Hi everyone,

 

I’m having a problem with the Login control on my new web application. I don’t have much experience with ASP.NET 2.0 so I would appreciate if someone could take a look at this post and maybe suggest a solution.

 

I have VS 2005 Professional Edition and in it I’ve created a simple web application (site). All it is supposed to do is to allow registered users to log in and therefore grant them access to some pages. Here is what I managed to do until I encountered problems.

 

Application is running on my machine on which I have IIS installed.

The basic structure of the application looks like this:

 

http://localhost/MyApplication

            App_Data

                        ASPNETDB_TMP.MDF

            Restricted_Dir

                        Restricted.aspx

                        Web.config

            Default.aspx

            Login.aspx

            Web.config

 

From Visual Studio I’ve started ASP.NET WAT which automatically created a Membership data store in the App_Data subdirectory of my application and added one user without any problems. I’ve checked the database tables to make sure the user is really created and it was there.

I have SQL 2005 Express edition.

 

I’ve modified the Web.config file in the root of the application by setting the authentication mode to Forms.

 

I’ve modified the Restricted_Dir/Web.config by adding this:

 

<authorization>

        <deny users="?" />

      </authorization>

     

The Login.aspx page contains only Login control which I've just dragged and dropped without making any modifications to it.

 

When I try to visit the Restricted.aspx page first I'm redirected to the Login.aspx page which is fine because Restricted.aspx page is restricted for unautorized visitors. Then I enter my user name and password and page just refreshes and again I see the Login page, but I was supposed to be redirected to the Restricted.aspx page. If I enter wrong user name and/or password then it displays a message to try again which is fine.

I have no idea what I’m doing wrong.

 

I hope I’ve managed to explain it well.

I would really appreciate if someone could jump in with the sollution.

Thanx.

 

Spiro

 

 

 

I've tried moving the application from IIS to File System and this resolved the issue. However the question is still here… Why it is not working on IIS 5.1? Is there something that needs to be configured on IIS? I would be much happier if this would be working on my local IIS instead on integrated Visual Studio web server.

 

Spiro

Make sure you've set proper value for applicationName attribute for each security provider defined in web.config. You can refer to this article:
Always set the "applicationName" property when configuring ASP.NET 2.0 Membership and other Providers

Thanks Iori_Jay for the replay, but it seems this is not the cause of my problem because I have no security providers defined in web.config at all.

My web.config file looks like this:

 <?xml version="1.0"?>

<configuration xmlns="http://schemas.microsoft.com/.NetConfiguration/v2.0">
  <appSettings/>
    <system.web>

        <compilation defaultLanguage="c#" />

        <authentication mode="Forms" />
 
    </system.web>
</configuration>
 

Let's check the connectionString named LocalSqlServer used by default membership provider:

Response.Write(ConfigurationManager.ConnectionStrings["LocalSqlServer"].ConnectionString+ "<br/>");

Also check the applicationName attribute of the membership provider:

Response.Write(Membership.Provider.Name+"<br/>");

Then go to the ASPNET database, check aspnet_Users/aspnet_Applications table, to see whether the users are configured for the application with the same name as applicationName attribute of membership provider. You can also use such query to check this:

SELECT u.UserName,a.ApplicationName
FROM aspnet_Users u JOIN aspnet_Applications a
ON u.ApplicationId = a.ApplicationId

You can also specify the defaultUrl:

<authentication mode="Forms">
<forms path="/" defaultUrl="~/default.aspx" loginUrl="~/Login.aspx" protection="All" timeout="30">
</forms>
</authentication>

Ok, this is the situation:

 

Response.Write(ConfigurationManager.ConnectionStrings["LocalSqlServer"].ConnectionString+ "<br/>");

 

returns:

 

data source=.\SQLEXPRESS;Integrated Security=SSPI;AttachDBFilename=|DataDirectory|aspnetdb.mdf;User Instance=true

and the applicationName attribute of the membership provider is:

 

AspNetSqlMembershipProvider

I checked the aspnet_Applictions table and found there one (and only) application with attribute ApplicationName equal to: /    (just a slash)

 

I checked the aspnet_Users table and found two users both linked to this application over the attribute ApplicationID.

 

Those users were added to the DB in Visual Studio through ASP.NET WAT. Then I thought maybe if I add new users directly from my application, they will be linked properly to this application. I’ve added another page on which I’ve placed CreateUserWizard control. After I tried to register a new user I got this message:

 

Failed to update database "D:\HOMEDIRECTORY\MYAPPLICATION\APP_DATA\ASPNETDB.MDF" because the database is read-only.

Make sure the account which runs the web application has full control on the application folder. By default it should be ASPNET for IIS5.0, and NT AUTHORITY\NETWORK SERVICE for IIS6.0.

I gave ASPNET user full control over application directory and now I’m able to create new users directly from my application. But still I’m not able to log in as that newly created user, nor as the user created through the WAT.

spiro,

Can you explain exactly what happens when you try to log in? Details?

Spiro - Take a look at the following post and see if that helps.

http://www.eukhost.com/forums/showthread.php?t=490&goto=nextnewest

spiro:

and the applicationName attribute of the membership provider is:

 

AspNetSqlMembershipProvider

I checked the aspnet_Applictions table and found there one (and only) application with attribute ApplicationName equal to: /    (just a slash)

 

Sorry it's my fault, actually we need to use Membership.Provider.ApplicationName to check the applicationName, not Membership.Provider.Name. Would you please check again to see whether the applicationName is '/' (slash)?

Yes, application name is /. I have no idea what should I do with this. I’ve moved my project from iis to file system and I’m continuing to develop my application there. I have no idea what will happen once my project is deployed onto a real web server. Thanks.

I am having the same problem.  I have built my application as testing and learning and in FileSystem.  The Login Control performs as it's supposed to when I run the webpage in Visual Studio but when I try to reach the website from IIS it doesn't.  I keep getting the error message from the Login Control.  Please help. 

Please check to see whether the IIS account (ASPNET or NETWORK SERVICE) has full control on the virtual folder.