I'm developing an ASP.NET MVC 4 website and I'm using the Microsoft ASP.NET Universal Providers. I plan to deploy to Windows Azure and use SQL Database. In order to initialize memberships, profiles and roles on my local SQL Server 2008 database, I created a new user via the ASP.NET Web Site Administration Tool. How do I initialize sessions?
When my application runs, naturally I get a SqlException saying "Invalid object name dbo.Sessions." When testing on Windows Azure, this wasn't an issue; dbo.Sessions was created automatically. I'm able to run locally after generating a create table script from dbo.Sessions on Azure and applying it to my local SQL database.
web.config:
<membership hashAlgorithmType="SHA1" defaultProvider="DefaultMembershipProvider">
<providers>
<clear />
<add name="DefaultMembershipProvider" type="System.Web.Providers.DefaultMembershipProvider" connectionStringName="DefaultConnection" enablePasswordRetrieval="false" enablePasswordReset="true" passwordFormat="Hashed" requiresQuestionAndAnswer="false" requiresUniqueEmail="true" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="6" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10" applicationName="/" />
</providers>
</membership>
<profile enabled="false" defaultProvider="DefaultProfileProvider">
<providers>
<clear />
<add name="DefaultProfileProvider" type="System.Web.Providers.DefaultProfileProvider" connectionStringName="DefaultConnection" applicationName="/" />
</providers>
</profile>
<roleManager enabled="false" defaultProvider="DefaultRoleProvider">
<providers>
<clear />
<add name="DefaultRoleProvider" type="System.Web.Providers.DefaultRoleProvider" connectionStringName="DefaultConnection" applicationName="/" />
</providers>
</roleManager>
<sessionState mode="Custom" customProvider="DefaultSessionProvider">
<providers>
<add name="DefaultSessionProvider" type="System.Web.Providers.DefaultSessionStateProvider, System.Web.Providers" connectionStringName="DefaultConnection" applicationName="/" />
</providers>
</sessionState>
This article goes into more detail of the differences between the old aspnet_Memembership vs the Universal Providers.
http://dotnet.dzone.com/articles/stronger-password-hashing-net
The key points from the article:
Firstly, there’s no more aspnet_regsql, you just make sure your connection string is set and the account has DBO rights (don’t worry, it doesn’t have to stay this way) then run the app up and attempt to perform any action which should cause the membership provider to hit the DB (i.e. log on – it doesn't matter that there isn't an account).
Thats it all there is to it, when it works.
When you are using Microsoft ASP.NET Universal Providers to deploy to Windows Azure & SQL Database, it seems there could be some issue with your connection string as table on SQL Database is not created.
The blog below from Soctt shows steps by step details on how to do it so please follow and see what is missing:
Introducing System.Web.Providers - ASP.NET Universal Providers for Session, Membership, Roles and User Profile on SQL Compact and SQL Azure
Related
hi i m trying to enable roles in asp Web Site Administration Tool but when go to the security tab it give me this error
There is a problem with your selected data store. This can be caused by an invalid server name or credentials, or by insufficient permission. It can also be caused by the role manager feature not being enabled. Click the button below to be redirected to a page where you can choose a new data store.
The following message may help in diagnosing the problem: Unable to connect to SQL Server database.
and i'm using my own connectionStrings to link it to sql server management studio 2012 not to sql CE in the visual studio this is the code
<connectionStrings>
<add name="MusicStoreEntities"
connectionString="Data Source=localhost;
Initial Catalog=Project4DB;
Integrated Security=true;
MultipleActiveResultSets=true"
providerName="System.Data.SqlClient" />
</connectionStrings>
so how can enable roles in this case.
hi i mange to make ASP Web Site Administration Tool security tab work after many searches and hours.
to connect to a regular server management studio 2012 not that one comes with visual studio
first make the following changes in the web.config file :
NOTE: we msut first of all have the database created in the server management studio 2012
1) add your connection string
<connectionStrings>
<add name="MusicStoreEntities" --> change the name to your own connection name
connectionString="Data Source=localhost;
Initial Catalog=Project4DB; --> change it to your one database name
Integrated Security=true;
MultipleActiveResultSets=true"
providerName="System.Data.SqlClient" />
</connectionStrings>
2) in the <system.web> section in the web.config add
<roleManager enabled="false"
cacheRolesInCookie="false"
cookieName=".ASPXROLES"
cookieTimeout="30"
cookiePath="/"
cookieRequireSSL="false"
cookieSlidingExpiration="true"
cookieProtection="All"
defaultProvider="AspNetSqlRoleProvider"
createPersistentCookie="false"
maxCachedResults="25">
<providers>
<clear />
<add connectionStringName="MusicStoreEntities" --> change the name to your own connection name
applicationName="/"
name="AspNetSqlRoleProvider"
type="System.Web.Security.SqlRoleProvider, System.Web, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
<add name="AspNetWindowsTokenRoleProvider"
applicationName="/"
type="System.Web.Security.WindowsTokenRoleProvider, System.Web, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"/>
</providers>
</roleManager>
and
<membership>
<providers>
<remove name="AspNetSqlMembershipProvider"/>
<add name="AspNetSqlMembershipProvider"
type="System.Web.Security.SqlMembershipProvider, System.Web, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
connectionStringName="MusicStoreEntities" --> change the name to your own connection name
enablePasswordRetrieval="false"
enablePasswordReset="true"
requiresQuestionAndAnswer="true"
applicationName="/"
requiresUniqueEmail="false"
passwordFormat="Hashed"
maxInvalidPasswordAttempts="5"
minRequiredPasswordLength="7"
minRequiredNonalphanumericCharacters="1"
passwordAttemptWindow="10"
passwordStrengthRegularExpression=""/>
</providers>
</membership>
and
<customErrors mode="Off" />
3) open aspnet_regsql from:
C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe
and follow the setup wizard
hit next
hit next
choose what database want to connect to then next
and the security tab from ASP Web Site Administration Tool will work to enable the roles.
I have an ASP.NET WebForms app using Microsoft ASP.NET Universal Providers (NuGet) for membership and roles. Under full trust everything works fine, but when I edit web.config to specify medium trust I get this error when loading a page that accesses the membership:
Type 'System.Web.Providers.DefaultMembershipProvider' cannot be instantiated under a partially trusted security policy (AllowPartiallyTrustedCallersAttribute is not present on the target assembly).
I've searched the web and haven't found much info about whether this is a known limitation or if there is a workaround. I'm working on the open source app Gallery Server Pro, which is distributed in the MS Web Gallery and must support medium trust environments.
Any insight?
[Edit] Per the request, here is the web.config stuff (I'm not using profiles or the session state provider):
<membership defaultProvider="DefaultMembershipProvider">
<providers>
<clear />
<add name="DefaultMembershipProvider" applicationName="Gallery Server Pro" connectionStringName="GalleryDb" passwordFormat="Clear" enablePasswordRetrieval="true" enablePasswordReset="true" requiresQuestionAndAnswer="false" requiresUniqueEmail="false" maxInvalidPasswordAttempts="50" minRequiredPasswordLength="2" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10" type="System.Web.Providers.DefaultMembershipProvider, System.Web.Providers, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
</providers>
</membership>
<roleManager enabled="true" cacheRolesInCookie="true" cookieProtection="Validation" defaultProvider="DefaultRoleProvider">
<providers>
<clear />
<add name="DefaultRoleProvider" applicationName="Gallery Server Pro" connectionStringName="GalleryDb" type="System.Web.Providers.DefaultRoleProvider, System.Web.Providers, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
</providers>
</roleManager>
I think it may be because of catching role in cookies,
<roleManager enabled="true" cacheRolesInCookie="true" cookieProtection="Validation" ...
Remove that part, or make it false and then check if its working..
As medium security will block cookies and many more things, as cookies are not considered secure. Its basic material for scavengers(hacking data from left over/temp files).
I hope this will do..
I have created a website for my university that requires membership.
I used the web administration tool from Visual Studio and created Users and Rules.When i test it from Visual Studio it works fine.
The Web Administration Tool automatically creates a SQL database named ASPNETDB.MDF in the App_Data folder that saves membership data.
My question is will the database work when i add the website at the IIS? Do i have to create a sql server database and add a connection?Please answer me.It's really important.
i only want a very basic membership.
You can use db from /App_Data as explained in this SO answer:
ASP.NET: How to deploy App_Data to webhost? - but it depends on your server set up.
When using Membership my preference is to run it from a separate db in either SQL / SQL Express, as then have choice to run IIS site and db on different servers if required. Also better for security / scaling etc.
Once db is created you can use aspnet_regsql.exe to install Membership services into the db. It's usually located here - c:\Windows\Microsoft.NET\Framework\< versionNumber >\aspnet_regsql.exe. Can run as GUI or command line:
http://msdn.microsoft.com/en-us/library/x28wfk74.aspx
When running Membership from a separate db you'll also need to configure a provider in web.config. Something along the lines of this:
<connectionStrings>
<remove name="LocalSqlServer" />
<add name="MyMembershipConnectionString"
connectionString="Data Source=SERVER123\SQLEXPRESS;Initial Catalog=Database123;Persist Security Info=True;User ID=User123;Password=Password123" providerName="System.Data.SqlClient" />
</connectionStrings>
in < System.Web > section:
<roleManager defaultProvider="MySqlRoleProvider" enabled="true"
cacheRolesInCookie="true" cookieName=".ASPROLES" cookieTimeout="30"
cookiePath="/" cookieRequireSSL="false" cookieSlidingExpiration="true" cookieProtection="All">
<providers>
<clear />
<add name="MySqlRoleProvider" type="System.Web.Security.SqlRoleProvider"
connectionStringName="MyMembershipConnectionString" applicationName="MyAppName" />
</providers>
</roleManager>
<membership defaultProvider="MySqlMembershipProvider" userIsOnlineTimeWindow="720">
<providers>
<clear />
<add name="MySqlMembershipProvider"
type="System.Web.Security.SqlMembershipProvider"
connectionStringName="MyMembershipConnectionString"
enablePasswordRetrieval="false"
enablePasswordReset="true"
requiresQuestionAndAnswer="false"
requiresUniqueEmail="true"
passwordFormat="Hashed"
minRequiredPasswordLength="8"
minRequiredNonalphanumericCharacters="0"
passwordStrengthRegularExpression="((?=.*\d)(?=.*[a-z]).{6,20})"
maxInvalidPasswordAttempts="5"
passwordAttemptWindow="30" />
</providers>
</membership>
I've used a similar set up to this a good few times with no problems.
If using db from /App_Data you shouldn't need to do any of the web.config stuff
since two days I am trying to solve this error in the asp.net web site configuration - Provider Section
If you click on "Test" this error comes up:
Provider Management
Could not establish a connection to the database.
If you have not yet created the SQL Server database, exit the Web Site Administration tool, use the aspnet_regsql command-line utility to create and configure the database, and then return to this tool to set the provider.
My web config looks like this:
<connectionStrings>
<remove name="mydbConnectionString"/>
<add name="mydbConnectionString" connectionString="Server=localhost;Database=mydb;Uid=root;Pwd=root;" providerName="MySql.Data.MySqlClient"/>
</connectionStrings>
<system.web>
<roleManager enabled="true" defaultProvider="MySQLRoleProvider" />
<membership defaultProvider="MySqlMembershipProvider">
<providers>
<clear/>
<add name="MySqlMembershipProvider" autogenerateschema="true"
type="MySql.Web.Security.MySQLMembershipProvider, MySql.Web, Version=5.2.7.0, Culture=neutral,PublicKeyToken=c5687fc88969c44d"
connectionStringName="mydbConnectionString"
enablePasswordRetrieval="false"
enablePasswordReset="true"
requiresQuestionAndAnswer="false"
requiresUniqueEmail="false"
passwordFormat="Hashed"
maxInvalidPasswordAttempts="5"
minRequiredPasswordLength="6"
minRequiredNonalphanumericCharacters="0"
passwordAttemptWindow="10"
passwordStrengthRegularExpression=""
applicationName="LoginControl"
/>
</providers>
</membership>
It doesn't show the error for RoleProvider. It only shows when I click "Test" for MySqlMembershipProvier. So I think my connection string has some problems but I don't know how to fix it. Can anyone help me please?
Thanks a lot...
I'm guessing you just have to do what it says in the exception: Run the equivalent of aspnet_reqsql utility for MySQL to create the required tables in your database.
Shameless plug: Check out the Web.Config Role Provider on Codeplex if you want to set up Roles without a database.
aspnet_regsql only works with SQL Server. Not with MySQL
To install the membership/roles/profile tables, you would need to manually run the SQL files from .NET Framework folder: {SYSDRIVE\WINDOWS\Microsoft.NET\Framework\v2.0.50727}
Once you do so, then you can check if the connection is an issue.
how can I change ASP.NET Configuration tool-s connection string name?
(Which connection string will ASP.NET Configuration tool will use)
I'm learning ASP.NET and everywhere and in book that I'm reading now theres connection string named: LocalSqlServer.
I want to use my local sql server database instead of sql express to store Roles, Membership and other data.
I have used aspnet_regsql.exe to create needed data structures in my database. after that I changed my web.config to look like:
<connectionStrings>
<remove name="LocalSqlServer"/>
<add name="LocalSqlServer" connectionString="Server=(LOCAL); Database=MyDatabase;Integrated Security=True" providerName="System.Data.SqlClient" />
</connectionStrings>
but when I run ASP.NET Configuration tool it says that:
"The connection name 'ApplicationServices' was not found in the applications configuration or the connection string is empty."
ASP.NET Configuration tool uses connection string named: ApplicationServices not LocalSqlServer.
cause of that I have to modify web.config to:
<connectionStrings>
<add name="ApplicationServices" connectionString="Server=(LOCAL); Database=MyDatabase;Integrated Security=True" providerName="System.Data.SqlClient" />
</connectionStrings>
and everything works fine.
I wish to know why the hell my web site uses connection string named: ApplicationServices and all books and online documentations uses LocalSqlServer? and how to change it to LocalSqlServer?
I have:
Windows 7
Sql Server 2008 R2
Visual Studio 2010 Premium
Project type is website
accidentally I have found my question answer when looking to web.config file.
if you override default machine.config configuration settings in web.config file you can change ASP.NET Configuration tool-s connection string name.
I got my web.config file from book-s code archive and it was the problem.
in web.config u can override which connection string name will be used for: membership, profile and roleManager.
to override membership use:
<membership>
<providers>
<clear/>
<add name="AspNetSqlMembershipProvider"
type="System.Web.Security.SqlMembershipProvider"
connectionStringName="LocalSqlServer"
enablePasswordRetrieval="false"
enablePasswordReset="true"
requiresQuestionAndAnswer="false"
requiresUniqueEmail="false"
maxInvalidPasswordAttempts="5"
minRequiredPasswordLength="6"
minRequiredNonalphanumericCharacters="0"
passwordAttemptWindow="10"
applicationName="/"/>
</providers>
</membership>
where connectionStringName is the name of connection string which will be used for storing membership data.
others are:
<profile>
<providers>
<clear/>
<add name="AspNetSqlProfileProvider"
type="System.Web.Profile.SqlProfileProvider"
connectionStringName="LocalSqlServer"
applicationName="/"/>
</providers>
</profile>
and
<roleManager enabled="true">
<providers>
<clear />
<add connectionStringName="LocalSqlServer" applicationName="/"
name="AspNetSqlRoleProvider" type="System.Web.Security.SqlRoleProvider" />
<add applicationName="/" name="AspNetWindowsTokenRoleProvider"
type="System.Web.Security.WindowsTokenRoleProvider" />
</providers>
</roleManager>