I'm having a spot of trouble with ASP.NET 4.0 memberships. I want to have all my membership configuration in my web.config file and not use machine.config. I am storing the membership in a remote SQL Server 2008 R2 database server called MYSERVER\A. Here's the relevant sections of web.config
<connectionStrings>
<clear/>
<add name="MarksDB" connectionString="Server=MYSQLSERVER\A;Database=test_d; Trusted_Connection=Yes; Application Name=MarksDB"/>
</connectionStrings>
<system.web>
<authorization>
<allow roles="Admins" />
<deny users="?" />
</authorization>
<authentication mode="Forms">
<forms name="MarksDB" />
</authentication>
<membership defaultProvider="MarksDBMembershipProvider">
<providers>
<clear/>
<add
name="MarksDBMembershipProvider"
type="System.Web.Security.SqlMembershipProvider, System.Web, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
connectionStringName="MarksDB"
enablePasswordRetrieval="false"
enablePasswordReset="true"
requiresQuestionAndAnswer="true"
applicationName="MarksDBMembershipProvider"
requiresUniqueEmail="false"
passwordFormat="Hashed"
maxInvalidPasswordAttempts="5"
minRequiredPasswordLength="7"
minRequiredNonalphanumericCharacters="1"
passwordAttemptWindow="10"
passwordStrengthRegularExpression=""/>
</providers>
</membership>
<roleManager enabled="true" defaultProvider="MarksDBRoleProvider">
<providers>
<clear/>
<add
name="MarksDBRoleProvider"
type="System.Web.Security.SqlRoleProvider, System.Web, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
connectionStringName="MarksDB"
applicationName="MarksDBRoleProvider"
/>
</providers>
</roleManager>
In Visual Studio 2010, when I go to WebSite->ASP.NET Configuration, and click Add User on the Security tab, I get this error:
An error was encountered. Please return to the previous page and try again.
The following message may help in diagnosing the problem: The connection name 'MarksDB' was not found in the applications configuration or the connection string is empty. at System.Web.Util.SecUtility.GetConnectionString(NameValueCollection config) at System.Web.Security.SqlMembershipProvider.Initialize(String name, NameValueCollection config) at System.Web.Configuration.ProvidersHelper.InstantiateProvider(ProviderSettings providerSettings, Type providerType)
I am not sure how to troubleshoot this problem. Any ideas?
You should use the applicationName attribute both in membership provider and in role manager to specify your application (because you could have another application using the same database). But you are specifying the Application Name in the connection string.
I believe you would remove the applicationName from membership provider and from role provider.
Related
I have ASP.NET webapplication on my local machine and SQL Server database on a server. I ran aspnet_regsql.exe on the server. After that I created admin role from ASP.NET administration tool. Also created one user with admin privileges. Under the security section in sql server, provided that user db_owner access. Now when I m trying to run my application, I m getting the below error,
Server Error in '/UBCAT' Application.
Login failed for user 'admin'.
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.
Exception Details: System.Data.SqlClient.SqlException: Login failed for user 'admin'.
Source Error:
Line 36:
Line 37: context.Logins.AddObject(login);
Line 38: context.SaveChanges();
Line 39: }
Line 40:
//Connection String:
<customErrors mode="Off"></customErrors>
<authentication mode="Forms">
<forms name="UBCATSqlAuthCookie" loginUrl="~/Account/Login.aspx"
timeout="60" />
</authentication>
<sessionState timeout="60" />
<membership defaultProvider="UBCATSqlMembershipProvider" userIsOnlineTimeWindow="60">
<providers>
<clear />
<add name="UBCATSqlMembershipProvider" type="System.Web.Security.SqlMembershipProvider" connectionStringName="UBCATDB" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" applicationName="UBCAT" requiresUniqueEmail="false" passwordFormat="Hashed" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="7" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10" />
</providers>
</membership>
<roleManager enabled="true" defaultProvider="UBCATSqlRoleProvider" cookieTimeout="60">
<providers>
<clear />
<add connectionStringName="UBCATDB" applicationName="UBCAT" name="UBCATSqlRoleProvider" type="System.Web.Security.SqlRoleProvider" />
</providers>
</roleManager>
<compilation debug="true" targetFramework="4.0">
<assemblies>
<add assembly="System.Security, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B03F5F7F11D50A3A" />
<add assembly="System.Data.Entity, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089" />
<add assembly="System.Data.Entity.Design, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089" />
</assemblies>
<buildProviders>
<add extension=".edmx" type="System.Data.Entity.Design.AspNet.EntityDesignerBuildProvider" />
</buildProviders>
</compilation>
First of all, you are using legacy Membership Provider. Here is the new ASP.NET Universal Providers which is backward compatible with legacy Membership Provider.
If you want the latest Membership Provider, you want to look at ASP.NET Identity which is not backward compatible with legacy Membership Provider.
Login failed for user 'admin'.
According to the error message, login credential for the SQL Server is not correct.
Any help appreciated!
What is needed so that the Login.aspx page is using the database as shown through the MyDatabaseConnection
I created an ASP.NET Web Forms application
Configured SQL Server Membership Provider (or so I thought) in the main web.config.
Added MyDatabaseConnection:
<connectionStrings>
<add name="DefaultConnection"
providerName="System.Data.SqlClient"
connectionString="Data Source=(LocalDb)\v11.0;Initial Catalog=aspnet-VideoProject-20131115191757;Integrated Security=SSPI;AttachDBFilename=|DataDirectory|\aspnet-VideoProject-20131115191757.mdf"/>
<add name="MyDatabaseConnection"
providerName="System.Data.SqlClient"
connectionString="Data Source=(LocalDb)\v11.0;Initial Catalog=videolibrary;Integrated Security=SSPI;AttachDBFilename=|DataDirectory|\videolibrary.mdf"/>
</connectionStrings>
MyDatabaseConnection points to the desired database that already has the tables, users and passwords configured (not by me).
<authentication mode="Forms">
<forms loginUrl="~/Account/Login" timeout="2880" defaultUrl="~/"/>
</authentication>
...
<membership defaultProvider="DefaultMembershipProvider">
<providers>
<add name="DefaultMembershipProvider" type="System.Web.Providers.DefaultMembershipProvider, System.Web.Providers, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" connectionStringName="MyDatabaseConnection" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" requiresUniqueEmail="false" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="6" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10" applicationName="/"/>
</providers>
</membership>
Created Secure.aspx in Secure folder.
Created web.config in the Secure folder with
<?xml version="1.0"?>
<configuration>
<system.web>
<authorization>
<deny users="?" />
</authorization>
</system.web>
</configuration>
Using Project\ASP.NET Configuration, I added a user TestAccount.
Added a link in the application that points to Secure.aspx.
When debugging the application, I select the link that points to Secure.aspx. Through login.aspx, I can login as TestAccount and the Secure.aspx page is displayed as expected.
When I use a login user/password from the MyDatabaseConnection database, it fails. That is, login is unsuccessful. It is not looking at this database but I do not know what else is needed for the login.aspx page to use it?
After this, I tried adding AspNetSqlMembershipProvider in the following of the main web.config:
<membership defaultProvider="DefaultMembershipProvider">
<providers>
<add name ="AspNetSqlMembershipProvider"
type="System.Web.Security.SqlMembershipProvider"
connectionStringName="MyDatabaseConnection"
applicationName="/" />
<add name="DefaultMembershipProvider" type="System.Web.Providers.DefaultMembershipProvider, System.Web.Providers, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" connectionStringName="MyDatabaseConnection" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" requiresUniqueEmail="false" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="6" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10" applicationName="/"/>
</providers>
</membership>
but received the following error immediately after trying to login:
Parser Error Message: The entry 'AspNetSqlMembershipProvider' has already been added.
Source Error:
Line 31:
Line 32:
Line 33:
Line 34: type="System.Web.Security.SqlMembershipProvider"
Line 35: connectionStringName="MyDatabaseConnection"
I searched for AspNetSqlMembershipProvider elsewhere (since said already used) within the web.config and did not see it. Note: Unfortunately, I could not use code formatting adequately due to issues using it.
Thanks,
Buck
I can't seem to create the aspnetdb.mdf via the Web Site Administration Tool.
I am using SQL Express 2008 and Visual Studio Web Developer 2010 Express.
I get following error in the Administration Tool:
There is a problem with your selected data store. This can be caused
by an invalid server name or credentials, or by insufficient
permission. It can also be caused by the role manager feature not
being enabled. Click the button below to be redirected to a page where
you can choose a new data store.
The following message may help in diagnosing the problem: An error
occurred during the execution of the SQL file 'InstallCommon.sql'. The
SQL error number is 5170 and the SqlException message is: Cannot
create file 'C:\USERS**\DOCUMENTS\VISUAL STUDIO
2010\WEBSITES\BUGZ-B-GONE\APP_DATA\ASPNETDB_TMP.MDF' because it
already exists. Change the file path or the file name, and retry the
operation. CREATE DATABASE failed. Some file names listed could not be
created. Check related errors. Creating the
ASPNETDB_97c73957a1fb4a189ccca0449aa7d754 database...
I also get this error when I delete the mdf file or change the path.
Underneath is the web.config file:
<configuration>
<connectionStrings>
<add name="ApplicationServices" connectionString="data source=.\SQLEXPRESS;Integrated Security=SSPI;AttachDBFilename=|DataDirectory|\aspnetdb.mdf;User Instance=true" providerName="System.Data.SqlClient"/>
<add name="DATABASEConnectionString" connectionString="Data Source=.\SQLEXPRESS;AttachDbFilename=|DataDirectory|\DATABASE.mdf;Integrated Security=True;User Instance=True" providerName="System.Data.SqlClient"/>
</connectionStrings>
<system.web>
<compilation debug="true" targetFramework="4.0">
<assemblies>
<add assembly="System.Data.Linq, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/>
</assemblies>
</compilation>
<authentication mode="Forms">
<forms loginUrl="~/Account/Login.aspx" timeout="2880"/>
</authentication>
<membership>
<providers>
<clear/>
<add name="AspNetSqlMembershipProvider" type="System.Web.Security.SqlMembershipProvider" connectionStringName="ApplicationServices" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" requiresUniqueEmail="false" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="6" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10" applicationName="/"/>
</providers>
</membership>
<profile>
<providers>
<clear/>
<add name="AspNetSqlProfileProvider" type="System.Web.Profile.SqlProfileProvider" connectionStringName="ApplicationServices" applicationName="/"/>
</providers>
</profile>
<roleManager enabled="true">
<providers>
<clear />
<add connectionStringName="ApplicationServices" applicationName="/"
name="AspNetSqlRoleProvider" type="System.Web.Security.SqlRoleProvider" />
<add applicationName="/" name="AspNetWindowsTokenRoleProvider"
type="System.Web.Security.WindowsTokenRoleProvider" />
</providers>
</roleManager>
</system.web>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true"/>
</system.webServer>
</configuration>
Your error says that the database is already present, so first delete it and then run WSAT. If not works then delete your web.config and add a new config file to your project and then run WSAT and add the aspnetdb database.
Also you can try aspnet_regsql
Path: C:\Windows\Microsoft.NET\Framework\v4.0.30319
Run it, then you can add or remove AspNet database tables from your database.
Read more detail on MSDN
So, I am converting an application from integrated security to forms authentication using the built-in membership provider and having the most bizarre behavior. Initially, I used the default sqlexpress configuration where it creates an aspnetdb.mdf file in your App_Data folder.
However, I wanted to move this to my SQL Server and did so by creating the procedures and tables in an SQL Server database and pointed my provider at that database. And yet, when I would run the Web Site Administration Tool, it would not look at the SQL Server.
It keeps creating an aspnetdb.mdf file and using that, even though my application appeared to be properly hitting the SQL database. Finally, I turned off the SQLEXPRESS service, and now is where the really odd bit happens.
Login works fine - Membership.Provider.ValidateUser(LoginUser.UserName, LoginUser.Password) returns true. However, when an IsInRole call is made, it times out failing to connect to the database. Clearly, it is trying to connect to the SQLEXPRESS database. I have restarted IIS, restarted the database service to no avail.
Is this not the right place to tell the membership service what database to hit:
<connectionStrings>
<add name="MyConnection" connectionString="user id=myuser;password=mypassword;data source=SERVER\INSTANCE;initial catalog=mycatalog;"/>
</connectionStrings>
<system.web>
<authentication mode="Forms">
<forms name="formsauth" protection="None" path="/" loginUrl="~/Account/Login.aspx" cookieless="UseCookies"/>
</authentication>
<roleManager enabled="true" />
<membership>
<providers>
<remove name="AspNetSqlMembershipProvider"/>
<add name="AspNetSqlMembershipProvider"
type="System.Web.Security.SqlMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
connectionStringName="MyConnection"
enablePasswordRetrieval="false"
enablePasswordReset="true"
requiresQuestionAndAnswer="false"
applicationName="/MyApp"
requiresUniqueEmail="false"
minRequiredPasswordLength="6"
minRequiredNonalphanumericCharacters="0"
passwordFormat="Hashed"
maxInvalidPasswordAttempts="5"
passwordAttemptWindow="10"
passwordStrengthRegularExpression=""
/>
</providers>
First and foremost, the reason why the aspnetdb.mdf is being created is because you're using the ASP.NET Configuration Tool. It only works for the SQL Express instance. It can't be used on a fully fledged SQL Server. For that, you'll essentially need to re-create the administration panel within your own application.
If you wish to use Roles under the local SQL Server, you'll need to configure your web.config to point to your SQL Server for the role provider as well. By default it points to the aspnetdb.mdf file that the Membership provider also points to.
For example:
<system.web>
<roleManager defaultProvider="SqlRoleProvider" enabled="true">
<providers>
<clear />
<add name="SqlRoleProvider"
type="System.Web.Security.SqlRoleProvider"
connectionStringName="MyConnection"/> <!--- Point this to your sql server -->
</providers>
</roleManager>
</system.web>
For you it would look something like this:
<configuration>
<connectionStrings>
<add name="MyConnection" connectionString="user id=myuser;password=mypassword;data source=SERVER\INSTANCE;initial catalog=mycatalog;"/>
</connectionStrings>
<system.web>
<authentication mode="Forms">
<forms name="formsauth" protection="None" path="/" loginUrl="~/Account/Login.aspx" cookieless="UseCookies"/>
</authentication>
<membership>
<providers>
<remove name="AspNetSqlMembershipProvider"/>
<add name="AspNetSqlMembershipProvider"
type="System.Web.Security.SqlMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
connectionStringName="MyConnection"
enablePasswordRetrieval="false"
enablePasswordReset="true"
requiresQuestionAndAnswer="false"
applicationName="/MyApp"
requiresUniqueEmail="false"
minRequiredPasswordLength="6"
minRequiredNonalphanumericCharacters="0"
passwordFormat="Hashed"
maxInvalidPasswordAttempts="5"
passwordAttemptWindow="10"
passwordStrengthRegularExpression=""/>
</providers>
</membership>
<roleManager defaultProvider="SqlRoleProvider" enabled="true">
<providers>
<clear />
<add name="SqlRoleProvider"
type="System.Web.Security.SqlRoleProvider"
connectionStringName="MyConnection"/> <!--- Point this to your sql server -->
</providers>
</roleManager>
</system.web>
</configuration>
See here for more details: Membership and Role Provider
I use this Web.Config file.
If I use Web Site Administration Tools as "Web Site" all is working great.
If I use the same script as "Web Application" I receive and error in tab "Security".
Error:
"There is a problem with your selected data store. This can be caused by an invalid server name or credentials, or by insufficient permission. It can also be caused by the role manager feature not being enabled. Click the button below to be redirected to a page where you can choose a new data store.
The following message may help in diagnosing the problem: Failed to start monitoring changes to 'Z:\MSDOS_DOCUMENTS_SETTINGS\SWN-Working\Projects-Cms\Cms-Application-ProtoTypes\Admin-RolesPermissions\ProtoType-Rules\ProtoType-Rules'. "
I really do not know what I am doing wrong. Could you please advice me? Thanks for your support!
<?xml version="1.0"?>
<!--
For more information on how to configure your ASP.NET application, please visit
http://go.microsoft.com/fwlink/?LinkId=169433
-->
<configuration>
<connectionStrings>
<add name="CmsConnectionString"
connectionString="Data Source=.;Initial Catalog=DbCmsWebsiteTest;Integrated Security=SSPI" />
</connectionStrings>
<system.web>
<compilation debug="true" targetFramework="4.0"/>
<roleManager enabled="true" cacheRolesInCookie="true">
<providers>
<clear/>
<add name="AspNetSqlRoleProvider"
connectionStringName="CmsConnectionString"
applicationName="/"
type="System.Web.Security.SqlRoleProvider, System.Web, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
</providers>
</roleManager>
<membership>
<providers>
<clear/>
<add name="AspNetSqlMembershipProvider"
connectionStringName="CmsConnectionString"
applicationName="/"
type="System.Web.Security.SqlMembershipProvider, System.Web, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
enablePasswordRetrieval="false"
enablePasswordReset="true"
requiresQuestionAndAnswer="true"
requiresUniqueEmail="false"
passwordFormat="Hashed"
maxInvalidPasswordAttempts="5"
minRequiredPasswordLength="7"
minRequiredNonalphanumericCharacters="1"
passwordAttemptWindow="10"
passwordStrengthRegularExpression=""/>
</providers>
</membership>
</system.web>
</configuration>
I found out solution to my problems.
Solution it is here
http://support.microsoft.com/kb/317955