I have this membership provider, and I'm using the "website administration tool" launched from Visual Studio->PROJECT->ASP.NET Configuration.
<membership>
<providers>
<add connectionStringName="DefaultConnection" enablePasswordRetrieval="false"
enablePasswordReset="true" requiresQuestionAndAnswer="false"
requiresUniqueEmail="true"
maxInvalidPasswordAttempts="5"
minRequiredPasswordLength="6"
minRequiredNonalphanumericCharacters="0"
passwordAttemptWindow="10"
applicationName="/" name="DefaultMembershipProvider" type="System.Web.Providers.DefaultMembershipProvider, System.Web.Providers, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
</providers>
</membership>
Changing these minRequiredPasswordLength="6", minRequiredNonalphanumericCharacters="0" has no effect so I suspect it's not using that provider.
Adding <clear/> before the add only makes it worse and proves it's getting it elsewhere.
<membership>
<providers>
<clear/>
<add....
This leads to this message on the page http://localhost:58144/asp.netwebadminfiles/security/security0.aspx:
The following message may help in diagnosing the problem: Default Membership Provider could not be found.
So how can I tell it to use that provider, or how can I configure the provider to what it expects?
I must give it a default provider here:
<membership defaultProvider="DefaultMembershipProvider">
Related
I'm trying to implement membership with oracle. I have created the database perfectly, but I can not access from my App. The database is on a dadicated server, and the error that its shows me is "OracleConnection.ConnectionString is invalid" but I know that is correct.
I have used this connection with ADO.NET and I works perfectly.
Can I use a remote server to implement membership? because this is the only explinantion that I could find...
This is my connectionstring.
Thanks in advance!
I found the solution in this post:
Setting up the default AspNetSqlProvider to point to remote database
So my web.config looks like:
<connectionStrings>
<add name="ApplicationServices" connectionString="DATA SOURCE=(DESCRIPTION= (ADDRESS=(PROTOCOL=TCP)(HOST=EUBEWD92Z1.jnj.com)(PORT=1521))(CONNECT_DATA=(SERVER=DEDICATED)(SERVICE_NAME=XE))); user id=user; password=pass;" providerName="Oracle.DataAccess.Client"/>
</connectionStrings>
<membership>
<providers>
<remove name="OracleMembershipProvider"/>
<add name="OracleMembershipProvider"
type="System.Web.Security.SqlMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
connectionStringName="ApplicationServices"
enablePasswordRetrieval="false"
enablePasswordReset="true"
requiresQuestionAndAnswer="true"
applicationName="/"
requiresUniqueEmail="false"
passwordFormat="Hashed"
maxInvalidPasswordAttempts="5"
minRequiredPasswordLength="7"
minRequiredNonalphanumericCharacters="1"
passwordAttemptWindow="10"
passwordStrengthRegularExpression=""/>
</providers>
</membership>
I want to use custom membership and role provider in MVC4 .
So i added some code to my config file as you can see here:
<membership defaultProvider="AspNetSqlMembershipProvider">
<providers> <clear />
<add name="AspNetSqlMembershipProvider" type="System.Web.Security.SqlMembershipProvider" connectionStringName="authentication" />
</providers>
</membership>
<roleManager enabled="true" defaultProvider="CustomRoleProvider">
<providers>
<clear/>
<add name="CustomRoleProvider"
connectionStringName="authentication"
enablePasswordRetrieval="false" enablePasswordReset="true"
requiresQuestionAndAnswer="false" writeExceptionsToEventLog="false" />
</providers>
</roleManager>
But when i go to ** Web Site Administration Too** for adding role i got this error:
The following message may help in diagnosing the problem: Sections must only appear once per config file. See the help topic for exceptions. (C:\Users\ehsan\Desktop\EducationModel\EducationMVC\web.config line 46)
You have multiple membership providers defined separately:
Removing one of them should get rid of that error. But if you need to have both providers then update as follows:
<membership defaultProvider="MembershipProvider2">
<providers>
<add name="MembershipProvider1" type="WebMatrix.WebData.SimpleMembershipProvider, WebMatrix.WebData" />
<add name="MembershipProvider2" type="System.Web.Providers.DefaultMembershipProvider, System.Web.Providers, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" connectionStringName="DefaultConnection" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" requiresUniqueEmail="false" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="6" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10" applicationName="/" />
</providers>
</membership>
Here MembershipProvider2 is set as defaultProvider just for example. You would update this with whichever providers you need to use as default.
I am getting membership error in my application.
This is my web.config section that is creating error.
<membership defaultProvider="DefaultMembershipProvider">
<providers>
<add name="DefaultMembershipProvider" type="System.Web.Providers.DefaultMembershipProvider, System.Web.Providers, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" connectionStringName="DefaultConnection" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" requiresUniqueEmail="false" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="6" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10" applicationName="/" />
</providers>
</membership>
Like all other same questions like this one I have read, are telling me about adding defaultProvider and name to this config file.
But I already have defaultProvider and name set to by default in there.
What other customization needs to be done?
You can see this error here-
http://funranger.com
I suspect there is already a membership provider registered before your configuration file is loaded.
You'll need to remove the first membership provider, and this can be done by clearing all providers before you add one, just as you are doing with your connectionstrings.
In the configuration section, inside the membership/providers section, add a element before the element(s).
<membership>
<providers>
<clear/>
<add name="AspNetSqlMembershipProvider" type="System.Web.Security.SqlMembershipProvider" connectionStringName="WorkI" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" requiresUniqueEmail="false" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="6" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10" applicationName="/"/>
</providers>
</membership>
And also add the below line in your web.config file.
<connectionStrings><add name="DefaultConnection" connectionString="Data Source=YourServername;Initial Catalog=YourDBname;Integrated Security=True;MultipleActiveResultSets=True" providerName="System.Data.SqlClient" /></connectionStrings>
Here is how your membership provider's declaration should look like in the web.config under the system.web element
<membership defaultProvider="SqlProvider" userIsOnlineTimeWindow="15">
<providers>
<clear />
<add
name="SqlProvider"
type="System.Web.Security.SqlMembershipProvider"
connectionStringName="MySqlConnection"
applicationName="MyApplication"
enablePasswordRetrieval="false"
enablePasswordReset="true"
requiresQuestionAndAnswer="true"
requiresUniqueEmail="true"
passwordFormat="Hashed" />
</providers>
</membership>
I have an Azure web site that uses forms authentication with an Azure membership via the standard Microsoft tools and database. When I website administration tool, it sees the database and creates the users correctly. When I try to login however, I receive an authentication error.
The really strange part is that I have another Azure website that also uses a membership database. I copied the membership info directly from that sites web.config file into my broken site. When I go to administer the website, again, it sees the users correctly but when I attempt to login, I get receive an authentication error. To be clear, I can login properly from the working site but when I move the config info over to my new site, the same credentials fail.
How can I determine what is causing the problem? Below is code from web.config:
<add name="StrataluxAuthorize" connectionString="Data Source=xxxxxxx.database.windows.net;Initial Catalog=StrataluxAuthorize;Persist Security Info=True;User ID=xxxxxx;Password=xxxxxxxxxx" providerName="System.Data.SqlClient" />
<authentication mode="Forms">
<forms loginUrl="~/Account/Login" defaultUrl="~/" timeout="600" />
</authentication>
<profile defaultProvider="DefaultProfileProvider">
<providers>
<add name="DefaultProfileProvider" type="System.Web.Providers.DefaultProfileProvider, System.Web.Providers, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" connectionStringName="DefaultConnection" applicationName="/" />
</providers>
</profile>
<membership defaultProvider="DefaultMembershipProvider">
<providers>
<add connectionStringName="StrataluxAuthorize" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" requiresUniqueEmail="true" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="6" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10" applicationName="/" name="DefaultMembershipProvider" type="System.Web.Providers.DefaultMembershipProvider, System.Web.Providers, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
</providers>
</membership>
<roleManager enabled="true" defaultProvider="DefaultRoleProvider">
<providers>
<add connectionStringName="StrataluxAuthorize" applicationName="/" name="DefaultRoleProvider" type="System.Web.Providers.DefaultRoleProvider, System.Web.Providers, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
</providers>
</roleManager>
Just a guess based on the info given. Be sure that the "ApplicationName" property of the membership profider matches for both sites that will use the same Membership database. It doesn't appear that you have explicitly defined one so I believe by default it will use the Web Project Name. So if there is a mismatch (presumably there would be) between the 2 website names then the membership db will try to create a new application id in the database.
Sample Config:
<membership defaultProvider="DefaultMembershipProvider">
<providers>
<add connectionStringName="StrataluxAuthorize" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" requiresUniqueEmail="true" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="6" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10" applicationName="" name="DefaultMembershipProvider" type="System.Web.Providers.DefaultMembershipProvider, System.Web.Providers, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
</providers>
</membership>
Just a bit more clarification:
If you want the users which originaly appeared in web app "A" to be available in web app "B" then the application name in the configuration of web app "B" should be "A". Otherwise the membership provider will view it as a new application and it will get its own id and unique set of users.
I am using the default SQLMembershipProvider in my ASP.NET 2.0 website, and expect the Membership.ValidateUser to lock-out the user after entering a number of wrong passwords (5, in my case) but ValidateUser doesn't seem to be caring about keeping count of bad password attempts and locking out the user.
What's wrong?
The Membership configuration in my web.config:
<membership defaultProvider="SqlMembershipProvider" >
<providers>
<clear />
<add connectionStringName="ConnectionStringName" enablePasswordRetrieval="true"
enablePasswordReset="true" requiresQuestionAndAnswer="false"
requiresUniqueEmail="true" passwordFormat="Encrypted" maxInvalidPasswordAttempts="5"
minRequiredPasswordLength="6" minRequiredNonalphanumericCharacters="0"
passwordAttemptWindow="10" passwordStrengthRegularExpression=""
applicationName="MyApp" name="SqlMembershipProvider"
type="System.Web.Security.SqlMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
</providers>
</membership>
what is the PasswordAttemptWindow and MaxInvalidPasswordAttempts set to? and is these configuration settings set in the correct web.config? (the one actual in use by the test environment)
Here's the config for my membership usage which is working as required if it's of any use:
<membership defaultProvider="AspNetSqlMembershipProvider" userIsOnlineTimeWindow="30">
<providers>
<remove name="AspNetSqlMembershipProvider" />
<!--
Membership defaults mainly below this point:
connString, reqQ&A - modified - all others currently default.
-->
<add connectionStringName="CustomSqlServerProvider"
name="AspNetSqlMembershipProvider"
type="System.Web.Security.SqlMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
enablePasswordRetrieval="false"
enablePasswordReset="true"
requiresQuestionAndAnswer="false"
requiresUniqueEmail="false"
passwordFormat="Hashed"
maxInvalidPasswordAttempts="5"
minRequiredPasswordLength="7"
minRequiredNonalphanumericCharacters="1"
passwordAttemptWindow="10"
passwordStrengthRegularExpression=""
applicationName="/" />
</providers>
</membership>
Also, have you tried using the .Login() method for the authentication process instead? That's what i'm using rather than validateuser().
Please set the user.[IsApproved] to true