Membership permissions after publishing an ASP.NET Membership site.

Discussion in 'ASP .Net' started by Tino Donderwinkel, Jun 16, 2008.

  1. Hi all,

    I have create a simple ASP.NET site that uses the ASP.NET Membership
    components. It uses a SQL Server as a provider.
    The application works fine when it's running on my own machine.

    After I publish the site to a remote webserver and recreate the database
    over on the remote site, the permissions on the folders are gone.

    I can succesfully log on, log off, and do all the 'normal' membership stuff,
    but the folders I had protected through the Web Site Administration Tool are
    now accessible to unauthenticated users.

    The application appears to be set up just fine on the remote machine,
    because I can logon etc. It's just that the folders that should be
    accessible only to authenticated users in a particular role, are now
    accessible to any user.

    The RELEVANT portion of my web.config;

    <configSections>
    <section name="authenticationService"
    type="System.Web.Configuration.ScriptingAuthenticationServiceSection,
    System.Web.Extensions, Version=3.5.0.0, Culture=neutral,
    PublicKeyToken=31BF3856AD364E35" requirePermission="false"
    allowDefinition="MachineToApplication"/>
    <section name="roleService"
    type="System.Web.Configuration.ScriptingRoleServiceSection,
    System.Web.Extensions, Version=3.5.0.0, Culture=neutral,
    PublicKeyToken=31BF3856AD364E35" requirePermission="false"
    allowDefinition="MachineToApplication"/>
    </configSections>
    <appSettings/>
    <connectionStrings>
    <add name="MySqlConnection" connectionString="Data Source=(local);Initial
    Catalog=Drops;Integrated Security=True;"
    providerName="System.Data.SqlClient"/>
    </connectionStrings>
    <system.web>
    <roleManager enabled="true" cacheRolesInCookie="true"
    defaultProvider="SqlProvider">
    <providers>
    <clear/>
    <add name="SqlProvider" type="System.Web.Security.SqlRoleProvider"
    connectionStringName="MySqlConnection" applicationName="Domain Catcher"/>
    </providers>
    </roleManager>
    <authentication mode="Forms">
    <forms name=".ASPXFORMSAUTH" loginUrl="Login.aspx" />
    </authentication>
    <membership defaultProvider="SqlProvider" userIsOnlineTimeWindow="15">
    <providers>
    <clear/>
    <add name="SqlProvider" type="System.Web.Security.SqlMembershipProvider"
    connectionStringName="MySqlConnection" applicationName="Domain Catcher"
    enablePasswordRetrieval="false" enablePasswordReset="true"
    requiresQuestionAndAnswer="true" requiresUniqueEmail="true"
    passwordFormat="Hashed"/>
    </providers>
    </membership>


    Any ideas?

    Thanks,

    Tino
     
    Tino Donderwinkel, Jun 16, 2008
    #1
    1. Advertising

  2. Tino Donderwinkel

    clintonG Guest

    http://www.asp.net/Learn/videos/video-303.aspx


    "Tino Donderwinkel" <> wrote in message
    news:...
    > Hi all,
    >
    > I have create a simple ASP.NET site that uses the ASP.NET Membership
    > components. It uses a SQL Server as a provider.
    > The application works fine when it's running on my own machine.
    >
    > After I publish the site to a remote webserver and recreate the database
    > over on the remote site, the permissions on the folders are gone.
    >
    > I can succesfully log on, log off, and do all the 'normal' membership
    > stuff, but the folders I had protected through the Web Site Administration
    > Tool are now accessible to unauthenticated users.
    >
    > The application appears to be set up just fine on the remote machine,
    > because I can logon etc. It's just that the folders that should be
    > accessible only to authenticated users in a particular role, are now
    > accessible to any user.
    >
    > The RELEVANT portion of my web.config;
    >
    > <configSections>
    > <section name="authenticationService"
    > type="System.Web.Configuration.ScriptingAuthenticationServiceSection,
    > System.Web.Extensions, Version=3.5.0.0, Culture=neutral,
    > PublicKeyToken=31BF3856AD364E35" requirePermission="false"
    > allowDefinition="MachineToApplication"/>
    > <section name="roleService"
    > type="System.Web.Configuration.ScriptingRoleServiceSection,
    > System.Web.Extensions, Version=3.5.0.0, Culture=neutral,
    > PublicKeyToken=31BF3856AD364E35" requirePermission="false"
    > allowDefinition="MachineToApplication"/>
    > </configSections>
    > <appSettings/>
    > <connectionStrings>
    > <add name="MySqlConnection" connectionString="Data Source=(local);Initial
    > Catalog=Drops;Integrated Security=True;"
    > providerName="System.Data.SqlClient"/>
    > </connectionStrings>
    > <system.web>
    > <roleManager enabled="true" cacheRolesInCookie="true"
    > defaultProvider="SqlProvider">
    > <providers>
    > <clear/>
    > <add name="SqlProvider" type="System.Web.Security.SqlRoleProvider"
    > connectionStringName="MySqlConnection" applicationName="Domain Catcher"/>
    > </providers>
    > </roleManager>
    > <authentication mode="Forms">
    > <forms name=".ASPXFORMSAUTH" loginUrl="Login.aspx" />
    > </authentication>
    > <membership defaultProvider="SqlProvider" userIsOnlineTimeWindow="15">
    > <providers>
    > <clear/>
    > <add name="SqlProvider"
    > type="System.Web.Security.SqlMembershipProvider"
    > connectionStringName="MySqlConnection" applicationName="Domain Catcher"
    > enablePasswordRetrieval="false" enablePasswordReset="true"
    > requiresQuestionAndAnswer="true" requiresUniqueEmail="true"
    > passwordFormat="Hashed"/>
    > </providers>
    > </membership>
    >
    >
    > Any ideas?
    >
    > Thanks,
    >
    > Tino
     
    clintonG, Jun 17, 2008
    #2
    1. Advertising

  3. I found the problem recently. It really is some sort of bug;

    http://www.tino.nl/index.php/2008/06/17/publishing-an-aspnet-site-that-uses-membership-components/

    Tino


    "clintonG" <> wrote in message
    news:%...
    > http://www.asp.net/Learn/videos/video-303.aspx
    >
    >
    > "Tino Donderwinkel" <> wrote in message
    > news:...
    >> Hi all,
    >>
    >> I have create a simple ASP.NET site that uses the ASP.NET Membership
    >> components. It uses a SQL Server as a provider.
    >> The application works fine when it's running on my own machine.
    >>
    >> After I publish the site to a remote webserver and recreate the database
    >> over on the remote site, the permissions on the folders are gone.
    >>
    >> I can succesfully log on, log off, and do all the 'normal' membership
    >> stuff, but the folders I had protected through the Web Site
    >> Administration Tool are now accessible to unauthenticated users.
    >>
    >> The application appears to be set up just fine on the remote machine,
    >> because I can logon etc. It's just that the folders that should be
    >> accessible only to authenticated users in a particular role, are now
    >> accessible to any user.
    >>
    >> The RELEVANT portion of my web.config;
    >>
    >> <configSections>
    >> <section name="authenticationService"
    >> type="System.Web.Configuration.ScriptingAuthenticationServiceSection,
    >> System.Web.Extensions, Version=3.5.0.0, Culture=neutral,
    >> PublicKeyToken=31BF3856AD364E35" requirePermission="false"
    >> allowDefinition="MachineToApplication"/>
    >> <section name="roleService"
    >> type="System.Web.Configuration.ScriptingRoleServiceSection,
    >> System.Web.Extensions, Version=3.5.0.0, Culture=neutral,
    >> PublicKeyToken=31BF3856AD364E35" requirePermission="false"
    >> allowDefinition="MachineToApplication"/>
    >> </configSections>
    >> <appSettings/>
    >> <connectionStrings>
    >> <add name="MySqlConnection" connectionString="Data
    >> Source=(local);Initial Catalog=Drops;Integrated Security=True;"
    >> providerName="System.Data.SqlClient"/>
    >> </connectionStrings>
    >> <system.web>
    >> <roleManager enabled="true" cacheRolesInCookie="true"
    >> defaultProvider="SqlProvider">
    >> <providers>
    >> <clear/>
    >> <add name="SqlProvider" type="System.Web.Security.SqlRoleProvider"
    >> connectionStringName="MySqlConnection" applicationName="Domain Catcher"/>
    >> </providers>
    >> </roleManager>
    >> <authentication mode="Forms">
    >> <forms name=".ASPXFORMSAUTH" loginUrl="Login.aspx" />
    >> </authentication>
    >> <membership defaultProvider="SqlProvider" userIsOnlineTimeWindow="15">
    >> <providers>
    >> <clear/>
    >> <add name="SqlProvider"
    >> type="System.Web.Security.SqlMembershipProvider"
    >> connectionStringName="MySqlConnection" applicationName="Domain Catcher"
    >> enablePasswordRetrieval="false" enablePasswordReset="true"
    >> requiresQuestionAndAnswer="true" requiresUniqueEmail="true"
    >> passwordFormat="Hashed"/>
    >> </providers>
    >> </membership>
    >>
    >>
    >> Any ideas?
    >>
    >> Thanks,
    >>
    >> Tino

    >
     
    Tino Donderwinkel, Jun 18, 2008
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. =?Utf-8?B?Sm9obiBCYWlsZXk=?=

    Publishing ASP .Net 2.0 Site

    =?Utf-8?B?Sm9obiBCYWlsZXk=?=, Jun 29, 2005, in forum: ASP .Net
    Replies:
    0
    Views:
    582
    =?Utf-8?B?Sm9obiBCYWlsZXk=?=
    Jun 29, 2005
  2. Rahul
    Replies:
    0
    Views:
    1,254
    Rahul
    Apr 28, 2006
  3. Allan Ebdrup
    Replies:
    1
    Views:
    859
    Allan Ebdrup
    May 2, 2007
  4. Agos
    Replies:
    7
    Views:
    293
  5. daveh551

    Difficulty publishing ASP.NET site

    daveh551, Apr 16, 2008, in forum: ASP .Net
    Replies:
    2
    Views:
    2,979
    daveh551
    Apr 17, 2008
Loading...

Share This Page