Membership permissions after publishing an ASP.NET Membership site.

Collapse
This topic is closed.
X
X
Collapse
 
  • Page of 1
  • Time
  • Show
Clear All
new posts
Previous template Next
  • Tino Donderwinkel
    #1

    Membership permissions after publishing an ASP.NET Membership site.

    Hi all,

    I have create a simple ASP.NET site that uses the ASP.NET Membership
    components. It uses a SQL Server as a provider.
    The application works fine when it's running on my own machine.

    After I publish the site to a remote webserver and recreate the database
    over on the remote site, the permissions on the folders are gone.

    I can succesfully log on, log off, and do all the 'normal' membership stuff,
    but the folders I had protected through the Web Site Administration Tool are
    now accessible to unauthenticated users.

    The application appears to be set up just fine on the remote machine,
    because I can logon etc. It's just that the folders that should be
    accessible only to authenticated users in a particular role, are now
    accessible to any user.

    The RELEVANT portion of my web.config;

    <configSections >
    <section name="authentic ationService"
    type="System.We b.Configuration .ScriptingAuthe nticationServic eSection,
    System.Web.Exte nsions, Version=3.5.0.0 , Culture=neutral ,
    PublicKeyToken= 31BF3856AD364E3 5" requirePermissi on="false"
    allowDefinition ="MachineToAppl ication"/>
    <section name="roleServi ce"
    type="System.We b.Configuration .ScriptingRoleS erviceSection,
    System.Web.Exte nsions, Version=3.5.0.0 , Culture=neutral ,
    PublicKeyToken= 31BF3856AD364E3 5" requirePermissi on="false"
    allowDefinition ="MachineToAppl ication"/>
    </configSections>
    <appSettings/>
    <connectionStri ngs>
    <add name="MySqlConn ection" connectionStrin g="Data Source=(local); Initial
    Catalog=Drops;I ntegrated Security=True;"
    providerName="S ystem.Data.SqlC lient"/>
    </connectionStrin gs>
    <system.web>
    <roleManager enabled="true" cacheRolesInCoo kie="true"
    defaultProvider ="SqlProvide r">
    <providers>
    <clear/>
    <add name="SqlProvid er" type="System.We b.Security.SqlR oleProvider"
    connectionStrin gName="MySqlCon nection" applicationName ="Domain Catcher"/>
    </providers>
    </roleManager>
    <authenticati on mode="Forms">
    <forms name=".ASPXFORM SAUTH" loginUrl="Login .aspx" />
    </authentication>
    <membership defaultProvider ="SqlProvide r" userIsOnlineTim eWindow="15">
    <providers>
    <clear/>
    <add name="SqlProvid er" type="System.We b.Security.SqlM embershipProvid er"
    connectionStrin gName="MySqlCon nection" applicationName ="Domain Catcher"
    enablePasswordR etrieval="false " enablePasswordR eset="true"
    requiresQuestio nAndAnswer="tru e" requiresUniqueE mail="true"
    passwordFormat= "Hashed"/>
    </providers>
    </membership>


    Any ideas?

    Thanks,

    Tino

    Tags: None
    • clintonG
      #2
      Re: Membership permissions after publishing an ASP.NET Membership site.

      ASP.NET Core, an open-source web development framework | .NET
      http://www.asp.net/Learn/videos/video-303.aspx
      Build web apps and services that run on Windows, Linux, and macOS using C#, HTML, CSS, and JavaScript. Get started for free on Windows, Linux, or macOS.



      "Tino Donderwinkel" <tino@tino.nlwr ote in message
      news:elQjEb6zIH A.2384@TK2MSFTN GP02.phx.gbl...
      Hi all,
      >
      I have create a simple ASP.NET site that uses the ASP.NET Membership
      components. It uses a SQL Server as a provider.
      The application works fine when it's running on my own machine.
      >
      After I publish the site to a remote webserver and recreate the database
      over on the remote site, the permissions on the folders are gone.
      >
      I can succesfully log on, log off, and do all the 'normal' membership
      stuff, but the folders I had protected through the Web Site Administration
      Tool are now accessible to unauthenticated users.
      >
      The application appears to be set up just fine on the remote machine,
      because I can logon etc. It's just that the folders that should be
      accessible only to authenticated users in a particular role, are now
      accessible to any user.
      >
      The RELEVANT portion of my web.config;
      >
      <configSections >
      <section name="authentic ationService"
      type="System.We b.Configuration .ScriptingAuthe nticationServic eSection,
      System.Web.Exte nsions, Version=3.5.0.0 , Culture=neutral ,
      PublicKeyToken= 31BF3856AD364E3 5" requirePermissi on="false"
      allowDefinition ="MachineToAppl ication"/>
      <section name="roleServi ce"
      type="System.We b.Configuration .ScriptingRoleS erviceSection,
      System.Web.Exte nsions, Version=3.5.0.0 , Culture=neutral ,
      PublicKeyToken= 31BF3856AD364E3 5" requirePermissi on="false"
      allowDefinition ="MachineToAppl ication"/>
      </configSections>
      <appSettings/>
      <connectionStri ngs>
      <add name="MySqlConn ection" connectionStrin g="Data Source=(local); Initial
      Catalog=Drops;I ntegrated Security=True;"
      providerName="S ystem.Data.SqlC lient"/>
      </connectionStrin gs>
      <system.web>
      <roleManager enabled="true" cacheRolesInCoo kie="true"
      defaultProvider ="SqlProvide r">
      <providers>
      <clear/>
      <add name="SqlProvid er" type="System.We b.Security.SqlR oleProvider"
      connectionStrin gName="MySqlCon nection" applicationName ="Domain Catcher"/>
      </providers>
      </roleManager>
      <authenticati on mode="Forms">
      <forms name=".ASPXFORM SAUTH" loginUrl="Login .aspx" />
      </authentication>
      <membership defaultProvider ="SqlProvide r" userIsOnlineTim eWindow="15">
      <providers>
      <clear/>
      <add name="SqlProvid er"
      type="System.We b.Security.SqlM embershipProvid er"
      connectionStrin gName="MySqlCon nection" applicationName ="Domain Catcher"
      enablePasswordR etrieval="false " enablePasswordR eset="true"
      requiresQuestio nAndAnswer="tru e" requiresUniqueE mail="true"
      passwordFormat= "Hashed"/>
      </providers>
      </membership>
      >
      >
      Any ideas?
      >
      Thanks,
      >
      Tino

        Comment

        • Tino Donderwinkel
          #3
          Re: Membership permissions after publishing an ASP.NET Membership site.

          I found the problem recently. It really is some sort of bug;

          http://www.tino.nl/index.php/2008/06/17/publishing-an-aspnet-site-that-uses-membership-components/


          Tino


          "clintonG" <nobody@nowhere .comwrote in message
          news:%23quP54I0 IHA.5400@TK2MSF TNGP02.phx.gbl. ..
          ASP.NET Core, an open-source web development framework | .NET
          http://www.asp.net/Learn/videos/video-303.aspx
          Build web apps and services that run on Windows, Linux, and macOS using C#, HTML, CSS, and JavaScript. Get started for free on Windows, Linux, or macOS.

          >
          >
          "Tino Donderwinkel" <tino@tino.nlwr ote in message
          news:elQjEb6zIH A.2384@TK2MSFTN GP02.phx.gbl...
          >Hi all,
          >>
          >I have create a simple ASP.NET site that uses the ASP.NET Membership
          >components. It uses a SQL Server as a provider.
          >The application works fine when it's running on my own machine.
          >>
          >After I publish the site to a remote webserver and recreate the database
          >over on the remote site, the permissions on the folders are gone.
          >>
          >I can succesfully log on, log off, and do all the 'normal' membership
          >stuff, but the folders I had protected through the Web Site
          >Administrati on Tool are now accessible to unauthenticated users.
          >>
          >The application appears to be set up just fine on the remote machine,
          >because I can logon etc. It's just that the folders that should be
          >accessible only to authenticated users in a particular role, are now
          >accessible to any user.
          >>
          >The RELEVANT portion of my web.config;
          >>
          ><configSection s>
          > <section name="authentic ationService"
          >type="System.W eb.Configuratio n.ScriptingAuth enticationServi ceSection,
          >System.Web.Ext ensions, Version=3.5.0.0 , Culture=neutral ,
          >PublicKeyToken =31BF3856AD364E 35" requirePermissi on="false"
          >allowDefinitio n="MachineToApp lication"/>
          > <section name="roleServi ce"
          >type="System.W eb.Configuratio n.ScriptingRole ServiceSection,
          >System.Web.Ext ensions, Version=3.5.0.0 , Culture=neutral ,
          >PublicKeyToken =31BF3856AD364E 35" requirePermissi on="false"
          >allowDefinitio n="MachineToApp lication"/>
          ></configSections>
          ><appSettings/>
          ><connectionStr ings>
          > <add name="MySqlConn ection" connectionStrin g="Data
          >Source=(local) ;Initial Catalog=Drops;I ntegrated Security=True;"
          >providerName=" System.Data.Sql Client"/>
          ></connectionStrin gs>
          ><system.web>
          > <roleManager enabled="true" cacheRolesInCoo kie="true"
          >defaultProvide r="SqlProvider" >
          > <providers>
          > <clear/>
          > <add name="SqlProvid er" type="System.We b.Security.SqlR oleProvider"
          >connectionStri ngName="MySqlCo nnection" applicationName ="Domain Catcher"/>
          > </providers>
          > </roleManager>
          > <authenticati on mode="Forms">
          > <forms name=".ASPXFORM SAUTH" loginUrl="Login .aspx" />
          > </authentication>
          > <membership defaultProvider ="SqlProvide r" userIsOnlineTim eWindow="15">
          > <providers>
          > <clear/>
          > <add name="SqlProvid er"
          >type="System.W eb.Security.Sql MembershipProvi der"
          >connectionStri ngName="MySqlCo nnection" applicationName ="Domain Catcher"
          >enablePassword Retrieval="fals e" enablePasswordR eset="true"
          >requiresQuesti onAndAnswer="tr ue" requiresUniqueE mail="true"
          >passwordFormat ="Hashed"/>
          > </providers>
          > </membership>
          >>
          >>
          >Any ideas?
          >>
          >Thanks,
          >>
          >Tino
          >

            Comment

            Previous template Next
            Working...