Why is ASP.NET ignoring my Membership connection string? - asp.net

I have an ASP.NET app using built-in Membership functionality. As such, I have a connection string in my web.config that looks like this:
<add name="MembershipSqlServer" connectionString="Data Source=servername;Database=aspnetdb;uid=user;pwd=password;" />
When working on my dev machine, everything is peachy keen. But when I move things to the web server (which also happens to run the SQL Server), I get this error when User.IsInRole() is called:
System.Data.SqlClient.SqlException: Login failed for user 'NT AUTHORITY\NETWORK SERVICE'.
F$%*&!! Why is it attempting to connect in this way? Why isn't it using user/password from the connection string? Web.config is identical on dev and server, I am using the DB on the server during development.

OK, I figured it out... only 35 minutes. :P
Long story short: There are two parts to asp.net membership… a membership provider and a ROLE provider. Why you’d ever want these two things separated, I don’t know… But my web.config wasn’t specifying the role provider and connection string, so it was defaulting to the settings in machine.config (aka LocalSqlServer connection string).
So all this time, my app users were on the server... but the roles were stored in a local .MDF file in App_Data. Ugh.

What does the membership providers section in your web.config look like? Is it possible that you left out the connectionStringName attribute? In which case, I believe it would be trying to connect to the database on your local machine using integrated security.
The membership providers section in your web.config should look something like:
<membership defaultProvider="SqlProvider">
<providers>
<add
name="SqlProvider"
type="System.Web.Security.SqlMembershipProvider"
connectionStringName="MembershipSqlServer"
...
/>
</providers>
</membership>

Do you see this <authentication mode="Windows" /> in your web.config? And your other connectionString uses Integrated Security=True; On your Sql server in order to use windows authentication you must have a Login(on the server) for the windows user or group as well as have an associated user in the database.
The simple but not suggested fix would be to create a login for 'NT AUTHORITY\NETWORK SERVICE'
on you sql server and then a user in your specific database for that maps to that login.
The secure way is to do this for each of the network security groups that need to access the sql server so you can manage the group permissions independently.

i think the answer is that :
public static string ConnectionString(SPSite site)
{
var connectionStringField = BaseMembershipProvider(site).GetType().GetField("_sqlConnectionString", BindingFlags.Instance | BindingFlags.NonPublic);
if (connectionStringField != null)
{
return connectionStringField.GetValue(BaseMembershipProvider(site)).ToString();
}
else
{
return "";
}
}
it worked for me with out any Error
thanks babania

Related

How to connect ASP.NET app to remote SQL Server

I need help connecting my Web App to a remote database (SQL Server).
I have tried many suggested solutions but I can't seem to come right.
This is how I connect to a local database, it works 100%:
<add name="DBCS" connectionString="Data Source=serverName;Initial Catalog=MVNE_Website;Integrated Security=True" providerName="System.Data.SqlClient" />
My ASP.NET Web App is hosted on one server, and the database is on a separate server.
The remote DB server is 100% configured to allow remote connections and firewall rules also adhere to the connection protocols. I think it is just my connection string that is incorrect but I don't know why??
Here it is(conn string for remote SQL server)
<add name="DBCS" connectionString="server=serverIP\serverName; database=MVNE_Website; Integrated Security=True" providerName="System.Data.SqlClient" />
I don't use a username or password when connecting to this remote SQL Server so I did not see a point in adding it in the conn string?
There can be a few reasons why this will not work. Here are 2 common ones:
Your web application will pass the username the application pool is running under, (which by default is some system user) to SQL Server. Change this to be a service account which has access to SQL Server.
If you are hopping across 2 or more servers to pass the credentials between IIS and SQL Server, you may need to implement Kerberos, which is a way to preserve the credentials. This is a complex network configuration thing.
Check point 1 first.
:/
In my web.config file custom errors mode was on RemoteOnly, so I turned it off and saw that my connection string was never the problem, the actual problem was that the app was trying to insert null into a primary key field that does not allow null, i never set the PK to auto increment
.. sorry and thanks

Integrated Security=true is trying to log me with my windows credentials even though I want to use SQL authentication

I'm working on ASP.NET Web Forms application, using standard ADO.NET for quering the database. Since today I've been developing on my local machine, using local resources (including local isntance of SQL Server 2008) and I use a very simple connections string plus Windows auth to connect to my database:
<add name="MyConn" connectionString="Data Source=MY-PC\SQLEXPRESS;Initial
Catalog=MyDataBaseName;Integrated Security=true;"/>
But today I wanted to remove to a remote SQL SERVER so I changed my connection string accordingly:
<add name="MyConn" connectionString="Data Source=TheRemoteServer;
Initial Catalog=MyDataBaseName;User Id=MyId;Password=MyPassword;
Integrated Security=true;"/>
and when I try to connect to the database, when I reach :
try
{
connection.Open();
I get an error that connection can not be established for user and here come my Windows user instead the ID I've provided in the connection string. However if I set Integrated Security=false; (to False) everything starts working. I don't know why. It seems strange and since it obviously has something to do with security I'm bothered leaving it like that. So what are my options here?
Integrated Security:
When false, User ID and Password are specified in the connection. When true, the current Windows account credentials are used for authentication.
Recognized values are true, false, yes, no, and sspi (strongly recommended), which is equivalent to true.
If User ID and Password are specified and Integrated Security is set to true, the User ID and Password will be ignored and Integrated Security will be used.
SqlCredential is a more secure way to specify credentials for a connection that uses SQL Server Authentication (Integrated Security=false).
SQL Credential
Just use the following:
<add name="MyConn" connectionString="Data Source=TheRemoteServer;
Initial Catalog=MyDataBaseName;User Id=MyId;Password=MyPassword;"/>
or
<add name="MyConn" ConnectionString="Server=myServerName\myInstanceName;
Database=myDataBase;User Id=MyId;Password=myPassword;"/>

Proper format for SQL Server Connection String on 1and1.com

I have spent several hours trying to search this on the web in addition to calling and emailing support at 1and1.com web hosting with no success.
I have ASP.NET pages which connect to MS SQL Server database using the entity framework. On my local machine, all works fine (naturally). However, when I modify the connection string in my web.config to point to my SQL Server database on 1and1.com, I get the following error:
"Unable to load the specified metadata resource."
Here's my current connection string (as defined in my web.config file):
<add name="TimeDataLicenseEntities"
providerName="System.Data.EntityClient"
connectionString="metadata=res://*/
Model1.csdl|res://*/
Model1.ssdl|res://*/
Model1.msl;
provider=System.Data.SqlClient;
provider connection string="
data source=dbXXXX.db.1and1.com,1433;
Integrated Security=false;
initial catalog=database_name;
user id=dboXXXX;
password=valid_password;multipleactiveresultsets=True"" />
(Please note that where there are 'XXXX' the values are different in the actual config file as well as for 'database_name' and 'valid_password')
I'm using the Entity Framework in the code so I'd prefer solutions that correct the content of my web.config file.
Here is what ended up working for me:
<add name="TimeDataLicenseEntities"
providerName="System.Data.EntityClient"
connectionString="metadata=
res://<assemblyname>/Model1.csdl|
res://<assemblyname>/Model1.ssdl|
res://<assemblyname/Model1.msl;
provider=System.Data.SqlClient;
provider connection string="
data source=dbXXXX.db.1and1.com,1433;
Integrated Security=false;
initial catalog=database_name;
user id=dboXXXX;
password=valid_password;
multipleactiveresultsets=True"" />
By including the assemblyname for my code in the sections above (the brackets ('<' and '>') should not be included), I was able to finally get it to work.
Thanks all for your assistance.
Here is what actually works on 1and1 server from ASP.NET Code first design. So, simply replace your serverName, DatabaseName, UserID, and Password.
<add name="DefaultConnection"
connectionString="Data Source=dbXXX.db.1and1.com,1433;Initial Catalog=dbYYYYY;Integrated Security=False;user id=dboZZZZZ;password=YOURDBPASSWORD;MultipleActiveResultSets=True;Application Name=EntityFramework"
providerName="System.Data.SqlClient" />
Hope this can help anyone looking to use 1and1 asp.net server since their customer service is pretty useless.

ASP.Net Membership SQL Server

I've just run the aspnet_regsql tool and setup aspnetdb on a test server. I've setup the Membership stuff in web.config, and I'm trying to administer it via "Project -> ASP.net Configuration" menu item in Visual Studio 2008.
The first few pages pull up just fine -- the default page and the security page. It shows me that I have 0 users and 0 roles. I was able to click on "Enable Role Manager" or whatever it said. In my connection string I'm connecting as the sa user.
When I click on "Create or Manage Roles" I get an error: "A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible." etc, about how the server may not be reachable.
Well, I think it is able to get to the server since it shows me that I have 0 users and roles. If it was unable to get there, in past experience, it would show blank instead of 0.
I know that there are many stored procs and functions installed in SQL to support membership, so is it possible that the sa user doesn't have the rights to execute these things? How would I check? I'm really not good at SQL security, as is evidenced by me using the SA username and password.
Any ideas?
according to my experience this thing is impossible. but if you insist on it you can check it your self .
check that sa user have the ASPNETDB owner privilege(by default sa user have all database owner privilege)
good luck dude
http://forums.asp.net/t/978442.aspx/1
Most of the way down the page, here is the code you need to have in your web.config
<roleManager enabled="true" defaultProvider="SqlRoleProvider">
<providers>
<clear/>
<add name="SqlRoleProvider" applicationName="TestItAll" connectionStringName="aspnetdbConnectionString" type="System.Web.Security.SqlRoleProvider"/>
</providers>
</roleManager>

SQL Express connection string hell ASP.Net

SQL Express 2005 is running locally. I have a project written by another person running on the same machine. All I want to do is connect to it, can't be that hard right?
This is the one I use in my old classic ASP code to hit another database running on the same instance:
Provider=SQLOLEDB;Data Source=MYLAPTOP\MSSMLBIZ;Persist Security Info=True;User ID=TestUser;Password=letmein;Initial Catalog=TestDB
But trying a version of that makes the .net code throw a wobbler as he's written it using SQLServer drivers so its not liking the Provider stuff.
Here is the orginal connection string from his code:
Server=(local);Initial Catalog=TheDatabase;User Id=TheUser;Password=ThePassword;
I've been to http://www.connectionstrings.com/sql-server-2005 and tried several of the options from there, these all get "SQL Server does not exist or access denied" (what a lovely mixed error message that is!):
Data Source=localhost;Integrated Security=True;Initial Catalog=TheDatabase
Data Source=localhost\SQLEXPRESS;Integrated Security=True;Initial Catalog=TheDatabase
Data Source=MyLaptop\SQLEXPRESS;Integrated Security=True;Initial Catalog=TheDatabase
Server=MyLaptop\SQLEXPRESS;Initial Catalog=TheDatabase;User Id=TheUser;Password=ThePassword;
I've created logins for MyLaptop/IUSR_MyLaptop, MyLaptop/ASPNET, MyLaptop/IWAM_MyLaptop in SQL Express and given them all read/write permissions to my DB and set their default DB to be TheDatabase.
What the heck am I doing wrong and how can I debug the problem some more?
UPDATE: Special Thanks to Chris for all his pointers, got there in the end, if you are having similar problem please read all the comments there are lots of links and tips on how to track them down.
Can you advise exactly what is in the config?
Are you using the block - in which case a valid connection string would be:
<add name="connection" providerName="System.Data.SqlClient" connectionString="Data Source=localhost\MSSMLBIZ;Initial Catalog=TheDatabase;Integrated Security=True" />
or
<add name="connection" providerName="System.Data.SqlClient" connectionString="Data Source=localhost\MSSMLBIZ;Initial Catalog=TheDatabase;Integrated Security=False;User Id=TheUser;Password=ThePassword;Application Name=AppName;" />
Or are you getting the connection string from app settings - in which case I guess your provider is set in code inside the app itself?
With that error message in your comment you should run through the items in http://blogs.msdn.com/sql_protocols/archive/2007/05/13/sql-network-interfaces-error-26-error-locating-server-instance-specified.aspx
I presume the instance is running and does allow connections over tcpip?
Shouldn't your datasource read: Data Source=localhost\sqlexpress too?
You don't mention granting rights for 'TheUser' to access the database on the server - if you're restored from another server you may had a sid mismatch.
Try running
sp_update_users_login 'report'
against the db in question.
If it returns the user account in the report try:
sp_update_users_login 'update_one', 'theuser', 'theuser'
to remap things.

Resources