asp.net authentication - use credentials from web.config - problem_问答_开发者

asp.net authentication - use credentials from web.config - problem

开发者 https://www.devze.com 2022-12-08 15:04 出处：网络

I have a simple problem which is giving me headaches for a couple of days. I\'ve created very simple application with login control. I keep user data in web.config file:

I have a simple problem which is giving me headaches for a couple of days.

I've created very simple application with login control. I keep user data in web.config file:

<authentication mode="Forms">
    <forms name=".RzeskoLoginCookie">
        <credentials passwordFormat="Clear">
             <user name="开发者_如何学运维test" password="test"/>
        </credentials>
    </forms>
</authentication>

I will deploy this simple website to IIS on computer on which I do not want to use SQL Server.

My login button event looks like this:

protected void Login1_LoggingIn(object sender, LoginCancelEventArgs e)
{
    if(FormsAuthentication.Authenticate(Login1.UserName, Login1.Password))
    {
        FormsAuthentication.RedirectFromLoginPage(Login1.UserName, Login1.RememberMeSet);
    }
}

Now the problem:

When I am running a website on VS2008 built in webserver, everything works fine (I can log in). When I copy my website to IIS I am constantly getting this annoying error (after I click Login button):

Failed to generate a user instance of SQL Server due to failure in retrieving the user's local application data path. Please make sure the user has a local user profile on the computer. The connection will be closed.

I also observed that in my App_Data folder some weird files are being created.

To sum up. What I want to achieve is to use user credentials from web.config file, without using sql server.

I'd appreciate any help

Kind Regards PK

From the MSDN page for Login control:

The Login control uses a membership provider to obtain user credentials. Unless you specify otherwise, the Login control uses the default membership provider defined in the Web.config file. To specify a different provider, set the MembershipProvider property to one of the membership provider names defined in your application's Web.config file. For more information, see Membership Providers.

The default Membership provider is the AspNetSqlProvider which uses a SQL Server database as its user store.

If you want to provide a custom authentication routine, you can either write your own custom Membership provider or handle the OnAuthenticate method of the Login control to provide your own authentication logic.

If you notice in your code, you have the method declaration for handling the <asp:Login> control's LoggingIn event:

protected void Login1_LoggingIn(object sender, LoginCancelEventArgs e)

This control interfaces with the ASP.NET Membership provider which is probably why it is looking for a connection string.

So rather than using the <asp:Login> control, simply use a button and handle the Click event so that there is no use of Membership:

<asp:Button id="LoginButton" Text="Login" OnClick="Login_OnClick" runat="server" />

Code behind (notice the different signature of the method):

public void Login_OnClick(object sender, EventArgs args)
{
    if(FormsAuthentication.Authenticate(Login1.UserName, Login1.Password))
    {
        FormsAuthentication.RedirectFromLoginPage(Login1.UserName, Login1.RememberMeSet);
    }
}

Ok, thanks everybody for pointing out the solution. I finally managed to avoid that error by creating my own authentication event (associated with the login control).