Login Control / Forms Authentication with ActiveDirectoryMembersh

Discussion in 'ASP .Net Security' started by etierra, Nov 4, 2006.

  1. etierra

    etierra Guest

    Hi,

    I'm currently developing an intranet ASP.net 2.0 application. I’m using the
    login control that came with V.S. 2005. In my web.config , I use
    ActiveDirectoryMembershipProvider so that my users can login using their
    normal office network login accounts, which existss in our Active Directory
    server .

    Everything works fine, at first. Existing users can login using their
    username and password, and if an incorrect username was entered, the login
    conrol displays a message saying "Your login attempt was not successful.
    Please try again" which is expected.

    But the problem is, if the user logins with correct username but incorrect
    password, the application is throwing an exception (please see the server
    error message that I'm getting below).

    I can't find the solution to fix this problem, or at least be able to catch
    the exception so that at least I can display a friendly message and exit
    gracefully or be able to redirect back to the login page.

    I have tried everything, spent days and nights (mostly nights) finding the
    solution but can't seem to make this work. Any ideas or thoughts would be
    much appreciated

    Thanks in advance.
    Edwin Tierra


    This is the partial content of my web.config:

    <connectionStrings>
    <add name="ADConnectionString"
    connectionString=LDAP://ads-server.mydomain.net/DC=mydomain,DC=net />
    <add name="MyASPNETDBConnectionString" connectionString="Data
    Source=myDBServer;Initial Catalog=ASPNETDB;Integrated Security=True"
    providerName="System.Data.SqlClient"/>
    </connectionStrings>
    <authorization>
    <allow roles="sysadmin" />
    <allow roles="projadmin" />
    <allow roles="managers" />
    <deny users="?" />
    </authorization>
    <authentication mode="Forms">
    <forms name=".ADAuthCookie" defaultUrl="default.aspx" timeout="30"
    domain="" />
    </authentication>
    <roleManager enabled="true" defaultProvider="CustomizedRoleProvider"
    cookieTimeout="30" cookieSlidingExpiration="true">
    <providers>
    <add connectionStringName="MyASPNETDBConnectionString"
    name="CustomizedRoleProvider"
    type="System.Web.Security.SqlRoleProvider"
    applicationName="/PMS.Net"/>
    </providers>
    </roleManager>
    <membership defaultProvider="MyADMembershipProvider">
    <providers>
    <add connectionStringName="ADConnectionString"
    applicationName="/PMS.Net"
    connectionUsername="mydomain\administrator"
    connectionPassword="password"
    attributeMapUsername="sAMAccountName"
    enableSearchMethods="true"
    name="MyADMembershipProvider"
    type="System.Web.Security.ActiveDirectoryMembershipProvider, System.Web,
    Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
    </providers>
    </membership>


    This is the error message that I get when the application crashes:

    Server Error in '/' Application.

    A local error occurred.
    Description: An unhandled exception occurred during the execution of the
    current web request. Please review the stack trace for more information about
    the error and where it originated in the code.

    Exception Details: System.DirectoryServices.Protocols.LdapException: A local
    error occurred.

    Source Error:

    An unhandled exception was generated during the execution of the current web
    request. Information regarding the origin and location of the exception can
    be identified using the exception stack trace below.

    Stack Trace:

    [LdapException: A local error occurred.]
    System.DirectoryServices.Protocols.LdapConnection.BindHelper(NetworkCredential
    newCredential, Boolean needSetCredential) +990
    System.DirectoryServices.Protocols.LdapConnection.Bind(NetworkCredential
    newCredential) +6
    System.Web.Security.ActiveDirectoryMembershipProvider.ValidateCredentials(String
    username, String password) +221
    System.Web.Security.ActiveDirectoryMembershipProvider.ValidateUserCore(String
    username, String password) +1180
    System.Web.Security.ActiveDirectoryMembershipProvider.ValidateUser(String
    username, String password) +15
    System.Web.UI.WebControls.Login.OnAuthenticate(AuthenticateEventArgs e) +160
    System.Web.UI.WebControls.Login.AttemptLogin() +105
    System.Web.UI.WebControls.Login.OnBubbleEvent(Object source, EventArgs e) +99
    System.Web.UI.Control.RaiseBubbleEvent(Object source, EventArgs args) +35
    System.Web.UI.WebControls.Button.OnCommand(CommandEventArgs e) +115
    System.Web.UI.WebControls.Button.RaisePostBackEvent(String eventArgument)
    +163
    System.Web.UI.WebControls.Button.System.Web.UI.IPostBackEventHandler.RaisePostBackEvent(String
    eventArgument) +7
    System.Web.UI.Page.RaisePostBackEvent(IPostBackEventHandler sourceControl,
    String eventArgument) +11
    System.Web.UI.Page.RaisePostBackEvent(NameValueCollection postData) +33
    System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint,
    Boolean includeStagesAfterAsyncPoint) +5102


    Version Information: Microsoft .NET Framework Version:2.0.50727.42; ASP.NET
    Version:2.0.50727.42
     
    etierra, Nov 4, 2006
    #1
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Eric
    Replies:
    2
    Views:
    1,564
    Tommy
    Feb 13, 2004
  2. Pascal Blanchard
    Replies:
    0
    Views:
    279
    Pascal Blanchard
    Aug 17, 2004
  3. Pascal Blanchard
    Replies:
    1
    Views:
    310
    Pascal Blanchard
    Aug 18, 2004
  4. Keltex
    Replies:
    1
    Views:
    453
    Dominick Baier [DevelopMentor]
    Jan 24, 2006
  5. Eric
    Replies:
    2
    Views:
    644
Loading...

Share This Page