I am about to change an existing application from using SQL Server Express to SQL Server CE 4, and so far I have successfully converted the data and implemented an SqlCeMembershipProvider.
Now I can create new users and they are able to login, but all existing users cannot login. I am using the same machineKey in both the new and old application and all I have changed in my membership and roleManager in my config-file is the type (changed to ErikEJ.SqlCeMembershipProvider).
<machineKey validationKey="xxx" decryptionKey="yyy" validation="SHA1" decryption="AES" />
<membership defaultProvider="SqlCeMembershipProvider" hashAlgorithmType="SHA1">
<providers>
<clear />
<add name="SqlCeMembershipProvider" type="ErikEJ.SqlCeMembershipProvider" connectionStringName="myDB" applicationName="myapp" requiresQuestionAndAnswer="false" minRequiredPasswordLength="4" minRequiredNonalphanumericCharacters="0"/>
</providers>
</membership>
<roleManager defaultProvider="SqlCeRoleProvider" enabled="true" cacheRolesInCookie="true" cookieName=".ASPROLES" cookieTimeout="30" cookiePath="/" cookieRequireSSL="false" cookieSlidingExpiration="true" cookieProtection="All">
<providers>
<add name="SqlCeRoleProvider" type="ErikEJ.SqlCeRoleProvider" connectionStringName="myDB" applicationName="myapp" />
</providers>
</roleManager>
Any ideas how to get old users back online?
Related
I am using membership tag for login attempt restriction after 3 times given wrong password in web.config file. But it is not working please help me
this is my web.config file below code is I given but it is not working
<connectionStrings>
<add name="mydb" connectionString="Data Source=mydbcnt;Initial Catalog=19052015;Integrated Security=True" providerName="System.Data.SqlClient" ></add>
</connectionStrings>
<membership defaultProvider="DefaultMembershipProvider">
<providers>
<add name="DefaultMembershipProvider" type="System.Web.Providers.DefaultMembershipProvider, System.Web.Providers, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" connectionStringName="DefaultConnection" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" requiresUniqueEmail="false" maxInvalidPasswordAttempts="3" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10" applicationName="/"/>
</providers>
</membership>
Add a <clear/> tag before adding your provider.
<membership>
<providers>
<clear/>
<add name="AspNetSqlMembershipProvider" [...]/>
</providers>
</membership>
As stated here, the section within the web.config file is implemented as a collection, and so it is possible to register multiple providers at the same time, includig the ones created by ASP.NET in the root web.config file on your machine.
I am using the below defined membership provider web config settings. when I access my admin pages to start to add roles and users to the system generated SQL Server tables I see two applications created. one with a application name of "/" and the second is called what my setting is configured to PolyWebSite.
My steps are:
as an unauthenticated user I browse to role config page to add admin and other roles. this is when the first application is created.
I browse to a custom user page where I add users and assign them roles. also as an unauthenticated user. this is when a second application is created with the name PolyWebSite as set in my web.config
<roleManager enabled="true" />
<membership defaultProvider="AspNetSql2005MembershipProvider">
<providers>
<add name="AspNetSql2005MembershipProvider"
type="System.Web.Security.SqlMembershipProvider, System.Web, Version=2.0.0.0"
connectionStringName="SqlConnString"
enablePasswordReset="true"
requiresQuestionAndAnswer="true"
applicationName="PolyWebSite"
requiresUniqueEmail="false"
maxInvalidPasswordAttempts="5"
minRequiredPasswordLength="1"
minRequiredNonalphanumericCharacters="0"
passwordAttemptWindow="10"
passwordStrengthRegularExpression=""
passwordFormat="Clear"/>
</providers>
</membership>
figured it out: added details to the roleManager part of the web.config to be in sync with membership section. items added were connectionStringName and applicationName.
<membership defaultProvider="AspNetSql2005MembershipProvider">
<providers>
<add name="AspNetSql2005MembershipProvider"
type="System.Web.Security.SqlMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
connectionStringName="SqlConnString"
enablePasswordReset="true"
requiresQuestionAndAnswer="true"
applicationName="PolyWebSite"
requiresUniqueEmail="true"
maxInvalidPasswordAttempts="5"
minRequiredPasswordLength="1"
minRequiredNonalphanumericCharacters="0"
passwordAttemptWindow="10"
passwordStrengthRegularExpression=""
passwordFormat="Clear"/>
</providers>
</membership>
<roleManager enabled ="true" defaultProvider ="SqlRoleProvider" >
<providers>
<add name ="SqlRoleProvider"
type="System.Web.Security.SqlRoleProvider"
connectionStringName="SqlConnString"
applicationName="PolyWebSite"/>
</providers>
</roleManager>
I have a solution which includes a website and WCF web service. Within the website I need to get the current logged on user and access a property value in their profile which specifies the username of another user (used for web service). I then need to get a property from the web service user profile (not the logged on web site user!).
So far I have this :
if (HttpContext.Current != null)
{
if (!string.IsNullOrEmpty(HttpContext.Current.Profile.UserName))
{
serviceUsername = HttpContext.Current.Profile.GetPropertyValue("WSUserName").ToString();
if (!string.IsNullOrEmpty(serviceUsername))
{
ProfileBase profile = ProfileBase.Create(serviceUsername);
var siteId = profile.GetPropertyValue("SiteID");
}
}
}
Which almost works, I can get the web service user profile by name but I can see the {ProfileCommon} is showing the properties of the web application instead of the web service so I am unable to see the value I need.
Any advice on how I might be able to achieve this?
OK I managed to get this working by adding additional membership and profile providers to my web.config, including an additional web service property with additional provider attribute :
<membership>
<providers>
<!--(website provider here)-->
<!--additional web service provider-->
<add name="WebServiceMembershipProvider"
type="System.Web.Security.SqlMembershipProvider"
connectionStringName="ApplicationServices"
enablePasswordRetrieval="false"
enablePasswordReset="true"
requiresQuestionAndAnswer="false"
requiresUniqueEmail="true"
maxInvalidPasswordAttempts="5"
minRequiredPasswordLength="6"
minRequiredNonalphanumericCharacters="0"
passwordAttemptWindow="10"
applicationName="MyWebService" />
</providers>
</membership>
<profile>
<providers>
<add name="WebServiceMembershipProvider"
type="System.Web.Profile.SqlProfileProvider"
connectionStringName="ApplicationServices"
applicationName="MyWebService"/>
</providers>
<properties>
<!-- example website property -->
<add name="website_property1"
type="string"/>
<!-- example web service property with additional provider attribute-->
<add name="webservice_property1"
type="string"
provider ="WebServiceMembershipProvider"/>
</properties>
</profile>
<roleManager enabled="true">
<providers>
<!-- (website provider here) -->
<!-- web service provider-->
<add connectionStringName="ApplicationServices"
applicationName="MyWebService"
name="WSAspNetSqlRoleProvider"
type="System.Web.Security.SqlRoleProvider" />
</providers>
</roleManager>
Then in codebehind :
Membership.ApplicationName = "MyWebService";
MembershipUser user = Membership.Providers["WebServiceMembershipProvider"].GetUser(serviceUsername, false);
profile = ProfileBase.Create(serviceUsername);
profile.Initialize(user.UserName, true);
var myProperty = profile.GetPropertyValue("webservice_property1");
hope this helps someone else!
I want to know how to set a password using mvc4 providers without knowing the old password ?
I want to make a forgot password function, where the user receives a secure link via email and then clicks the link, gets directed to the my application and then has to fill in only the new password, no security questions needed.
It was easy to do this with the membership providers that came with mvc3. I'm now using the simple membership providers that come with mvc4 and I'm having trouble getting it working.
the code so far looks as simple as:
MembershipUser user = Membership.GetUser( cust.Email );
String pass = user.GetPassword();
Boolean success = WebSecurity.ChangePassword( cust.Email, pass, model.Password );
It currently gives error on the above line that calls GetPassword() with the error :
Specified method is not supported.
I'll show the relevant section in the web.config also here :
<system.web>
<roleManager enabled="true" defaultProvider="SimpleRoleProvider">
<providers>
<clear/>
<add name="SimpleRoleProvider" type="WebMatrix.WebData.SimpleRoleProvider, WebMatrix.WebData"/>
</providers>
</roleManager>
<membership defaultProvider="SimpleMembershipProvider">
<providers>
<clear/>
<add name="SimpleMembershipProvider" type="WebMatrix.WebData.SimpleMembershipProvider, WebMatrix.WebData"
enablePasswordRetrieval="true" enablePasswordReset="true" passwordFormat="Encrypted" requiresQuestionAndAnswer="false"
requiresUniqueEmail="false" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="5" minRequiredNonalphanumericCharacters="0"
passwordAttemptWindow="10" />
</providers>
</membership>
Above I tried to add the attributes you use for the providers in mvc3 but it doesn't seem to be applicable here.
WebSecurity.GeneratePasswordResetToken generates and returns a unique string.
WebSecurity.ResetPassword uses that token to change the password.
Give the user a link to an action with the token as a parameter, then give them a simple form to change their password.
I am using VS2005 C# .NET 2.0
I am new to the use of Health Monitoring, and I am unsure how the log files are saved.
I have only configured my Web.config file, and I don't see any variable which declares where the log file will be saved.
Below is my Web.config code snippet:
<system.web>
<healthMonitoring enabled="true" heartbeatInterval="0">
<bufferModes>
<clear/>
<add name="Logging" maxBufferSize="1000" maxFlushSize="200" urgentFlushThreshold="800" regularFlushInterval="00:05:00" urgentFlushInterval="00:01:00" maxBufferThreads="1"/>
</bufferModes>
<providers>
<clear/>
<add name="MySqlWebEventProvider" type="System.Web.Management.SqlWebEventProvider" connectionStringName="SODConnectionString" maxEventDetailsLength="1073741823" buffer="true" bufferMode="Logging"/>
</providers>
<eventMappings>
<clear/>
<add name="All Audits" type="System.Web.Management.WebAuditEvent" startEventCode="0" endEventCode="2147483647"/>
<add name="All Errors" type="System.Web.Management.WebBaseErrorEvent" startEventCode="0" endEventCode="2147483647"/>
</eventMappings>
<profiles>
<clear/>
<add name="Audit Logs" minInstances="1" maxLimit="Infinite" minInterval="00:00:15"/>
<add name="Error Logs" minInstances="1" maxLimit="Infinite" minInterval="00:00:15"/>
</profiles>
<rules>
<clear/>
<add name="All Audits Default" eventName="All Audits" provider="MySqlWebEventProvider" profile="Audit Logs"/>
<add name="All Errors Default" eventName="All Errors" provider="MySqlWebEventProvider" profile="Error Logs"/>
</rules>
</healthMonitoring>
</system.web>
May I know what are the other steps I will need to take?
This article should help you out...
http://msdn.microsoft.com/en-us/library/ff650305.aspx
The output depends on what you configure. Typically, you would go for EventLogs. But if you are doing extensive logging you may want to use different providers to output it in SQL or WMI.