Login Fails After Deployment

Pete,
I can undertand your frustration, but you are going to need to be much more
specific in your posts to get much help - beyond describing "standard
procedures".
There are a number of different ways to authenticate a user that can be
considered "standard". Your post doesn't even say what kind of
authentication you are using.

Perhaps if you post some sample code and a bit more information, somebody
can respond with something useful.
Peter

--
Co-founder, Eggheadcafe.com developer portal:
http://www.eggheadcafe.com
UnBlog:
http://petesbloggerama.blogspot.com


"Pete" wrote:

I have used Visual Studio 2005 to create a website.
I set up standard login page using standard procedures.
Nothing fancy or out of the ordinary, just standard procedures described in any "Login stuff for halfwits" book.
Everything works perfectly fine! ! Nothing whatsoever goes wrong at all!
However, when I deploy the website to another computer, the login fails !

I have searched the internet from top to bottom trying to find an answer.
Several people seem to have had the same problem but no solutions work for me.
I cannot stress enough that I have not done anything more than the simplest methods found in the simplest books.
Thousands of people must do every day what I am trying to do, so why won't the flipping thing work?
There must be some really obscure flag or setting somewhere that is obvious to everyone, but not to me it isn’t
Will someone please help!
If requested, I will gladly send copies of any code. I am really pulling my hair out over what must something extremely simple.
Sorry if I went on a bit, but I am getting desperate.

Many thanks in anticipation,

Pete

Hello Peter,
Many thanks for your reply, it is nice to know there is someone trying
to help. I hope I am replying correctly as this newsreader I found is
far from intuitive. The reason I did not include any code before was
that I just could not think where the problem might be as exactly the
same code is used on both the development machine and the server were
the site is deployed. Thinking about it, perhaps the following snippet
from the web.config might be useful.

<membership>
<providers>
<remove name="AspNetSqlMembershipProvider"/>
<add name="AspNetSqlMembershipProvider"
type="System.Web.Security.SqlMembershipProvider,
System.Web, Version=2.0.0.0, Culture=neutral,
PublicKeyToken=b03f5f7f11d50a3a"
connectionStringName="LocalSqlServer"
enablePasswordRetrieval="false"
enablePasswordReset="true"
requiresQuestionAndAnswer="true"
applicationName="/"
requiresUniqueEmail="false"
minRequiredPasswordLength="1"
minRequiredNonalphanumericCharacters="0"
passwordFormat="Hashed"
maxInvalidPasswordAttempts="5"
passwordAttemptWindow="10"
passwordStrengthRegularExpression=""/>
</providers>
</membership>
If there is anything else that might help then I will gladly post that
as well.

Keeping all my fingers crossed,

Pete

1. Does the server where the application is deployed to,
have the .Net Framework 2.0 installed ?

2. Is the application configured to run as a .Net Framework 2.0 app ?

Save the following as "version.aspx" and run it in the same directory as the application :

version.aspx :
--------------------
<%@ Page Language="VB" %>
<html>
<head>
</head>
<body>
<%
Response.Write("ASP.NET Version = " & System.Environment.Version.ToString())
%>
</body>
</html>
-------------------

Please post back here the version number returned.

3. Was the Membership database created on the server ?

4. What is the specific error message you're getting, if any ?


Juan T. Llibre, asp.net MVP
asp.net faq : http://asp.net.do/faq/
foros de asp.net, en español : http://asp.net.do/foros/
===================================
<Me*************@hotmail.comwrote in message news:a5********************************@4ax.com...

Hello Peter,
Many thanks for your reply, it is nice to know there is someone trying
to help. I hope I am replying correctly as this newsreader I found is
far from intuitive. The reason I did not include any code before was
that I just could not think where the problem might be as exactly the
same code is used on both the development machine and the server were
the site is deployed. Thinking about it, perhaps the following snippet
from the web.config might be useful.

<membership>
<providers>
<remove name="AspNetSqlMembershipProvider"/>
<add name="AspNetSqlMembershipProvider"
type="System.Web.Security.SqlMembershipProvider,
System.Web, Version=2.0.0.0, Culture=neutral,
PublicKeyToken=b03f5f7f11d50a3a"
connectionStringName="LocalSqlServer"
enablePasswordRetrieval="false"
enablePasswordReset="true"
requiresQuestionAndAnswer="true"
applicationName="/"
requiresUniqueEmail="false"
minRequiredPasswordLength="1"
minRequiredNonalphanumericCharacters="0"
passwordFormat="Hashed"
maxInvalidPasswordAttempts="5"
passwordAttemptWindow="10"
passwordStrengthRegularExpression=""/>
</providers>
</membership>
If there is anything else that might help then I will gladly post that
as well.

Keeping all my fingers crossed,

Pete

Hello Juan,

I am really grateful for your interest.

In answer to your questions:

1. Does the server where the application is deployed to,
have the .Net Framework 2.0 installed ?
A. Yes it does. Websites that do not use login stuff ( ASPDBNET.MDB)
all work fine.

2. Is the application configured to run as a .Net Framework 2.0 app ?
A. Yes it is. This was set in the website properties using IIS.

Save the following as "version.aspx" and run it in the same directory
as the application :

version.aspx :
--------------------
<%@ Page Language="VB" %>
<html>
<head>
</head>
<body>
<%
Response.Write("ASP.NET Version = " &
System.Environment.Version.ToString())
%>
</body>
</html>
-------------------

Please post back here the version number returned.
ASP.NET Version = 2.0.50727.42
had to "Allow anonymous users" to run this )

3. Was the Membership database created on the server ?
A. No it wasn't. ASPDBNET.MDB was filled with details on my
development machine and copied along with all the other files to the
host server( XCOPY ? )

4. What is the specific error message you're getting, if any ?
"Your login attempt was not successful. Please try again."

I entered a procedure in the hope of more useful information ( see
below ).
When I deliberateley entered an incorrect password, the massage was
"There is no user in the database with the username XXXX"
However, when I entered a correct user name and password,
LoginErrorDetails.Text was empty

Hoping this will help. If you need more information, please ask.
Waiting for your reply with great interest,

Pete
<asp:Login ID="Login1" OnLoginError= "Login2_LoginError"
runat="server" DestinationPageUrl="~/Login.aspx"></asp:Login>
<br />
<asp:Label ID="LoginErrorDetails" runat="server"
Text="Label"></asp:Label><br />
protected void Login1_LoginError(object sender, System.EventArgs e)
{
MembershipUser userInfo = Membership.GetUser(Login2.UserName);
if (userInfo == null)
{
LoginErrorDetails.Text = "There is no user in the database with
the username " + Login1.UserName;
}
else
{
if (!(userInfo.IsApproved))
{
LoginErrorDetails.Text = "Your account has not yet been
approved by the site's administrators. Please try again later...";
}
else if (userInfo.IsLockedOut)
{
LoginErrorDetails.Text = "Your account has been locked out
because of a maximum number of incorrect login attempts. You will NOT
be able to login until you contact a site administrator and have your
account unlocked.";
}
else
{
LoginErrorDetails.Text = string.Empty;
}
}
}

Hello Again Juan,

I notice thatthe word " login2" occasionally appears in the code I
sent. Please read each occurrence as "login1".

Regards,

Pete

Hi, Pete.

I'm a bit puzzled by your database's name ( ASPDBNET.MDB )

Are you using Access as your Membership provider ?
Or, is that a typo for a standard SQL Server 2005 database ( ASPNETDB.MDF )

Also, notice the different spellings for the name ( ASPDBNET vs. ASPNETDB ).

Could the problem be as simple as not finding the right database ?
Please confirm before we look at anything else as a possible cause for the problem.

Juan T. Llibre, asp.net MVP
asp.net faq : http://asp.net.do/faq/
foros de asp.net, en español : http://asp.net.do/foros/
===================================
<Me*************@hotmail.comwrote in message news:03********************************@4ax.com...

Hello Juan,

I am really grateful for your interest.

In answer to your questions:

1. Does the server where the application is deployed to,
have the .Net Framework 2.0 installed ?
A. Yes it does. Websites that do not use login stuff ( ASPDBNET.MDB)
all work fine.

2. Is the application configured to run as a .Net Framework 2.0 app ?
A. Yes it is. This was set in the website properties using IIS.

Save the following as "version.aspx" and run it in the same directory
as the application :

version.aspx :
--------------------
<%@ Page Language="VB" %>
<html>
<head>
</head>
<body>
<%
Response.Write("ASP.NET Version = " &
System.Environment.Version.ToString())
%>
</body>
</html>
-------------------

Please post back here the version number returned.
ASP.NET Version = 2.0.50727.42
had to "Allow anonymous users" to run this )

3. Was the Membership database created on the server ?
A. No it wasn't. ASPDBNET.MDB was filled with details on my
development machine and copied along with all the other files to the
host server( XCOPY ? )

4. What is the specific error message you're getting, if any ?
"Your login attempt was not successful. Please try again."

I entered a procedure in the hope of more useful information ( see
below ).
When I deliberateley entered an incorrect password, the massage was
"There is no user in the database with the username XXXX"
However, when I entered a correct user name and password,
LoginErrorDetails.Text was empty

Hoping this will help. If you need more information, please ask.
Waiting for your reply with great interest,

Pete
<asp:Login ID="Login1" OnLoginError= "Login2_LoginError"
runat="server" DestinationPageUrl="~/Login.aspx"></asp:Login>
<br />
<asp:Label ID="LoginErrorDetails" runat="server"
Text="Label"></asp:Label><br />
protected void Login1_LoginError(object sender, System.EventArgs e)
{
MembershipUser userInfo = Membership.GetUser(Login2.UserName);
if (userInfo == null)
{
LoginErrorDetails.Text = "There is no user in the database with
the username " + Login1.UserName;
}
else
{
if (!(userInfo.IsApproved))
{
LoginErrorDetails.Text = "Your account has not yet been
approved by the site's administrators. Please try again later...";
}
else if (userInfo.IsLockedOut)
{
LoginErrorDetails.Text = "Your account has been locked out
because of a maximum number of incorrect login attempts. You will NOT
be able to login until you contact a site administrator and have your
account unlocked.";
}
else
{
LoginErrorDetails.Text = string.Empty;
}
}
}

Hello Juan,
I am so sorry for messing up my previous explanation.
You quite rightly point out that the database is ASPNETDB.MDF
and not whatever I put. I thought I could rely on my memory but I
should have checked first. Wheverever there is confusion over the
database name, could you please assume it is ASPNETDB.MDF.

Please accept my apologies once again.

Best wishes,

Pete.

On Thu, 23 Nov 2006 10:29:35 -0400, "Juan T. Llibre"
<no***********@nowhere.comwrote:

>Hi, Pete.

I'm a bit puzzled by your database's name ( ASPDBNET.MDB )

Are you using Access as your Membership provider ?
Or, is that a typo for a standard SQL Server 2005 database ( ASPNETDB.MDF )

Also, notice the different spellings for the name ( ASPDBNET vs. ASPNETDB ).

Could the problem be as simple as not finding the right database ?
Please confirm before we look at anything else as a possible cause for the problem.

Juan T. Llibre, asp.net MVP
asp.net faq : http://asp.net.do/faq/
foros de asp.net, en español : http://asp.net.do/foros/
===================================
<Me*************@hotmail.comwrote in message news:03********************************@4ax.com...

>Hello Juan,

I am really grateful for your interest.

In answer to your questions:

1. Does the server where the application is deployed to,
have the .Net Framework 2.0 installed ?
A. Yes it does. Websites that do not use login stuff ( ASPDBNET.MDB)
all work fine.

2. Is the application configured to run as a .Net Framework 2.0 app ?
A. Yes it is. This was set in the website properties using IIS.

Save the following as "version.aspx" and run it in the same directory
as the application :

version.aspx :
--------------------
<%@ Page Language="VB" %>
<html>
<head>
</head>
<body>
<%
Response.Write("ASP.NET Version = " &
System.Environment.Version.ToString())
%>
</body>
</html>
-------------------

Please post back here the version number returned.
ASP.NET Version = 2.0.50727.42
had to "Allow anonymous users" to run this )

3. Was the Membership database created on the server ?
A. No it wasn't. ASPDBNET.MDB was filled with details on my
development machine and copied along with all the other files to the
host server( XCOPY ? )

4. What is the specific error message you're getting, if any ?
"Your login attempt was not successful. Please try again."

I entered a procedure in the hope of more useful information ( see
below ).
When I deliberateley entered an incorrect password, the massage was
"There is no user in the database with the username XXXX"
However, when I entered a correct user name and password,
LoginErrorDetails.Text was empty

Hoping this will help. If you need more information, please ask.
Waiting for your reply with great interest,

Pete
<asp:Login ID="Login1" OnLoginError= "Login2_LoginError"
runat="server" DestinationPageUrl="~/Login.aspx"></asp:Login>
<br />
<asp:Label ID="LoginErrorDetails" runat="server"
Text="Label"></asp:Label><br />
protected void Login1_LoginError(object sender, System.EventArgs e)
{
MembershipUser userInfo = Membership.GetUser(Login2.UserName);
if (userInfo == null)
{
LoginErrorDetails.Text = "There is no user in the database with
the username " + Login1.UserName;
}
else
{
if (!(userInfo.IsApproved))
{
LoginErrorDetails.Text = "Your account has not yet been
approved by the site's administrators. Please try again later...";
}
else if (userInfo.IsLockedOut)
{
LoginErrorDetails.Text = "Your account has been locked out
because of a maximum number of incorrect login attempts. You will NOT
be able to login until you contact a site administrator and have your
account unlocked.";
}
else
{
LoginErrorDetails.Text = string.Empty;
}
}
}

Panic over Juan :-)

I have finally managed to get things to work.

I need to fix one or two more things and then I will explain exactly
what I did in case anyone else has the same problem.

( The solution was not obvious. At least not to me )

Many thanks Juan ( and Peter Bromberg )
Your interest in helping me was greatly appreciated.

Pete.

re:

I have finally managed to get things to work.

Good news! Congratulations...

re:

then I will explain exactly what I did in case anyone else has the same problem

Great idea!


Juan T. Llibre, asp.net MVP
asp.net faq : http://asp.net.do/faq/
foros de asp.net, en español : http://asp.net.do/foros/
===================================
<Me*************@hotmail.comwrote in message news:tc********************************@4ax.com...

Panic over Juan :-)

I have finally managed to get things to work.

I need to fix one or two more things and then I will explain exactly
what I did in case anyone else has the same problem.

( The solution was not obvious. At least not to me )

Many thanks Juan ( and Peter Bromberg )
Your interest in helping me was greatly appreciated.

Pete.

Hello again Juan,
As promised here is what I did to fix my problem.
I realise that much of what I am going to say is painfully obvious to
everyone except the absolute beginner.

Using Visual Studio 2005 I made a very simple website.
I found a simple How-To type tutorial on the web and added security
that uses an SQL Express database in the App_Data directory
(ASPNETDB.MDF).
Everything worked fine on my development machine.
I then copied the whole site in its entirety to the company server.
The Security didn't work, no matter what I tried.
Cutting a long story short, I discovered that permissions need to be
set in the App_Data in order to read or write to ASPNETDB.MDF
Nowhere in any tutorial was that ever mentioned. I am guessing that
all that stuff is taken care of for you in the comfort of the Visual
Studio environment but you are on your own once you leave it

Anyway all is explained here:
http://forums.microsoft.com/msdn/sho...eID=1&PageID=1

The following is the way I got things to work but my setup may be
different to yours.

1. Go into Windows Explorer and right click the App_Data directory and
select Properties.
2. Click the Security tab. If you are using XP and it is not there,
click the Tools menu at the top of the page, then
click Folder Options/View and uncheck Use simple file sharing option.
3. Both ASP.NET and NETWORK SERVICE need to be included in Group or
user names and given Modify Permissions
I added these by clicking the Add button and typing ASPNET
then clicking the add button again and typing NETWORK SERVICE

Some people mentioned that you need to run IISRESET to refresh the
permissions but they neglected to mention where this could be found
and of course, I could not find it. However, everything seemed to work
with doing this.

If this helps just one person, then I will feel the above typing has
been worth while.

Pete.