Home | Contact Us | FAQ | Search & Site Map | Link to Us
Sign In | Join | Other 45 Sites in Network
HomeAnnouncementsFree MagazinesWhite PapersSubmit Content
Discussion GroupsASP.NETWindows FormsLanguages.NET FrameworkVisual Studio.NET
Articles.NET FrameworkASP.NETToolsWindows Forms
.NET DirectoryOpen Source ProjectsUser GroupsWeb Resources
Related Topics
Visual Basic 6SQL ServerMS AccessOther DB ProductsMS Server ProductsMore Topics ...
.NET Forum / ASP.NET / Security / July 2007

Tip: Looking for answers? Try searching our database.

SqlMembershipProvider not working on production server

Thread view: 
Enable EMail Alerts  Start New Thread
Thread rating: 
chambersdon@hotmail.com - 09 Jul 2007 21:14 GMT
I have an application that uses the SqlMembershipProvider and
SqlRoleProvider for security.  I have setup my SQL Server database
using aspnet_regsql.exe and configured my application to hit the
correct database.  Everything works as expected when running on my
development machine, and on our test server.  But when running on our
production server it will not work.

On the production server, I get this behavior:
If I enter an incorrect password, I get the expected error message.
If I enter the correct password I get nothing - the login page just
reloads.  I get no error message and I am not redirected to the target
page.

All three of these servers hit the same SQL Server database for
security and for the application.  All machines are running IIS.

How can I get more information about what is happening?

Thanks,
  Don
Reply to this Message
Dominick Baier - 09 Jul 2007 21:23 GMT
I have seen similar behavior when the required validation scripts are not
in the right place on the server...

do you have a /aspnet_client/system_web/2_0_50727 vdir on your production
server?

-----
Dominick Baier (http://www.leastprivilege.com)

Developing More Secure Microsoft ASP.NET 2.0 Applications (http://www.microsoft.com/mspress/books/9989.asp)

> I have an application that uses the SqlMembershipProvider and
> SqlRoleProvider for security.  I have setup my SQL Server database
[quoted text clipped - 15 lines]
> Thanks,
> Do
Reply to this Message
chambersdon@hotmail.com - 10 Jul 2007 15:34 GMT
On Jul 9, 4:23 pm, Dominick Baier
<dbaier@pleasepleasenospam_leastprivilege.com> wrote:
> I have seen similar behavior when the required validation scripts are not
> in the right place on the server...

Yes, that directory in on the production server.

We found that if we add 'cookieless="UseUri"' to the authentication
tag everything works.

It appears that cookies are not being generated from the produciton
server.  This is not a browser setting because it works in dev and
test.

Why would the server to generate the cookies?  Is there a setting on
the server?

> do you have a /aspnet_client/system_web/2_0_50727 vdir on your production
> server?
[quoted text clipped - 25 lines]
>
> - Show quoted text -
Reply to this Message

Free Magazines

Get these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...

Oracle MagazineNetwork ComputingComputer WorldBio-IT WorldeWeekInformation WeekInfosecurity
 
Sign In
Join
My Latest Posts
My Monitored Threads
My Blog
My Photo Gallery
My Profile
My Homepage
Start New Thread
Enable EMail Alerts
Rate this Thread



©2008 Advenet LLC   Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.