Velocity Reviews

Velocity Reviews (http://www.velocityreviews.com/forums/index.php)
-   ASP .Net Security (http://www.velocityreviews.com/forums/f62-asp-net-security.html)
-   -   Login Control / Forms Authentication with ActiveDirectoryMembersh (http://www.velocityreviews.com/forums/t769085-login-control-forms-authentication-with-activedirectorymembersh.html)

etierra 11-04-2006 04:58 AM

Login Control / Forms Authentication with ActiveDirectoryMembersh
 
Hi,

I'm currently developing an intranet ASP.net 2.0 application. I’m using the
login control that came with V.S. 2005. In my web.config , I use
ActiveDirectoryMembershipProvider so that my users can login using their
normal office network login accounts, which existss in our Active Directory
server .

Everything works fine, at first. Existing users can login using their
username and password, and if an incorrect username was entered, the login
conrol displays a message saying "Your login attempt was not successful.
Please try again" which is expected.

But the problem is, if the user logins with correct username but incorrect
password, the application is throwing an exception (please see the server
error message that I'm getting below).

I can't find the solution to fix this problem, or at least be able to catch
the exception so that at least I can display a friendly message and exit
gracefully or be able to redirect back to the login page.

I have tried everything, spent days and nights (mostly nights) finding the
solution but can't seem to make this work. Any ideas or thoughts would be
much appreciated

Thanks in advance.
Edwin Tierra


This is the partial content of my web.config:

<connectionStrings>
<add name="ADConnectionString"
connectionString=LDAP://ads-server.mydomain.net/DC=mydomain,DC=net />
<add name="MyASPNETDBConnectionString" connectionString="Data
Source=myDBServer;Initial Catalog=ASPNETDB;Integrated Security=True"
providerName="System.Data.SqlClient"/>
</connectionStrings>
<authorization>
<allow roles="sysadmin" />
<allow roles="projadmin" />
<allow roles="managers" />
<deny users="?" />
</authorization>
<authentication mode="Forms">
<forms name=".ADAuthCookie" defaultUrl="default.aspx" timeout="30"
domain="" />
</authentication>
<roleManager enabled="true" defaultProvider="CustomizedRoleProvider"
cookieTimeout="30" cookieSlidingExpiration="true">
<providers>
<add connectionStringName="MyASPNETDBConnectionString"
name="CustomizedRoleProvider"
type="System.Web.Security.SqlRoleProvider"
applicationName="/PMS.Net"/>
</providers>
</roleManager>
<membership defaultProvider="MyADMembershipProvider">
<providers>
<add connectionStringName="ADConnectionString"
applicationName="/PMS.Net"
connectionUsername="mydomain\administrator"
connectionPassword="password"
attributeMapUsername="sAMAccountName"
enableSearchMethods="true"
name="MyADMembershipProvider"
type="System.Web.Security.ActiveDirectoryMembershi pProvider, System.Web,
Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
</providers>
</membership>


This is the error message that I get when the application crashes:

Server Error in '/' Application.

A local error occurred.
Description: An unhandled exception occurred during the execution of the
current web request. Please review the stack trace for more information about
the error and where it originated in the code.

Exception Details: System.DirectoryServices.Protocols.LdapException: A local
error occurred.

Source Error:

An unhandled exception was generated during the execution of the current web
request. Information regarding the origin and location of the exception can
be identified using the exception stack trace below.

Stack Trace:

[LdapException: A local error occurred.]
System.DirectoryServices.Protocols.LdapConnection. BindHelper(NetworkCredential
newCredential, Boolean needSetCredential) +990
System.DirectoryServices.Protocols.LdapConnection. Bind(NetworkCredential
newCredential) +6
System.Web.Security.ActiveDirectoryMembershipProvi der.ValidateCredentials(String
username, String password) +221
System.Web.Security.ActiveDirectoryMembershipProvi der.ValidateUserCore(String
username, String password) +1180
System.Web.Security.ActiveDirectoryMembershipProvi der.ValidateUser(String
username, String password) +15
System.Web.UI.WebControls.Login.OnAuthenticate(Aut henticateEventArgs e) +160
System.Web.UI.WebControls.Login.AttemptLogin() +105
System.Web.UI.WebControls.Login.OnBubbleEvent(Obje ct source, EventArgs e) +99
System.Web.UI.Control.RaiseBubbleEvent(Object source, EventArgs args) +35
System.Web.UI.WebControls.Button.OnCommand(Command EventArgs e) +115
System.Web.UI.WebControls.Button.RaisePostBackEven t(String eventArgument)
+163
System.Web.UI.WebControls.Button.System.Web.UI.IPo stBackEventHandler.RaisePostBackEvent(String
eventArgument) +7
System.Web.UI.Page.RaisePostBackEvent(IPostBackEve ntHandler sourceControl,
String eventArgument) +11
System.Web.UI.Page.RaisePostBackEvent(NameValueCol lection postData) +33
System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint,
Boolean includeStagesAfterAsyncPoint) +5102


Version Information: Microsoft .NET Framework Version:2.0.50727.42; ASP.NET
Version:2.0.50727.42



All times are GMT. The time now is 01:26 PM.

Powered by vBulletin®. Copyright ©2000 - 2014, vBulletin Solutions, Inc.
SEO by vBSEO ©2010, Crawlability, Inc.