Hello,

I'm using the membership provider and login control (.net 2.0) in Visual Studio 2005 and cannot determine why the login is failing. When I debug the LoginError event, I see that the user is approved, the user is online, and the user is not locked. What other error conditions could be preventing the user from logging in? Thanks.

Mike

Maybe the roleprovider. Does he has the fitting roles to login?? 

try this

protected void Login1_LoginError(object sender, EventArgs e)
    {
        //There was a problem logging in the user 

        //See if this user exists in the database 
        MembershipUser userInfo = Membership.GetUser(Login1.UserName);

        if (userInfo == null)
        {
            //The user entered an invalid username... 

            Login1.FailureText = "There is no user in the database with the username " + Login1.UserName;
        }
        else
        {
            //See if the user is locked out or not approved 
            if (!userInfo.IsApproved)
            {

                Login1.FailureText = "Your account has not yet been approved by the site's administrators. Please try again later...";
            }
            else if (userInfo.IsLockedOut)
            {
                Login1.FailureText = "Your account has been locked out because of a maximum number of incorrect login attempts. You will NOT be able to login until you contact a site administrator and have your account unlocked.";
            }
            else
            {
                //The password was incorrect (don't show anything, the Login control already describes the problem) 
                Login1.FailureText = string.Empty;
            }
        } 
    }

Yasserzaid, thanks, but I've already done that. The code you posted is how I determined that the user has been approved, is online, and isn't locked out. Yet, the user is still not able to log in?

ArminStockner:

Maybe the roleprovider. Does he has the fitting roles to login?? 

I have roles disabled.

 Do you have SQL Express 2005 because by default VS 2005 use this version to create the database. If you don't have it create the database on your own with the tool aspnet_regsql.exe. Then point to the db in web.config with the membership section which you can find in the machine.config file.

I'm using a SQL Server 2005 database. I ran aspnet_regsql.exe to load the aspnet membership database objects into an existing database.

 
I should mention that I've successfully used the membership provider controls on new websites without a problem on previous projects. However, this is the first time I've tried to incorporate the membership controls and database into an existing website. It doesn't appear to work very well in that scenario. I'm going to try deleting all of the aspnet membership objects in the database and then run aspnet_regsql.exe again.

So do you have an existing section <Membership> in your web.config? Post it shortly.

And where is your database? And does the database exist? 

ArminStockner:

So do you have an existing section <Membership> in your web.config? Post it shortly.

And where is your database? And does the database exist? 

 The database works fine and is located on the same computer as the website application. Below is part of the web.config file...

<connectionStrings>
        <remove name="LocalSqlServer"/>
        <add name="LocalSqlServer" connectionString="Data Source=localhost;Initial Catalog=INVENTORY;workstation id=ASPNET;Integrated Security=True" providerName="System.Data.SqlClient"/>
    </connectionStrings>
   
    <system.web>
  <identity impersonate="true"/>
       
        <compilation defaultLanguage="vb" debug="true">
            <compilers>
                <compiler language="vb" type="Microsoft.VisualBasic.VBCodeProvider, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089" extension=".VB" compilerOptions="/define:Debug=True /define:Trace=True /imports:Microsoft.VisualBasic,System,System.Collections,System.Configuration,System.Data,System.Drawing,System.Web,System.Web.UI,System.Web.UI.HtmlControls,System.Web.UI.WebControls"/></compilers></compilation>
       
        <customErrors mode="Off" defaultRedirect="errorpage.aspx">
        </customErrors>
       
        <authentication mode="Forms" />
        <!--  AUTHORIZATION
         
    -->

        <membership defaultProvider="SqlProvider" userIsOnlineTimeWindow="15">
            <providers>
                <clear/>
                <add name="SqlProvider" type="System.Web.Security.SqlMembershipProvider"   minRequiredPasswordLength="5" minRequiredNonalphanumericCharacters="0" connectionStringName="LocalSqlServer" applicationName="Thornwood" enablePasswordRetrieval="true" enablePasswordReset="true" requiresQuestionAndAnswer="false" requiresUniqueEmail="true" passwordFormat="Encrypted"/>
            </providers>
        </membership>
        <machineKey validationKey='54C80D2111F39CDB41692E097F017FA461E6D8C5E664B50949E1EAEE4B9387E51690BB82B30CA2DDF159637DDA04E94C7D830BD75202C2A7B3B4461A77C9F274' decryptionKey='C48FFDCBF6244851EF1F5F5451AB54337CB9F40B6ECAFEE9' validation='SHA1'/>


        <authorization>
            <allow users="?"/>
            <!-- Allow all users -->
            <!--  <allow     users="[comma separated list of users]"
                             roles="[comma separated list of roles]"/>
                  <deny      users="[comma separated list of users]"
                             roles="[comma separated list of roles]"/>
            -->
        </authorization>

Oddly enough, if I write my own login button code as shown below, everything works correctly. For some reason the Visual Studio login control isn't working?

Protected Sub Button1_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles Button1.Click
        If Membership.ValidateUser(Login1.UserName, Login1.Password) = True Then
            FormsAuthentication.RedirectFromLoginPage(Login1.UserName, False)
        Else
            Me.Label1.Text = "Login failed."
        End If
End Sub

Hi

For investigation, could you paste all the login code(.aspx and .vb) so that we can find some clue?

XiaoYong Dai – MSFT:

Hi

For investigation, could you paste all the login code(.aspx and .vb) so that we can find some clue?

Here is the markup code for the login control. I don't have any code written for the login control's authenticate method. Thanks.

<asp:Login ID="Login1" runat="server" BackColor="#EFF3FB" BorderColor="#B5C7DE" BorderPadding="4"
                    BorderStyle="Solid" BorderWidth="1px" DestinationPageUrl="~/secure/download.aspx"
                    Font-Names="Verdana" Font-Size="0.8em" ForeColor="#333333" InstructionText="* Required"
                    PasswordRecoveryText="Forget password?" PasswordRecoveryUrl="~/passwordrecovery.aspx"
                    TitleText="Dealer Login" UserName="Enter email address" Width="243px">
                    <TitleTextStyle BackColor="#507CD1" Font-Bold="True" Font-Size="0.9em" ForeColor="White" />
                    <InstructionTextStyle Font-Italic="True" ForeColor="Red" HorizontalAlign="Center" />
                    <TextBoxStyle Font-Size="0.8em" />
                    <LoginButtonStyle BackColor="White" BorderColor="#507CD1" BorderStyle="Solid" BorderWidth="1px"
                        Font-Names="Verdana" Font-Size="0.8em" ForeColor="#284E98" />
                </asp:Login>

Hi

I guess you may take the work around like said in preview post:

mike@tfm:

if I write my own login button code as shown below, everything works correctly

<asp:Login ID="Login2" runat="server" BackColor="#EFF3FB" BorderColor="#B5C7DE" BorderPadding="4"
                    BorderStyle="Solid" BorderWidth="1px" DestinationPageUrl="~/secure/download.aspx"
                    Font-Names="Verdana" Font-Size="0.8em" ForeColor="#333333" InstructionText="* Required"
                    PasswordRecoveryText="Forget password?" PasswordRecoveryUrl="~/passwordrecovery.aspx"
                    TitleText="Dealer Login" UserName="Enter email address" Width="243px">
                    <TitleTextStyle BackColor="#507CD1" Font-Bold="True" Font-Size="0.9em" ForeColor="White" />
                    <LayoutTemplate>
                        <table border="0" cellpadding="4" cellspacing="0" 
                            style="border-collapse:collapse;">
                            <tr>
                                <td>
                                    <table border="0" cellpadding="0" style="width:243px;">
                                        <tr>
                                            <td align="center" colspan="2" 
                                                style="color:White;background-color:#507CD1;font-size:0.9em;font-weight:bold;">
                                                Dealer Login</td>
                                        </tr>
                                        <tr>
                                            <td align="center" colspan="2" style="color:Red;font-style:italic;">
                                                * Required</td>
                                        </tr>
                                        <tr>
                                            <td align="right">
                                                <asp:Label ID="UserNameLabel" runat="server" AssociatedControlID="UserName">User 
                                                Name:</asp:Label>
                                            </td>
                                            <td>
                                                <asp:TextBox ID="UserName" runat="server" Font-Size="0.8em">Enter email address</asp:TextBox>
                                                <asp:RequiredFieldValidator ID="UserNameRequired" runat="server" 
                                                    ControlToValidate="UserName" ErrorMessage="User Name is required." 
                                                    ToolTip="User Name is required." ValidationGroup="Login2">*</asp:RequiredFieldValidator>
                                            </td>
                                        </tr>
                                        <tr>
                                            <td align="right">
                                                <asp:Label ID="PasswordLabel" runat="server" AssociatedControlID="Password">Password:</asp:Label>
                                            </td>
                                            <td>
                                                <asp:TextBox ID="Password" runat="server" Font-Size="0.8em" TextMode="Password"></asp:TextBox>
                                                <asp:RequiredFieldValidator ID="PasswordRequired" runat="server" 
                                                    ControlToValidate="Password" ErrorMessage="Password is required." 
                                                    ToolTip="Password is required." ValidationGroup="Login2">*</asp:RequiredFieldValidator>
                                            </td>
                                        </tr>
                                        <tr>
                                            <td colspan="2">
                                                <asp:CheckBox ID="RememberMe" runat="server" Text="Remember me next time." />
                                            </td>
                                        </tr>
                                        <tr>
                                            <td align="center" colspan="2" style="color:Red;">
                                                <asp:Literal ID="FailureText" runat="server" EnableViewState="False"></asp:Literal>
                                            </td>
                                        </tr>
                                        <tr>
                                            <td align="right" colspan="2">
                                                <asp:Button ID="LoginButton" runat="server" BackColor="White" 
                                                    BorderColor="#507CD1" BorderStyle="Solid" BorderWidth="1px" CommandName="Login" 
                                                    Font-Names="Verdana" Font-Size="0.8em" ForeColor="#284E98" 
                                                    onclick="LoginButton_Click" Text="Log In" ValidationGroup="Login2" />
                                            </td>
                                        </tr>
                                        <tr>
                                            <td colspan="2">
                                                <asp:HyperLink ID="PasswordRecoveryLink" runat="server" 
                                                    NavigateUrl="~/passwordrecovery.aspx">Forget password?</asp:HyperLink>
                                            </td>
                                        </tr>
                                    </table>
                                </td>
                            </tr>
                        </table>
                    </LayoutTemplate>
                    <InstructionTextStyle Font-Italic="True" ForeColor="Red" HorizontalAlign="Center" />
                    <TextBoxStyle Font-Size="0.8em" />
                    <LoginButtonStyle BackColor="White" BorderColor="#507CD1" BorderStyle="Solid" BorderWidth="1px"
                        Font-Names="Verdana" Font-Size="0.8em" ForeColor="#284E98" />
                </asp:Login> 

 --------------LoginButton_Click  event-----------

 If Membership.ValidateUser(Login1.UserName, Login1.Password) = True Then
            FormsAuthentication.RedirectFromLoginPage(Login1.UserName, False)
        Else
            Me.Label1.Text = "Login failed."
        End If