Security :: Membership Provider Changes After Successful Login?

Nov 8, 2010

I have a site in which I'm intending to use multiple membership providers. I'm using my own custom membership provider to provide access to several data stores depending on the section in which the user's information resides.

The actual login functions correctly using the built-in ASP.NET Login component in which I've manually specified the membership provider it should validate against. When I run a trace on it's actions, I can see that it attempts the 'validateuser' against the correct data store and continues to redirect the user to their applicable section.

The problem is that once they are logged in and the site (or I) call 'GetUser' to get the users information or permissions, the membership provider reverts to the site's default provider.

In my custom membership provider I'm only overriding the methods for GetUser and Validate user which is working perfectly fine for a singular membership provider, but not when using a different provider.

How can I ensure that the correct membership provider is retained with the user's membership details? Is there a method that I need to override/append in order to achieve what I'm looking for?

View 1 Replies


Similar Messages:

Security :: MemberShip Provider - Lock On The Page Login?

Jan 6, 2011

I have a problem with a login module in my website.

I use a membership provider custom on my website.

My login page is the default page. When I go in [URL](the root) I see my login page.

When I try to connect with my user and password, I'm not redirect to my url destination and reload the login page.

BUT if I go in the url : [URL] (my login page), I'm correctly redirect to my secure page.

Are you a idea of my problem ?

I use Visual Studio 2010 with framework 4.0, and IIS 7.5

my web.config :

[Code]....

View 5 Replies

Security :: Login Controls And Custom Membership Provider?

Oct 11, 2010

I am working on implementing a custom membership provider that works against an existing schema in my database and have a few thoughts/question.The login control will automatically call the ValidateUser method of the membership provider, so no matter how I implement the provider the only thing the login control cares about the bool value returned by this method. What I am confused about is there could be numerous reasons why a login attempt failed; user is locked out, too many tries in a period of time, etc. There is no way that I see to convey that to the control so it could display the proper message. Other properties of the membership provider such as PasswordStrengthRegularExpression have absolutely no effect on the login control as well (out of the box), I would have hoped that it would automatically somehow translate into regular expression validators, but that doesn't seem to be the case. So it seems that I need to initialize the login control properties with these settings out of the provider configuration if I want them to take on the control itself.

If the only thing that the Login control does out of the box (without manually handling events and doing the initialization as described above) is call the ValidateUser method on the membership provider, I see no way to convey back to the Login control why the validation failed or even doing things like throttling the validation requests based on a certain time window. Ultimately my question is why would I even use the membership provider then in conjunction with the login control? It seems like it was only designed for a Yes/No type response, which is very restrictive. If I want to build in logic with different messages back to the user I need to handle the login control events and call my own authentication classes that will handle all of my business requirements as well as return a custom error message back to the Login control to display to the user so they know why their attempt is invalid.

Unless I am wrong in my assumptions, it seems that the interface between the Login control as the membership API is too restrictive to be useful. Perhaps the API works better for other auth controls like ChangePassword better but for the actual Login control I don't see the point.

View 1 Replies

Security :: Manual Login Control Using Membership Provider Script

Feb 1, 2010

I am using manual Login using asp membership provider. which is working fine

Here is the code

[Code]....

1. Remember me check box

2. Exception handling incase account is locked or was the id and passwod incorrect how do i find that out.

View 4 Replies

Security :: Multiple Logins And Login Types In Default .NET Membership Provider?

Sep 8, 2010

What do you think about an ability of having multiple logins and login types to be attached to the same user? Let me explain this by showing how database schema can be re-factored to support this model:


Remove [Password], [PasswordSalt] columns from [Users] database tableAdd [Logins] table with one-to-many relationship between [Users] and [Logins] tables.This will allow one user to have multiple credentials attached to his or her account of different types such as Username&Password, Windows Live ID, Open ID from different providers

You will be able to restrict allowed login types and OpenID providers in web.config

So.. do you think it is a good idea to add support of this model into ASP.NET 4.5/5.0 membership service?

http://aspnet.codeplex.com/workitem/7149

View 1 Replies

Security :: Make Login.aspx Called By A Form At Page Load And Return To It After Successful Login

Apr 12, 2010

A Login.aspx has been created to enforce security on several forms of a web site.How can it be best called by each form at page load and return to that form after succesful login? How could that requirement be declared in web.config?

View 3 Replies

Security :: "Could Not Find The Specified Membership Provider" When Login?

Mar 12, 2010

i face this problem all of a sudden when i complete my registering page

after i enter username and password then press login button the page lead to this error

I cant recall what had i done that may affect this error

View 8 Replies

Security :: Forms Authentication With AD Membership Provider And SQL Role Provider?

Jul 27, 2010

I am trying to build an application that

1. user can login by their AD account and password.

2. AD account can be assigned to different group.

I know there is a training video - [URL] to teach how to use the tool to provision the membership schema to SQL server for Forms authentication. but how can I use AD authentication with this?

View 1 Replies

Security :: Implement custom Role Provider And Membership Provider?

Dec 1, 2010

i have implemented custom role provider and membership provider .

login page : SignIn.aspx

on successful login it redirects to (index-Homepage.aspx)

now PROBLEM is when it successfully logged in ,and redirects to 'index-Homepage.aspx' it gives Anornymoustemplate ..while its verifying the role correctly in index-Homepage.aspx.cs

View 1 Replies

Security :: Difference Between Role Provider And Membership Provider?

Dec 1, 2010

1 - whats the difference between Role Provider and Membership provider ??

2- If we implement Custom Role Provider or Custom Membership provider then what does this means ? and which Provider do we use when we apply custom role provider or custom membership provider

View 4 Replies

Security :: Big Extension Of Membership Provider - Should Use A New Custom Provider

Mar 27, 2010

i'm building an application and i need to manage roles, users and more things so i tought to use the membership provider but i have some questions about it: can i full extend it and can i override the functions to use a database table to store infos about config or i need to build my own provider?

View 4 Replies

Security :: Authenticate With LDAP Wont Login Get Message "Your Login Attempt Was Not Successful. Please Try Again."

Nov 11, 2010

im trying to authenticate with LDAP for the 1st time. I used this URL as my guide: http://msdn.microsoft.com/en-us/library/ff650308.aspx

Im using VS 2010, .NET 4.0

Here's my web.config:

[Code]....

I have a Login.aspx page with a Login control.

I have create 1 user in my Active Directory with a login name of "john.doe" inside the Container name "Users"

The problem is It won't login and returns this message:

"Your login attempt was not successful. Please try again."

View 3 Replies

Security :: Successful Login Redirects To Directory Listing?

Oct 5, 2010

I have set the destinationpageurl of my login control to login.aspx. On successfully logging in to my website, I get redirected to the directory listing. Why is this? What am I doing wrong?

Also, what do I need to do to not allow the user to see the directory listing ever.

View 2 Replies

Security :: Redirect To Main.aspx After Successful Login Attempt In Login.aspx Page

Apr 25, 2010

I'm trying to develop a simple web application where I need to redirect to main.aspx after successful login attempt in login.aspx page.However,it is redirecting the page to defualt.aspx... Is there a way to redirect my application to main.aspx??

View 3 Replies

MVC :: Custom Login With NHibernate - Use The Membership Provider

Aug 5, 2010

how do i create the login? I don't want to use the membership provider, I need some logic to login in the user? I can of course make all the validation of the user, the problem is to create the cookie or session

public ActionResult LogOn(string email, string password, bool? rememberMe)
{
//Create som cookie or session I can use for user login?
return null;
}

View 2 Replies

C# - Login Control And Custom Membership Provider?

Oct 11, 2010

I am working on implementing a custom membership provider that works against an existing schema in my database and have a few thoughts/questions.The login control will automatically call the ValidateUser method of the membership provider, so no matter how I implement the provider the only thing the login control cares about is the bool value returned by this method. What I am confused about is there could be numerous reasons why a login attempt failed; user is locked out, too many tries in a period of time, etc. There is no way that I see to convey that to the control so it could display the proper message. Other properties of the membership provider such as PasswordStrengthRegularExpression have absolutely no effect on the login control as well (out of the box), I would have hoped that it would automatically somehow translate into regular expression validators, but that doesn't seem to be the case. So it seems that I need to initialize the login control properties with these settings out of the provider configuration if I want them to take on the control itself.

If the only thing that the Login control does out of the box (without manually handling events and doing the initialization as described above) is call the ValidateUser method on the membership provider, I see no way to convey back to the Login control why the validation failed or even doing things like throttling the validation requests based on a certain time window. Ultimately my question is why would I even use the membership provider then in conjunction with the login control? It seems like it was only designed for a Yes/No type response, which is very restrictive. If I want to build in logic with different messages back to the user I need to handle the login control events and call my own authentication classes that will handle all of my business requirements as well as return a custom error message back to the Login control to display to the user so they know why their attempt is invalid.Unless I am wrong in my assumptions, it seems that the interface between the Login control as the membership API is too restrictive to be useful. Perhaps the API works better for other auth controls like ChangePassword better but for the actual Login control I don't see the point.

View 3 Replies

Security :: Login Form Rejecting Valid Login With Forms Based Security And Membership Service

Jan 21, 2010

I've set up a system with forms based authentication and using the asp:Login control. When I put in an invalid password I get the approriate invalid password message. However when I put in a valid password, it does nothing...just returns to the login page again. I'm triple checked the login info. There is no error message, and the invalid attempts counter doesn't increment. When I put a break point in the Login_LoggedIn event of the Login form, it hits it, but User.Identity.IsAuthenticated is false. I'm not 100% sure it should be true at this point, as I'm pretty new to .NET but it seems kind of odd.

My user database is stored in a sqlserver 2005 db that already existed. I've added a new connection for it.In the authorization I have

<authorization>deny
users="?"/><authorization>

View 2 Replies

Controls :: Membership Provider Login Error In Visual Studio 2013

May 7, 2015

I have create a new website with vs 2013, i have sql server 2008 data base on my server. I am using defautl memberships table of sql server for login and and roles. it works fine with vs 2010 but when i use the same web.config setting in vs 2013 and try to login it gives me following error.

Invalid column name 'Email'.
Invalid column name 'EmailConfirmed'.
Invalid column name 'PhoneNumber'.
Invalid column name 'PhoneNumberConfirmed'.

[Code] ....

View 1 Replies

Security :: SQL Membership Provider Using .NET 3.5 C#?

Dec 13, 2010

I am using SQL Membership Provider to create user accounts for my web site and for some reason, the CreateDate and LastLoginDate fields are NOT saving the current time of my machine when I add a new user to the website. It is showing the previous day's date and the time is displayed as PM when it's AM and vise-versa in the CreateDate and LastLoginDate fields in aspnet_Membership table. I am developing and running the website via localhost on my laptop using IIS 7 (Windows 7). Does this have anything to do with my laptop's clock settings or is there something I need to configure in the web.config file or in IIS.

View 4 Replies

Security :: Lastlogindate - .NET 2 Membership Provider?

Feb 18, 2010

to allow admin to log into a members account in the ASP.NET 2 Membership provider and not change the lastlogindate field?

View 3 Replies

Security :: How To Customize Membership Provider In .net 3.5

Sep 1, 2010

I have more problem in costomize membership provider, i did download the code in c# from videos tutorial, that code have Membership provider class. but i am unable to use that class. how i will use it.

View 7 Replies

Security :: Extending .NET Membership Provider

Feb 23, 2011

am having an argument at work on the asp.net membership provider.One of my colleagues says we should modify the tables and add our own custom columns, and i prefer we create additional tables and add relationships.

View 1 Replies

Security :: Configuring Membership Provider To Use SSL?

Jan 4, 2010

Im learning how to use the SqlMembershipProvider. I want to use my google mail account to send the automatic mail message like for example to recover passwords.

I have this in my web-config

<system.net>

View 6 Replies

Security :: Default Membership Provider Must Be Specified

Mar 16, 2010

Server Error in '/' Application. Default Membership Provider must be specified. Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code. Exception Details: System.Configuration.Provider.ProviderException: Default Membership Provider must be specified. Source Error:

[Code]....

Stack Trace:

[Code]....

View 1 Replies

Security :: Integrating YAF To .net Membership Provider?

Jul 3, 2010

I have a website with asp.net membership, and its fully working.. today .. I installed YAF -yet another asp.net forum- version 1.9.4 to a subdirectory in my website.

the problem is .. both of them are working independently, and i need to integrate them to work with one login system.

View 1 Replies







Copyrights 2005-15 www.BigResource.com, All rights reserved