开发者

Disable SQL Membership Provider (ASP.Net Forms Authentication)

开发者 https://www.devze.com 2023-02-20 12:13 出处:网络
I have setup a trivial preview website for a client that needs basic password protection.I\'m using Forms Authentication with the credentials specified in web.config.

I have setup a trivial preview website for a client that needs basic password protection. I'm using Forms Authentication with the credentials specified in web.config.

Everything works fine on my box (famous last words)

However, when 开发者_如何学GoI deploy to a production website running Win2008, the authentication code attempts to open a SQL Server database (I have no reference to anything SQL in web.config). How can I disable this behavior so that authentication is based on the credentials I have entered in web.config?

Exception in Event Log

Unable to connect to SQL Server database. at System.Web.Management.SqlServices.GetSqlConnection(String server, String user, String password, Boolean trusted, String connectionString) at System.Web.Management.SqlServices.SetupApplicationServices(String server, String user, String password, Boolean trusted, String connectionString, String database, String dbFileName, SqlFeatures features, Boolean install) at System.Web.DataAccess.SqlConnectionHelper.CreateMdfFile(String fullFileName, String dataDir, String connectionString) at System.Web.DataAccess.SqlConnectionHelper.EnsureSqlExpressDBFile(String connectionString) ... at System.Data.SqlClient.SqlConnection.Open() at System.Web.Management.SqlServices.GetSqlConnection(String server, String user, String password, Boolean trusted, String connectionString)

http://my.site.com/Login.aspx?ReturnUrl=/

web.config (relevant portion)

     <system.web>
        <compilation targetFramework="4.0" />
    <authentication mode="Forms">
      <forms name="appNameAuth" path="/" loginUrl="Login.aspx" protection="All" timeout="30">
        <credentials passwordFormat="SHA1">
          <user name="me" password="SHA1OfMyPassword" />
        </credentials>
      </forms>
    </authentication>
    <authorization> 
      <deny users="?"/>  
      <allow users="me" />
    </authorization>    

  </system.web>


It turns out that, on the production machine, the SQL membership provider was defined in machine.config. I don't think the ops team changed anything from the default Windows 2008 install, so that's probably generally the case for that platform.

To remove references to any SQL providers defined at a higher level include the following in your web.config

<membership>
    <providers>
        <clear />       
    </providers>
</membership>
<roleManager enabled="false">
    <providers>
        <clear />       
    </providers>
</roleManager>
<profile>
    <providers>
        <clear />       
    </providers>
</profile>
0

精彩评论

暂无评论...
验证码 换一张
取 消

关注公众号