Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > ASP .Net > Membership permissions after publishing an ASP.NET Membership site.

Reply
Thread Tools

Membership permissions after publishing an ASP.NET Membership site.

 
 
Tino Donderwinkel
Guest
Posts: n/a
 
      06-16-2008
Hi all,

I have create a simple ASP.NET site that uses the ASP.NET Membership
components. It uses a SQL Server as a provider.
The application works fine when it's running on my own machine.

After I publish the site to a remote webserver and recreate the database
over on the remote site, the permissions on the folders are gone.

I can succesfully log on, log off, and do all the 'normal' membership stuff,
but the folders I had protected through the Web Site Administration Tool are
now accessible to unauthenticated users.

The application appears to be set up just fine on the remote machine,
because I can logon etc. It's just that the folders that should be
accessible only to authenticated users in a particular role, are now
accessible to any user.

The RELEVANT portion of my web.config;

<configSections>
<section name="authenticationService"
type="System.Web.Configuration.ScriptingAuthentica tionServiceSection,
System.Web.Extensions, Version=3.5.0.0, Culture=neutral,
PublicKeyToken=31BF3856AD364E35" requirePermission="false"
allowDefinition="MachineToApplication"/>
<section name="roleService"
type="System.Web.Configuration.ScriptingRoleServic eSection,
System.Web.Extensions, Version=3.5.0.0, Culture=neutral,
PublicKeyToken=31BF3856AD364E35" requirePermission="false"
allowDefinition="MachineToApplication"/>
</configSections>
<appSettings/>
<connectionStrings>
<add name="MySqlConnection" connectionString="Data Source=(local);Initial
Catalog=Drops;Integrated Security=True;"
providerName="System.Data.SqlClient"/>
</connectionStrings>
<system.web>
<roleManager enabled="true" cacheRolesInCookie="true"
defaultProvider="SqlProvider">
<providers>
<clear/>
<add name="SqlProvider" type="System.Web.Security.SqlRoleProvider"
connectionStringName="MySqlConnection" applicationName="Domain Catcher"/>
</providers>
</roleManager>
<authentication mode="Forms">
<forms name=".ASPXFORMSAUTH" loginUrl="Login.aspx" />
</authentication>
<membership defaultProvider="SqlProvider" userIsOnlineTimeWindow="15">
<providers>
<clear/>
<add name="SqlProvider" type="System.Web.Security.SqlMembershipProvider"
connectionStringName="MySqlConnection" applicationName="Domain Catcher"
enablePasswordRetrieval="false" enablePasswordReset="true"
requiresQuestionAndAnswer="true" requiresUniqueEmail="true"
passwordFormat="Hashed"/>
</providers>
</membership>


Any ideas?

Thanks,

Tino

 
Reply With Quote
 
 
 
 
clintonG
Guest
Posts: n/a
 
      06-17-2008
http://www.asp.net/Learn/videos/video-303.aspx


"Tino Donderwinkel" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> Hi all,
>
> I have create a simple ASP.NET site that uses the ASP.NET Membership
> components. It uses a SQL Server as a provider.
> The application works fine when it's running on my own machine.
>
> After I publish the site to a remote webserver and recreate the database
> over on the remote site, the permissions on the folders are gone.
>
> I can succesfully log on, log off, and do all the 'normal' membership
> stuff, but the folders I had protected through the Web Site Administration
> Tool are now accessible to unauthenticated users.
>
> The application appears to be set up just fine on the remote machine,
> because I can logon etc. It's just that the folders that should be
> accessible only to authenticated users in a particular role, are now
> accessible to any user.
>
> The RELEVANT portion of my web.config;
>
> <configSections>
> <section name="authenticationService"
> type="System.Web.Configuration.ScriptingAuthentica tionServiceSection,
> System.Web.Extensions, Version=3.5.0.0, Culture=neutral,
> PublicKeyToken=31BF3856AD364E35" requirePermission="false"
> allowDefinition="MachineToApplication"/>
> <section name="roleService"
> type="System.Web.Configuration.ScriptingRoleServic eSection,
> System.Web.Extensions, Version=3.5.0.0, Culture=neutral,
> PublicKeyToken=31BF3856AD364E35" requirePermission="false"
> allowDefinition="MachineToApplication"/>
> </configSections>
> <appSettings/>
> <connectionStrings>
> <add name="MySqlConnection" connectionString="Data Source=(local);Initial
> Catalog=Drops;Integrated Security=True;"
> providerName="System.Data.SqlClient"/>
> </connectionStrings>
> <system.web>
> <roleManager enabled="true" cacheRolesInCookie="true"
> defaultProvider="SqlProvider">
> <providers>
> <clear/>
> <add name="SqlProvider" type="System.Web.Security.SqlRoleProvider"
> connectionStringName="MySqlConnection" applicationName="Domain Catcher"/>
> </providers>
> </roleManager>
> <authentication mode="Forms">
> <forms name=".ASPXFORMSAUTH" loginUrl="Login.aspx" />
> </authentication>
> <membership defaultProvider="SqlProvider" userIsOnlineTimeWindow="15">
> <providers>
> <clear/>
> <add name="SqlProvider"
> type="System.Web.Security.SqlMembershipProvider"
> connectionStringName="MySqlConnection" applicationName="Domain Catcher"
> enablePasswordRetrieval="false" enablePasswordReset="true"
> requiresQuestionAndAnswer="true" requiresUniqueEmail="true"
> passwordFormat="Hashed"/>
> </providers>
> </membership>
>
>
> Any ideas?
>
> Thanks,
>
> Tino


 
Reply With Quote
 
 
 
 
Tino Donderwinkel
Guest
Posts: n/a
 
      06-18-2008
I found the problem recently. It really is some sort of bug;

http://www.tino.nl/index.php/2008/06...ip-components/

Tino


"clintonG" <(E-Mail Removed)> wrote in message
news:%(E-Mail Removed)...
> http://www.asp.net/Learn/videos/video-303.aspx
>
>
> "Tino Donderwinkel" <(E-Mail Removed)> wrote in message
> news:(E-Mail Removed)...
>> Hi all,
>>
>> I have create a simple ASP.NET site that uses the ASP.NET Membership
>> components. It uses a SQL Server as a provider.
>> The application works fine when it's running on my own machine.
>>
>> After I publish the site to a remote webserver and recreate the database
>> over on the remote site, the permissions on the folders are gone.
>>
>> I can succesfully log on, log off, and do all the 'normal' membership
>> stuff, but the folders I had protected through the Web Site
>> Administration Tool are now accessible to unauthenticated users.
>>
>> The application appears to be set up just fine on the remote machine,
>> because I can logon etc. It's just that the folders that should be
>> accessible only to authenticated users in a particular role, are now
>> accessible to any user.
>>
>> The RELEVANT portion of my web.config;
>>
>> <configSections>
>> <section name="authenticationService"
>> type="System.Web.Configuration.ScriptingAuthentica tionServiceSection,
>> System.Web.Extensions, Version=3.5.0.0, Culture=neutral,
>> PublicKeyToken=31BF3856AD364E35" requirePermission="false"
>> allowDefinition="MachineToApplication"/>
>> <section name="roleService"
>> type="System.Web.Configuration.ScriptingRoleServic eSection,
>> System.Web.Extensions, Version=3.5.0.0, Culture=neutral,
>> PublicKeyToken=31BF3856AD364E35" requirePermission="false"
>> allowDefinition="MachineToApplication"/>
>> </configSections>
>> <appSettings/>
>> <connectionStrings>
>> <add name="MySqlConnection" connectionString="Data
>> Source=(local);Initial Catalog=Drops;Integrated Security=True;"
>> providerName="System.Data.SqlClient"/>
>> </connectionStrings>
>> <system.web>
>> <roleManager enabled="true" cacheRolesInCookie="true"
>> defaultProvider="SqlProvider">
>> <providers>
>> <clear/>
>> <add name="SqlProvider" type="System.Web.Security.SqlRoleProvider"
>> connectionStringName="MySqlConnection" applicationName="Domain Catcher"/>
>> </providers>
>> </roleManager>
>> <authentication mode="Forms">
>> <forms name=".ASPXFORMSAUTH" loginUrl="Login.aspx" />
>> </authentication>
>> <membership defaultProvider="SqlProvider" userIsOnlineTimeWindow="15">
>> <providers>
>> <clear/>
>> <add name="SqlProvider"
>> type="System.Web.Security.SqlMembershipProvider"
>> connectionStringName="MySqlConnection" applicationName="Domain Catcher"
>> enablePasswordRetrieval="false" enablePasswordReset="true"
>> requiresQuestionAndAnswer="true" requiresUniqueEmail="true"
>> passwordFormat="Hashed"/>
>> </providers>
>> </membership>
>>
>>
>> Any ideas?
>>
>> Thanks,
>>
>> Tino

>


 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
In-depth documenation on User Permissions, Group Permissions, ACLs, DCLs etc. Curt K ASP .Net 0 11-03-2006 04:54 PM
System.Diagnostics Tracing does not work after publishing web service cesporma@Hotmail.com ASP .Net 0 03-29-2006 05:40 PM
Unknown error after publishing a website Piz ASP .Net 4 02-16-2006 12:00 AM
ASPX file returning obscur runtime error - after changing permissions to a subweb (.net app) to different permissions than on its parent ? Isabelle ASP .Net 0 08-11-2004 02:04 PM
Re: Permissions - giving "everyone" full permissions is bad ? Scott Allen ASP .Net 0 07-13-2004 08:54 PM



Advertisments