This tool is supposed to configure users and roles etc., but when I use it on a new web site, with a new aspnetdb database, it adds a record to the aspnet_Applications table with the ApplicationName and the LoweredApplicationName fields set to /. I think it would make more sense if it actually used the application name, i.e. the web site name. Can I safely just change the application name? Is there a better way of configuring these things?
If you do change the app name in the database - you need to update your web.config file also to reflect the change.
Everywhere you see something like:
<add name="MySqlMembershipProvider" connectionStringName="SiteDB" applicationName="/" type="System.Web.Security.SqlMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" enablePasswordReset="true" requiresQuestionAndAnswer="true"/>
your need to update the applicationName attribute: applicationName="/" with applicationName="your app name"
Related
In an ASP.NET website it is possible with a few short additions to the Web.Config section to add auto-magically wired properties to the user profile.
So for example with some XML like this.
<profile>
<providers>
<clear/>
<add name="AspNetSqlProfileProvider" connectionStringName="LocalSqlServer" applicationName="/" type="System.Web.Profile.SqlProfileProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"/>
</providers>
<properties>
<add name="Name" allowAnonymous="true"/>
<add name="VisitedOn" type="System.DateTime" allowAnonymous="true"/>
</properties>
</profile>
You would end up with the ability to do this. Without having to declare any further code.
Profile.Name = "Some Test Value";
Profile.VisitedOn = DateTime.Now;
Profile.Save();
I have attempted to duplicate this functionality in an ASP.NET Web App and can't even seem to find the base Profile declaration let alone the custom properties.
I have however found that System.Web.Profile.DefaultProfile.Properties does infact contain the custom declared properties I define in the Web.Config.
So where might I be going wrong? What is the process for getting auto wired properties in web apps working?
The properties are created during the Compilation of ASP.NET Web Application when the first request arrives.
Ref: ASP.NET Application Life Cycle Overview for IIS 5.0 and 6.0
Profile properties defined in the Web.config file If profile
properties are defined in the application's Web.config file, an
assembly is generated that contains a profile object.
You can hook into this Compilation by writing a custom BuildProvider and registering the same. This build provider can be used for generating the auto wired properties.
I have an application on AppHarbor, and I've finally gotten it to work. One thing that's eluded me though is getting my Membership provider to work. I'm using MongoLab for my database, and it works fine with the rest of my application. When, I I try to use Membership, I get this error:
Unable to connect to server localhost:27017: No connection could be made because the target machine actively refused it 127.0.0.1:27017.
And the offending line is in web.config:
<add name="MongoDBMembershipProvider" type="MongoDB.Web.Providers.MongoDBMembershipProvider"....
Could someone please shed some light on my situation?
As friism mentions, you need some code to read the connectionString from an appSetting. Thankfully osuritz has already done the work in a fork of MongoDB.Web on github.
You will need to download the above fork, build & change your existing dll reference to use the new dll.
Then...
change your config:
<appSettings>
<add key="MONGOLAB_URL" value="mongodb://localhost/ASPNETDB"/>
</appSettings>
... the above value will get replaced by appharbor/mongolab (and if you have other parts of the app that work, then this is correct)
<providers>
<clear />
<add name="MongoDBMembershipProvider" type="MongoDB.Web.Providers.MongoDBMembershipProvider"
applicationName="/" appSettingsConnectionStringKey="MONGOLAB_URL" collection="Users"
enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" requiresUniqueEmail="false"
maxInvalidPasswordAttempts="5" minRequiredPasswordLength="6" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10" />
</providers>
So in the above config, it has the appSettingsConnectionStringKey parameter. The code within the customised provider, reads the appSettingsConnectionStringKey value 'MONGOLAB_URL' and then uses that to read the ConfigurationManager.AppSettings["MONGOLAB_URL"] and it obviously, MUST match the appsetting Key name above.
In the <membership defaultProvider="MongoMember"><providers><add connectionStringName="foo"> you probably need to specify the name of the connectionstring that has you MongoLab connection. Unfortunately, that's not inserted in the connectionstrings element, it's in appSettings. You should probably figure out some way to get the provider to read the connectionstring out of appSettings.
Would suggest to use this project for your purpose http://extmongomembership.codeplex.com/. It supports using of AppHarbor out-of-the-box.
Just need to add useAppHarbor="true" to provider settings as written here https://extmongomembership.codeplex.com/wikipage?title=AppHarbor%20Integration&referringTitle=Documentation
Note: This is port of new Membership Provider that was presented in ASP.NET MVC4
I have a Sitecore site where I want to have website visitor accounts stored in an external asp.net membership database but keep Sitecore content editors/admins managed via the Sitecore interface (and hence stored in the 'Core' database).
I've read through the following forum post
http://sdn.sitecore.net/SDN5/Forum/ShowPost.aspx?postid=35305
in which the following documents are mentioned
http://sdn.sitecore.net/upload/sitecore6/62/membership_providers_sc62-a4.pdf
http://sdn.sitecore.net/upload/sitecore6/62/security_api_cookbook_sc60-62-a4.pdf
http://sdn.sitecore.net/upload/sdn5/modules/ad/low-level_sitecore_cms_security_and_custom_providers-a4.pdf
but none of these seem to provide a complete picture of what I need to do.
I've currently got the the <membership> section set up to use the 'switcher' provider (with a corresponding provider pointing to my membership DB) and the <roleManager> section also set up to use the switcher provider again with a corresponding provider pointing to said membership DB.
So far I have only succeeded in breaking the user manager in the Sitecore desktop (it throws either the exception Item has already been added. Key in dictionary: 'extranet\Anonymous' Key being added: 'extranet\Anonymous' if Sitecore has created the extranet\Anonymous account, or Object reference not set to an instance of an object. if I've deleted that user account.
As background information I'm using Sitecore 6.5 and the relevant section of my web config is as follows
<membership defaultProvider="switcher">
<providers>
<clear/>
<add name="sitecore"
type="Sitecore.Security.SitecoreMembershipProvider, Sitecore.Kernel"
realProviderName="myProvider"
providerWildcard="%"
raiseEvents="true"/>
<add name="sql"
type="System.Web.Security.SqlMembershipProvider"
connectionStringName="core"
applicationName="sitecore"
minRequiredPasswordLength="1"
minRequiredNonalphanumericCharacters="0"
requiresQuestionAndAnswer="false"
requiresUniqueEmail="false"
maxInvalidPasswordAttempts="256"/>
<add name="switcher"
type="Sitecore.Security.SwitchingMembershipProvider, Sitecore.Kernel"
applicationName="sitecore"
mappings="switchingProviders/membership"/>
<add name="myProvider"
type="System.Web.Security.SqlMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
applicationName="sitecore"
connectionStringName="myDatabase"
minRequiredPasswordLength="1"
minRequiredNonalphanumericCharacters="0"
requiresQuestionAndAnswer="false"
requiresUniqueEmail="false"
maxInvalidPasswordAttempts="10" />
</providers>
</membership>
<roleManager defaultProvider="switcher" enabled="true">
<providers>
<clear/>
<add name="sitecore"
type="Sitecore.Security.SitecoreRoleProvider, Sitecore.Kernel"
realProviderName="myProvider"
raiseEvents="true"/>
<add name="sql"
type="System.Web.Security.SqlRoleProvider"
connectionStringName="core"
applicationName="sitecore"/>
<add name="switcher"
type="Sitecore.Security.SwitchingRoleProvider, Sitecore.Kernel"
applicationName="sitecore"
mappings="switchingProviders/roleManager"/>
<add name="myProvider"
type="System.Web.Security.SqlRoleProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
applicationName="sitecore"
connectionStringName="myDatabase" />
</providers>
</roleManager>
The idea you should follow in the case of custom membership/role providers is similar to what AD module lists in its setup instructions. The entire process can be split into several steps:
Adding a connection string to connectionstrings.config
Adding membership/role provider definitions to the system.web section of web.config
Activating switchers
Creating a new domain for the users/roles from custom provider
Adding domain/provider mappings
Adding a connection string
This is pretty straightforward and it seems this is what you've done already. The point is to have a connection string to the database you can then reference from the custom providers.
Adding membership/role provider definitions
Another simple step - just add a membership provider definition (myProvider in your case) under system.web/membership/providers section in web.config, and add a role provider definition under system.web/roleManager/providers section. The order is not important. At this point, you do not modify any other provider definitions in the mentioned sections.
Activating switchers
This is where it becomes complicated. First off, DON'T CHANGE the #defaultProvider attribute value. It is 'sitecore' by default and it should stay as is. Instead, find the provider called "sitecore", and change its #realProviderName attribute value from 'sql' to 'switcher'.
The provider named "switcher" is responsible for all the magic behind switching the providers and combining the results of GetAll/Find methods.
Create a new domain
You should create a new domain for the users/role you'll take from your custom DB through your custom providers. Something like this:
<domain name="myDomain" ensureAnonymousUser="false"/>
The #ensureAnonymousUser attribute being set to false means that Sitecore won't add an anonymous user to your domain, so there won't be myDomain\Anonymous. This is usually the desired behavior for the custom domains.
Adding domain/provider mappings
This is the last step to let Sitecore know which domain is served with each provider. One provider can handle multiple domains (default Sitecore SQL provider stores the users from 'sitecore' and 'extranet' domains), but not vice versa.
So, open the main web.config file and browse to the configuration/sitecore/switchingProviders section. Add something like this for memberhip subsection:
<provider providerName="myProvider" storeFullNames="false" wildcard="%"
domains="myDomain" />
and the similar thing for roleManager subsection:
<provider providerName="myProvider" storeFullNames="false" wildcard="%"
domains="myDomain" />
After this, the users from your DB will be visible as 'myDomain\user' in UserManager, the same is true for roles. The #storeFullNames='false' means that your DB stores the users/roles without domain prefixes, just the local names. Wildcard should be the default value in case your custom source is SQL (which obviously is).
That's it, and now it should work! :-) The details of the steps above are described in this article.
I am just wondering
why did asp.net team choose / as the default value of Membership Role application name rather than the project name that makes sense?
In addition, the application might not be deployed as the root application. It means that / is no longer appropriate.
Edit 1:
For example: I create a project A first and deploy it. Later I create another project B and deploy it. If both projects use the default, they still work but it will be difficult to know which users come from each project.
For me, it is better if the default is set to the project name.
Edit 2:
I am talking about the applicationName attribute generated by Visual Studio in Web.config.
Why don't use the project name instead of / by default ?
<membership>
<providers>
<clear />
<add name="AspNetSqlMembershipProvider"
type="System.Web.Security.SqlMembershipProvider"
connectionStringName="ApplicationServices"
enablePasswordRetrieval="false"
enablePasswordReset="true"
requiresQuestionAndAnswer="false"
requiresUniqueEmail="false"
maxInvalidPasswordAttempts="5"
minRequiredPasswordLength="6"
minRequiredNonalphanumericCharacters="0"
passwordAttemptWindow="10"
applicationName="/" />
</providers>
</membership>
<profile>
<providers>
<clear />
<add name="AspNetSqlProfileProvider"
type="System.Web.Profile.SqlProfileProvider"
connectionStringName="ApplicationServices"
applicationName="/" />
</providers>
</profile>
<roleManager enabled="false">
<providers>
<clear />
<add name="AspNetSqlRoleProvider"
type="System.Web.Security.SqlRoleProvider"
connectionStringName="ApplicationServices"
applicationName="/" />
<add name="AspNetWindowsTokenRoleProvider"
type="System.Web.Security.WindowsTokenRoleProvider"
applicationName="/" />
</providers>
</roleManager>
EDIT 3:
After creating two applications (i.e., one as the root and the other one as the child app) and both have the same applicationName set to /, both application use the same ApplicationID. It means the slash has nothing to do with site domain tree. My confusion has been answered. So... why did Visual Studio set it to / (that makes confusion for me) by default?
EDIT 4:
I have two applications. One as the root application and the other one as the sub application under the former. Both use applicationName = "/". I got the result as follow in database: So what is the meaning of /? If no meaning, why did VS choose this confusing name rather than the project name?
EDIT 5:
From this article, I will make the summary:
If we remove applicationName attribute from web.config for both applications, the ApplicationName generated in database for the root will be "/" and the ApplicationName generated in database for the sub app will be "/subappvirtualdir".
If we leave the applicationName to its default value of "/" for both applications, both root app and sub app will get the same ApplicatonName of "/" generated in database.
If we change the applicationName to "any name you want" for both applications, the ApplicationName generated in database will be set to "any name you want" for both applications.
Thanks Rockin for the link above !
I'd say that the default name is / because your DB is not supposed to know anything about your app. Therefore it doesn't know the project name. They have to have some sort of starting point, and since they're not mind readers, you get a /.
Remember, since you can use Aspnet_regsql.exe to create your ASP.NET Membership Scheme in your database completely independent from Visual Studio, the database can't just "fix" the application name all on it's own. You can of course edit the app name in the database immediately after creating the db, then it doesn't matter anymore.
EDIT
I see in your edit that you're talking about the applicationName in the web.config, and not the one in the database. Please read this blog article (not mine) for some more insights
http://dotnettipoftheday.org/tips/applicationName_attribute.aspx
An application does not generally know or care what 'project' it came from. So that context likely would not be present.
And if your app isn't at the root, then rename it...
I've written a custom MembershipProvider that uses a custom database schema for storing the members, but I am having trouble figuring out how to deploy the provider. My target server is running IIS7, and I am able to navigate to a dialog for a adding a .NET User Provider, but instead of allowing me to select the assembly containing the provider & then the class, it provides a drop-down with a couple of MS written providers.
Do I need to drop my assembly in a specific location so that my MembershipProvider class is discovered by IIS? If so, what where does the .dll need to go? Otherwise, how do tell ASP.Net to use my MembershipProvider? Every example I've seen simply references the fully qualified class name, but makes no mention of how the file needs to be deployed.
If you look in the web.config file for your application, you should have a section called system.web. Within that there is a membership element with a list of providers. You should be able to add your provider and set a default provider there. Once your membership provider is registered in this way, you should be able to select it as a default for that application from IIS as well.
<system.web>
...
<membership defaultProvider="MyMembershipProvider"
userIsOnlineTimeWindow="15">
<providers>
<add name="MyMembershipProvider"
type="Common.Auth.MyMembershipProvider, Common"
connectionStringName="MyAuthDBConnectionString"
enablePasswordRetrieval="true"
enablePasswordReset="true"
requiresQuestionAndAnswer="true"
writeExceptionsToEventLog="false" />
</providers>
</membership>
...
</system.web>
The providers element allows you to register multiple providers to choose from. Another feature is that you can clear out membership providers registered in other configuration files on the machine. This can make configuring your application less error prone later on. To do so, add the <clear/> element before the first membership provider (the <add/> element) in the list.
<system.web>
...
<membership defaultProvider="MembershipProvider1">
<providers>
<clear />
<add name="MembershipProvider1" ... />
<add name="MembershipProvider2" ... />
</providers>
</membership>
...
</system.web>
If you want to register the same provider with multiple web applications just using IIS Manager, you will need to put the assembly in the GAC and add the provider to one of the machine config files instead. This is usually more work for little benefit when deploying a single application.