By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
425,992 Members | 934 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 425,992 IT Pros & Developers. It's quick & easy.

Membership permissions after publishing an ASP.NET Membership site.

P: n/a
Hi all,

I have create a simple ASP.NET site that uses the ASP.NET Membership
components. It uses a SQL Server as a provider.
The application works fine when it's running on my own machine.

After I publish the site to a remote webserver and recreate the database
over on the remote site, the permissions on the folders are gone.

I can succesfully log on, log off, and do all the 'normal' membership stuff,
but the folders I had protected through the Web Site Administration Tool are
now accessible to unauthenticated users.

The application appears to be set up just fine on the remote machine,
because I can logon etc. It's just that the folders that should be
accessible only to authenticated users in a particular role, are now
accessible to any user.

The RELEVANT portion of my web.config;

<configSections>
<section name="authenticationService"
type="System.Web.Configuration.ScriptingAuthentica tionServiceSection,
System.Web.Extensions, Version=3.5.0.0, Culture=neutral,
PublicKeyToken=31BF3856AD364E35" requirePermission="false"
allowDefinition="MachineToApplication"/>
<section name="roleService"
type="System.Web.Configuration.ScriptingRoleServic eSection,
System.Web.Extensions, Version=3.5.0.0, Culture=neutral,
PublicKeyToken=31BF3856AD364E35" requirePermission="false"
allowDefinition="MachineToApplication"/>
</configSections>
<appSettings/>
<connectionStrings>
<add name="MySqlConnection" connectionString="Data Source=(local);Initial
Catalog=Drops;Integrated Security=True;"
providerName="System.Data.SqlClient"/>
</connectionStrings>
<system.web>
<roleManager enabled="true" cacheRolesInCookie="true"
defaultProvider="SqlProvider">
<providers>
<clear/>
<add name="SqlProvider" type="System.Web.Security.SqlRoleProvider"
connectionStringName="MySqlConnection" applicationName="Domain Catcher"/>
</providers>
</roleManager>
<authentication mode="Forms">
<forms name=".ASPXFORMSAUTH" loginUrl="Login.aspx" />
</authentication>
<membership defaultProvider="SqlProvider" userIsOnlineTimeWindow="15">
<providers>
<clear/>
<add name="SqlProvider" type="System.Web.Security.SqlMembershipProvider"
connectionStringName="MySqlConnection" applicationName="Domain Catcher"
enablePasswordRetrieval="false" enablePasswordReset="true"
requiresQuestionAndAnswer="true" requiresUniqueEmail="true"
passwordFormat="Hashed"/>
</providers>
</membership>
Any ideas?

Thanks,

Tino

Jun 27 '08 #1
Share this Question
Share on Google+
2 Replies


P: n/a
http://www.asp.net/Learn/videos/video-303.aspx
"Tino Donderwinkel" <ti**@tino.nlwrote in message
news:el**************@TK2MSFTNGP02.phx.gbl...
Hi all,

I have create a simple ASP.NET site that uses the ASP.NET Membership
components. It uses a SQL Server as a provider.
The application works fine when it's running on my own machine.

After I publish the site to a remote webserver and recreate the database
over on the remote site, the permissions on the folders are gone.

I can succesfully log on, log off, and do all the 'normal' membership
stuff, but the folders I had protected through the Web Site Administration
Tool are now accessible to unauthenticated users.

The application appears to be set up just fine on the remote machine,
because I can logon etc. It's just that the folders that should be
accessible only to authenticated users in a particular role, are now
accessible to any user.

The RELEVANT portion of my web.config;

<configSections>
<section name="authenticationService"
type="System.Web.Configuration.ScriptingAuthentica tionServiceSection,
System.Web.Extensions, Version=3.5.0.0, Culture=neutral,
PublicKeyToken=31BF3856AD364E35" requirePermission="false"
allowDefinition="MachineToApplication"/>
<section name="roleService"
type="System.Web.Configuration.ScriptingRoleServic eSection,
System.Web.Extensions, Version=3.5.0.0, Culture=neutral,
PublicKeyToken=31BF3856AD364E35" requirePermission="false"
allowDefinition="MachineToApplication"/>
</configSections>
<appSettings/>
<connectionStrings>
<add name="MySqlConnection" connectionString="Data Source=(local);Initial
Catalog=Drops;Integrated Security=True;"
providerName="System.Data.SqlClient"/>
</connectionStrings>
<system.web>
<roleManager enabled="true" cacheRolesInCookie="true"
defaultProvider="SqlProvider">
<providers>
<clear/>
<add name="SqlProvider" type="System.Web.Security.SqlRoleProvider"
connectionStringName="MySqlConnection" applicationName="Domain Catcher"/>
</providers>
</roleManager>
<authentication mode="Forms">
<forms name=".ASPXFORMSAUTH" loginUrl="Login.aspx" />
</authentication>
<membership defaultProvider="SqlProvider" userIsOnlineTimeWindow="15">
<providers>
<clear/>
<add name="SqlProvider"
type="System.Web.Security.SqlMembershipProvider"
connectionStringName="MySqlConnection" applicationName="Domain Catcher"
enablePasswordRetrieval="false" enablePasswordReset="true"
requiresQuestionAndAnswer="true" requiresUniqueEmail="true"
passwordFormat="Hashed"/>
</providers>
</membership>
Any ideas?

Thanks,

Tino
Jun 27 '08 #2

P: n/a
I found the problem recently. It really is some sort of bug;

http://www.tino.nl/index.php/2008/06...ip-components/

Tino
"clintonG" <no****@nowhere.comwrote in message
news:%2****************@TK2MSFTNGP02.phx.gbl...
http://www.asp.net/Learn/videos/video-303.aspx
"Tino Donderwinkel" <ti**@tino.nlwrote in message
news:el**************@TK2MSFTNGP02.phx.gbl...
>Hi all,

I have create a simple ASP.NET site that uses the ASP.NET Membership
components. It uses a SQL Server as a provider.
The application works fine when it's running on my own machine.

After I publish the site to a remote webserver and recreate the database
over on the remote site, the permissions on the folders are gone.

I can succesfully log on, log off, and do all the 'normal' membership
stuff, but the folders I had protected through the Web Site
Administration Tool are now accessible to unauthenticated users.

The application appears to be set up just fine on the remote machine,
because I can logon etc. It's just that the folders that should be
accessible only to authenticated users in a particular role, are now
accessible to any user.

The RELEVANT portion of my web.config;

<configSections>
<section name="authenticationService"
type="System.Web.Configuration.ScriptingAuthentic ationServiceSection,
System.Web.Extensions, Version=3.5.0.0, Culture=neutral,
PublicKeyToken=31BF3856AD364E35" requirePermission="false"
allowDefinition="MachineToApplication"/>
<section name="roleService"
type="System.Web.Configuration.ScriptingRoleServi ceSection,
System.Web.Extensions, Version=3.5.0.0, Culture=neutral,
PublicKeyToken=31BF3856AD364E35" requirePermission="false"
allowDefinition="MachineToApplication"/>
</configSections>
<appSettings/>
<connectionStrings>
<add name="MySqlConnection" connectionString="Data
Source=(local);Initial Catalog=Drops;Integrated Security=True;"
providerName="System.Data.SqlClient"/>
</connectionStrings>
<system.web>
<roleManager enabled="true" cacheRolesInCookie="true"
defaultProvider="SqlProvider">
<providers>
<clear/>
<add name="SqlProvider" type="System.Web.Security.SqlRoleProvider"
connectionStringName="MySqlConnection" applicationName="Domain Catcher"/>
</providers>
</roleManager>
<authentication mode="Forms">
<forms name=".ASPXFORMSAUTH" loginUrl="Login.aspx" />
</authentication>
<membership defaultProvider="SqlProvider" userIsOnlineTimeWindow="15">
<providers>
<clear/>
<add name="SqlProvider"
type="System.Web.Security.SqlMembershipProvider "
connectionStringName="MySqlConnection" applicationName="Domain Catcher"
enablePasswordRetrieval="false" enablePasswordReset="true"
requiresQuestionAndAnswer="true" requiresUniqueEmail="true"
passwordFormat="Hashed"/>
</providers>
</membership>
Any ideas?

Thanks,

Tino
Jun 27 '08 #3

This discussion thread is closed

Replies have been disabled for this discussion.