventLog" is taking place and why it is causing my error.
Thank you!
According to your last comment, you are using legacy Membership Provider. It uses store procedures and dated.
Please use ASP.NET Universal Providers which uses Entity Framework.
How to replace with New Membership Provider
I assume you are implementing a new project. The reason is new Universal Provider creates table without prefix aspnet_ which is good. However, it'll break the relationship with custom tables if you are working on an existing project.
Follow the Scott Hanselman's article and work on a new test project first.
Basically, you just need to replace name="DefaultMembershipProvider" type="System.Web.Providers.DefaultMembershipProvider".
Since you replace the name, you also need to up the defaultProvider to - defaultProvider="DefaultMembershipProvider"
The rest are the same. New Universal Provider uses Entity Framework Code First, so it'll create required tables for you automatically if they haven't been created yet. Note, it doesn't use store procedure.
The beauty is that you do not need to run aspnet_regsql.exe to create schema and store procedures.
Related
I am trying to add AP.Net membership to my database. I have had success with this in the past so I have some idea of what I am doing. My project is a VB.Net website with Framework 4.5.2. I used asp_regsql.exe in framework 4 to add the schema to my db. I created the following web.config entries (per MSDN articles):
<connectionStrings>
<add name="AFKMSConnectionString" providerName="System.Data.SqlClient" connectionString="working as intended" />
<system.web>
<authentication mode="Forms" >
<forms loginUrl="Account/Login.aspx"
name=".ASPXFORMSAUTH" />
</authentication>
<!--<authorization>
<deny users="?" />
</authorization>-->
<compilation debug="true" targetFramework="4.5.2"/>
<httpRuntime targetFramework="4.5.2"/>
<pages>
<namespaces>
<add namespace="System.Web.Optimization"/>
<add namespace="Microsoft.AspNet.Identity"/>
</namespaces>
<controls>
<add assembly="Microsoft.AspNet.Web.Optimization.WebForms" namespace="Microsoft.AspNet.Web.Optimization.WebForms" tagPrefix="webopt"/>
</controls>
</pages>
<membership defaultProvider="SqlMembershipProvider" userIsOnlineTimeWindow="15">
<providers>
<clear/>
<add
name="SqlMembershipProvider"
type="System.Web.Security.SqlMembershipProvider"
connectionStringName="AFKMSConnectionString"
applicationName="AFKMS"
enablePasswordRetrieval="false"
enablePasswordReset="true"
requiresQuestionAndAnswer="false"
requiresUniqueEmail="true"
passwordFormat="Hashed" />
</providers>
</membership>
<profile enabled ="true" defaultProvider="SqlProvider">
<providers>
<clear />
<add name="SqlProvider"
type="System.Web.Profile.SqlProfileProvider"
connectionStringName="AFKMSConnectionString"
applicationName="AFKMS"
description="SqlProfileProvider for SampleApplication" />
</providers>
</profile>
<roleManager enabled ="true"
defaultProvider ="SqlRoleProvider" >
<providers>
<clear/>
<add name ="SqlRoleProvider"
type="System.Web.Security.SqlRoleProvider"
connectionStringName="AFKMSConnectionString"
applicationName="AFKMS"/>
</providers>
</roleManager>
My connection string works for my current functions but when I try to register a user I get the following error:
Directory lookup for the file "C:\Users\Dan\Source\Repos\AFKMS\AFKMS\App_Data\aspnet-AFKMS-140073d4-6858-4f19-9555-0edfbaadd43a.mdf" failed with the operating system error 2(The system cannot find the file specified.).
CREATE DATABASE failed. Some file names listed could not be created. Check related errors.
This comes from Accounts/Register,
Dim result = manager.Create(user, Password.Text)
Why is it trying to create a database? What does it look like I am missing?
<connectionStrings>
<add name="AFKMSConnectionString" connectionString="data source=.;Initial Catalog=your_db_name;integrated security=True" providerName="System.Data.SqlClient" />
</connectionStrings>
can you provide us with code of how you create users?
you mentioned: Dim result = manager.Create(user, Password.Text)
i think you need to use:
Membership.CreateUser(UserName, Password, Email)
I'm assuming you've created a new ASP.NET Web Application, using the Web Forms templates?
In which case you appear to be attempting to configure the newer ASP.NET Identity system with the original Membership Provider configuration settings.
As Ahmed noted, you mention the call in the register page to manager.Create(user, Password.Text) - this is using the ApplicationUserManager from ASP.NET Identity.
If you look in the App_Start folder of your project, you should find a file named IdentityConfig.vb (assuming you're using VB.NET), which has a method Create that returns the ApplicationUserManager - this in turn calls the ApplicationDbContext class that is created in the Models folder, that will be defined to use a connection called "DefaultConnection" - by default this is set to be a standalone .mdf file in the App_Data folder named after the project.
You should change this to point at your connection string, but be aware that this uses Entity Framework to create the database schema for you - it should just add it to the existing database, but you should ensure you've backed it up before you start in case it drops everything first.
After adding the assebly of System.Data.Entity to my web config I got this error:
It is an error to use a section registered as allowDefinition='MachineToApplication' beyond application level. This error can be caused by a virtual directory not being configured as an application in IIS.
I have deleted the obj and bin folders, I removed the line authentication="windows", tried to reopen as some has said it worked, I have checked that there is only 1 web.config within the main folder (Entity Framework - Folder for forms, model, DAL and BLL)...
What other reasons is there that this will happen? I searched everywhere and it's basically the above reasons I found....
This is my web.config if it makes a difference:
<configuration>
<connectionStrings>
<add name="ApplicationServices"
connectionString="data source=.\SQLEXPRESS;Integrated Security=SSPI;AttachDBFilename=|DataDirectory|\aspnetdb.mdf;User Instance=true"
providerName="System.Data.SqlClient" />
<add name="CStringVKB" connectionString="Data Source=.;Initial Catalog=VKB;Persist Security Info=True;User ID=websiteservice;Password=websiteservice" providerName="System.Data.SqlClient" />
</connectionStrings>
<system.web>
<compilation debug="true" optimizeCompilations="true" targetFramework="4.0" >
<assemblies>
<add assembly="System.Data.Entity, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
</assemblies>
</compilation>
<!--<authentication mode="Windows">
<forms loginUrl="~/Account/Login.aspx" timeout="2880" />
</authentication>-->
<membership>
<providers>
<clear/>
<add name="AspNetSqlMembershipProvider" type="System.Web.Security.SqlMembershipProvider" connectionStringName="ApplicationServices"
enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" requiresUniqueEmail="false"
maxInvalidPasswordAttempts="5" minRequiredPasswordLength="6" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10"
applicationName="/" />
</providers>
</membership>
<profile>
<providers>
<clear/>
<add name="AspNetSqlProfileProvider" type="System.Web.Profile.SqlProfileProvider" connectionStringName="ApplicationServices" applicationName="/"/>
</providers>
</profile>
<roleManager enabled="false">
<providers>
<clear/>
<add name="AspNetSqlRoleProvider" type="System.Web.Security.SqlRoleProvider" connectionStringName="ApplicationServices" applicationName="/" />
<add name="AspNetWindowsTokenRoleProvider" type="System.Web.Security.WindowsTokenRoleProvider" applicationName="/" />
</providers>
</roleManager>
</system.web>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true"/>
</system.webServer>
</configuration>
What can I do to solve this?
Basically, the error means that there is a web.config file in one of your subfolders that has a configuration element that it should not have. Is this you root/only web config file? If not, could you please post those as well?
Also, it sounds stupid, but I would double check that you're opening the website itself in your IDE (and not mistakenly opening a parent folder) I have seen people spend a couple hours trying to debug this same error, when all along they weren't in the right directory.
Here is a good explanation on how the web.config hierarchy is set up for ASP that will help you visualize how this works: http://scottonwriting.net/sowblog/archive/2010/02/17/163375.aspx
Apparently there were two web.config files in my solution. I am using MVC4 and there was another config file under Views and i was making the change in the wrong file. Fixed there helped me.
But you can always change the default redirect/route in the global.asax file.
Chris Noreikis's answer is in fact correct. But missing an important detail. If for whatever reason you open the project/solution in a different VS version than it was originally created VS will attempt to migrate. Occasionally during this migration, VS will create a folder called "backup", or "backup_{#}". Even if you undo the pending changes this migration forces, these directories remain.
The presence of these directories are in some cases (like mine) the cause of this error. Removing these directories will eradicate the problem.
My hope is that this saves someone the countless hours I lost on this problem.
I have developed an application which works fine on my local IIS7 server. I can log into it using a different machine on the local network and access all areas.
After deploying it on an SBS2003 server with IIS6.0 and SQL Server 2005 I have had access problems. I have sorted this to the point where I can now load the web app and log in. The problem begins when I want to access a page that requires authentication. Even though I am logged in I cannot load the page. Needless to say that this applies to pages that requires RBA also.
The current error message I get is:
A network-related or instance-specific error occurred while
establishing a connection to SQL Server. The server was not found or
was not accessible. Verify that the instance name is correct and that
SQL Server is configured to allow remote connections. (provider: SQL
Network Interfaces, error: 26 - Error Locating Server/Instance
Specified)
If you are going to answer this question by telling me the answer to the problem is in the error message then please first remember that I can log in to my application. I obviously have a connection to the DB. After that if the answer is still simple please feel free to mock me.
Here is my web.config:
<?xml version="1.0"?>
<configuration>
<connectionStrings>
<add name="ZenIntranetConnectionString" connectionString="Data Source=127.0.0.1;Database=ZenIntranet;Integrated Security=True;"
providerName="System.Data.SqlClient" />
</connectionStrings>
<system.web>
<compilation debug="true" targetFramework="4.0" />
<httpRuntime maxRequestLength="8192" executionTimeout="360"/>
<authentication mode="Forms">
<forms loginUrl="~/Account/Login.aspx" timeout="2880" />
</authentication>
<membership>
<providers>
<clear/>
<add name="AspNetSqlMembershipProvider" type="System.Web.Security.SqlMembershipProvider" connectionStringName="ZenIntranetConnectionString"
enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" requiresUniqueEmail="false"
maxInvalidPasswordAttempts="5" minRequiredPasswordLength="6" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10"
applicationName="/" />
</providers>
</membership>
<profile>
<providers>
<clear/>
<add name="AspNetSqlProfileProvider" type="System.Web.Profile.SqlProfileProvider" connectionStringName="ZenIntranetConnectionString" applicationName="/"/>
</providers>
</profile>
<roleManager enabled="true" defaultProvider="ZenRoleProvider">
<providers>
<clear/>
<add name="ZenRoleProvider" type="BusinessClasses.ZenRoleProvider, BusinessClasses"
connectionStringName="ZenIntranetConnectionString"
applicationName="/" />
</providers>
</roleManager>
</system.web>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true"/>
</system.webServer>
</configuration>
Thanks for your help. I really really need it.
P.S I only just added the connection string name in the <roleManager> tag. I've never needed it before and my local web.config doesnt seem to require it. I've left it in their for now because I've seen that others said it was necessary. Regardless, it doesn't work.
The problem was hard coded connection strings (generated by VS) used for the dataset designer in the dataclasses layer.
I could login ok because the home page didnt load any data objects but as soon as I needed something from the dataset.xsd file the application was using the hard coded connection string from the DAL (which still had my development server connection string). I found the strings after doing a solution wide search for connectionString.
On a side note, I thought that the web.config should over ride this but it doesnt.
I've just downoaded a VS 2012 along with ASP.NET 4.5 and MVC 4.0 and was kicking the tires with a sample app and found that the forms authentication that works perfectly with ASP.NET 4.0/MVC 3 no longer seems to work with the latest release.
When I make a call to the Login function in the action controller, the WebSecurity.Login call fails:
public ActionResult Login(LoginModel model, string returnUrl)
{
if (ModelState.IsValid && WebSecurity.Login(model.UserName, model.Password, persistCookie: model.RememberMe))
{
return RedirectToLocal(returnUrl);
}
// If we got this far, something failed, redisplay form
ModelState.AddModelError("", "The user name or password provided is incorrect.");
return View(model);
}
I've replaced this code with the equivalent in my VS 2010 source, and that also fails (using the now deprecated FormsAuthentication.Authenticate function).
My question is: Has anybody ported a MVC3 to MVC4 app and found a workaround to this issue? I'm using IIS Express, so I guess that may be causing some problem somehow, but if you have any ideas, I'd appreciate it.
I copied my configuration from my working asp.net 4/MVC3 app as follows, but no luck (here's the relevant parts):
<connectionStrings>
<add name="DefaultConnection" connectionString="Data Source=tcp:sql2k1201.dbprovider.net;Initial Catalog=SQL2012_db;User ID=SQL2012_db_user;Password=dbpassword;" providerName="System.Data.SqlClient" />
</connectionStrings>
<system.web>
<compilation debug="true" targetFramework="4.5" />
<httpRuntime targetFramework="4.5" />
<authentication mode="Forms">
<forms loginUrl="~/Account/Login" timeout="2880"/>
</authentication>
<membership>
<providers>
<clear/>
<add name="AspNetSqlMembershipProvider" type="System.Web.Security.SqlMembershipProvider" connectionStringName="DefaultConnection"
enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" requiresUniqueEmail="false"
maxInvalidPasswordAttempts="5" minRequiredPasswordLength="6" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10"
applicationName="/" />
</providers>
</membership>
<profile>
<providers>
<clear/>
<add name="AspNetSqlProfileProvider" type="System.Web.Profile.SqlProfileProvider" connectionStringName="DefaultConnection" applicationName="/" />
</providers>
</profile>
<roleManager enabled="true">
<providers>
<clear/>
<add name="AspNetSqlRoleProvider" type="System.Web.Security.SqlRoleProvider" connectionStringName="DefaultConnection" applicationName="/" />
</providers>
</roleManager>
If your forms authentication ticket needs to be shared between applications using an older version of the .NET framework, you must explicitly configure your .NET 4.5 apps to use the earlier machine compatibility modes, or they will not be able to encrypt/decrypt the forms authentication ticket.
In your .net 4.5 application's web.config, set the compatibility mode attribute:
<system.web>
<machineKey compatibilityMode="Framework20SP2" />
</system.web>
This will allow your .NET 4.5 apps to work with forms authentication tickets generated by earlier .NET versions.
Note: If any of your servers do not have .NET Framework 2.0 SP2 installed, you will need to set the compatibility mode to "Framework20SP1" instead.
MSDN - MachineKeySection.CompatibilityMode Property
The issue here is that the default mvc4 internet template is using SimpleMembership to manage membership/roles information. The code in the template has assumption of this and can only work with simplemembership. When you install universal providers the account controller code blows up since it cannot understand universal providers. Look at this post which explains further on this scenario http://weblogs.asp.net/jgalloway/archive/2012/08/29/simplemembership-membership-providers-universal-providers-and-the-new-asp-net-4-5-web-forms-and-asp-net-mvc-4-templates.aspx
For me, I had an issue because there are some changes to the web.config settings you need (from http://www.asp.net/whitepapers/mvc4-release-notes)
<appSettings>
<add key="webpages:Version" value="2.0.0.0" />
<add key="PreserveLoginUrl" value="true" />
</appSettings>
Fixing these settings (which it doesn't look like you've added) got things working for me when I had login issues.
i want to ask about ASP.Net Configuration. i have a project that use ASP.Net MVC3. and i use membership in my project. in my database server, there's 2 database for my project.
aspnetdb, contains aspnet_membership, aspnet_user, aspnet_roles, etc (i use asp.net Configuration)
mydatabase, its for my project database.
now my boss told me that he want to host my project in public and told me to use only one database. so i have to move aspnetdb to mydatabase. how can i do it without making new table in mydatabase ?
thanks
By default the ASP.NET membership provider uses a built-in connectionString named LocalSqlServer which is something like this:
<add name="LocalSqlServer"
connectionString="Data Source=.\SQLEXPRESS;Integrated Security=SSPI;AttachDBFilename=|DataDirectory|aspnetdb.mdf;User Instance=true"
providerName="System.Data.SqlClient"/>
and when you use the Membership for first time (or when you use the web configuration manager tool), the aspnetdb.mdf will be created automatically. For first step, you can remove this connectionString from web.config by clear command:
<connectionStrings>
<clear/>
<!-- your other connectionStrings -->
</connectionStrings>
and also, you must change the connectionString for membershipProvider (and also roleProvider if you use it) in web.config file:
<membership userIsOnlineTimeWindow="20">
<providers>
<clear />
<add
connectionStringName="YourSpecifiedConnectionString" // your connectionString here
name="AspNetSqlMembershipProvider"
type="System.Web.Security.SqlMembershipProvider"
enablePasswordRetrieval="false"
enablePasswordReset="true"
requiresQuestionAndAnswer="false"
requiresUniqueEmail="false"
maxInvalidPasswordAttempts="500"
minRequiredPasswordLength="1"
minRequiredNonalphanumericCharacters="0"
passwordAttemptWindow="10"
applicationName="/" />
</providers>
</membership>
<roleManager enabled="true">
<providers>
<clear/>
<add connectionStringName="YourSpecifiedConnectionString" // your connectionString here
name="AspNetSqlRoleProvider"
applicationName="/"
type="System.Web.Security.SqlRoleProvider, System.Web, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"/>
</providers>
</roleManager>
For configure the database to use ASP.NET built-in membership provider, you can use regsql tool
which can be founded here:
C:\Windows\Microsoft.NET\Framework\(version that you are using. mine is v4.0.30319)\
In this folder, find the aspnet_regsql.exe file and run it. A helpful wizard will be shown and
help you step by step to configure new database. And about your final issue: You haven't to apply any change
to your edmx file! The EF works with tables you supplied to it, and membershipProvider do its job with
tables that ASP.NET supplied to it! Well done, Good job!
You have to add those tables to your own database. It's quite easy. Just use the aspnet_regsql tool to export the database schema to a SQL file and run that file in your own database.
Instruction:
http://www.xdevsoftware.com/blog/post/Install-ASPNET-Membership-Provider-on-a-Shared-Hosting-Company.aspx