'Username cannot be found' after modifying provider element - asp.net-membership

I am having trouble hitting the ASPNETDB.MDF database. It actually works fine until I add some code to the web config. This is the code I added that prevents me from connecting...
<membership defaultProvider="CustomizedProvider">
<providers>
<add name="CustomizedProvider"
type="System.Web.Security.SqlMembershipProvider"
connectionStringName="LocalSqlServer"
applicationName="MyApp"
minRequiredPasswordLength="5"
minRequiredNonalphanumericCharacters="0"
/>
</providers>
</membership>
I added it because I wanted to take advantage of the password constraints it affords. That said, the name of the connection string hasn't changed and no code change. But when I try to log in its telling me that the username cannot be found. I should ntoe that I am using the same un and pw which, by the way, meet these new constraints.
This is an ASP.NET 4.0 application

There doesn't seem to be anything wrong with the syntax, if the connection string name is correct then are you sure the application name is correct? This should be the application name in the database (defaults to '/') not the name of your application in visual studio.

Related

How to allow a DELETE method with IIS Express and Web API?

I am trying to send a delete request to my Web API service via Fiddler and am getting back a 405 "Method not allowed" error.
I have read extensively about removing the "WebDAV" module in web.config and similar suggestions (WebDAV is not enabled in my applicationhost.config anyway), but nothing I have tried has worked.
My service is currently running on IIS Express 10 (launching from Visual Studio). I do have this in my web.config file:
<add name="ExtensionlessUrlHandler-Integrated-4.0" path="*." verb="*" type="System.Web.Handlers.TransferRequestHandler"
preCondition="integratedMode,runtimeVersionv4.0"/>
I would have thought the verb="*" piece would have allowed DELETE, but it does not seem to work.
One other note - when I inspect the response in Fiddler, under the Security heading it says: Allow: GET, POST.
I am not sure where that "Allow" parameter is being set (I am new to Web API).
Any help would be greatly appreciated. Please let me know what other information you need from me and I will add it.
Thank you!
Just reproduced this by creating a new webapi project [targeting .net framework 4.7.1]
Through Fiddler, I can hit the DELETE endpoint without any changes to web.config.
Please make sure to use correct endpoint including the id parameter.
e.g http:localhost:xxxx/api/values/id // please include the id and xxxx is port number.
If http:localhost:xxxx/api/values is used without id , I get the same result 405 Method Not Allowed
Hope this helps.
You can modify the IIS Express applicationHost.config in the %userprofile%\documents\IISExpress\config folder.  To enable PUT and DELETE for extensionless Urls scroll down to the bottom of the IIS Express applicationHost.config file and look for a handler entry that starts with: <add name="ExtensionlessUrl-Integrated-4.0".... In the "verb" attribute add PUT and DELETE so the "verb" attribute looks like:  verb="GET,HEAD,POST,DEBUG,PUT,DELETE"
Update your web config like this
<system.webServer>
<validation validateIntegratedModeConfiguration="false"/>
<modules runAllManagedModulesForAllRequests="true">
<remove name="WebDAVModule"/> <!-- ADD THIS -->
</modules>

Strange Configuration Error in web.config

I am getting the following error in my WebApi application:
An error occurred during the processing of a configuration file required to service this request. Please review the specific error details below and modify your configuration file appropriately. Parser Error Message: Unrecognized attribute 'MaxCachedResults'. Note that attribute names are case-sensitive.
This is my roleManager entry in web.config and as you can see I am not specifying the MaxCachedResults attribute, although I did add this initially, I removed it so it's no longer being used and I'm not sure where it's picking this up from.
<roleManager enabled="true" defaultProvider="MyRoleProvider" cacheRolesInCookie="false">
<providers>
<clear />
<add name="MyRoleProvider" type="SiteWorksAPI.RoleProviders.MyRoleProvider, SiteWorksAPI" connectionStringName="SiteWorks" applicationName="/" />
</providers>
</roleManager>
The error happens when I call var resp = await _httpClient.GetAsync(resourceUri) and inspecting resp.Content.ReadAsStringAsync().Result displays a 'Configuration Error' HTML page with the above error message.
I have tried all of the following with any success:
Rebooted my PC
Recycled the application pools
Restarted IIS
Cleared down the Tempoary ASP.NET directory
Does anyone know what's going on here?
It seems that Castle Windsor was caching an older copy of the web.config file. After changing the caching options on the WebRequestHandler I was able to get the HttpClient to pick up the new web.config file.

Keyword not supported: 'metadata'

I am trying to publish my mvc 3 project but i can`t connect to the sql server(using EF), because of the wrong connection string. Here it is:
<add name="PackStoreEntities" connectionString="metadata=res://*/Models.PackStore.csdl|res://*/Models.PackStore.ssdl|res://*/Models.PackStore.msl;provider=System.Data.SqlClient;provider connection string="workstation id=PackStore.mssql.somee.com;packet size=4096;user id=*****;pwd=****;data source=PackStore.mssql.somee.com;persist security info=False;initial catalog=PackStore"" providerName="System.Data.EntityClient" />
I took this part form the my hoster:
workstation id=PackStore.mssql.somee.com;packet size=4096;user id=*****;pwd=****;data source=PackStore.mssql.somee.com;persist security info=False;initial catalog=PackStore
Mvc project works well on the local server, but when publishing i get "Keyword not supported: 'metadata' " . Where is my mistake? Thnaks for the answers.
try this one...
<add name="PackStoreEntities" connectionString="metadata=res://*;provider=System.Data.SqlClient;provider connection string='Data Source=PackStore.mssql.somee.com;Initial Catalog=PackStore;User ID=***;Password=****;'" providerName="System.Data.EntityClient" />
Edit..
<add name="PackStoreEntities" connectionString="metadata=res://*;provider=System.Data.SqlClient;provider connection string='workstation id=PackStore.mssql.somee.com;packet size=4096;user id=*****;pwd=****;data source=PackStore.mssql.somee.com;persist security info=False;initial catalog=PackStore;'" providerName="System.Data.EntityClient" />
I got this error while converting from Linq To Sql to Entity framework as well, even after fixing my connection strings. It turned out some asp:SqlDataSource controls needed to be switched to asp:EntityDataSource.
Before:
<asp:SqlDataSource ID="SqlDataSourceProducts" runat="server" SelectCommand="SELECT Id, Description FROM [Product]"
ConnectionString="<%$ ConnectionStrings:crmConnectionString %>" CacheDuration="5" CacheExpirationPolicy="Absolute">
</asp:SqlDataSource>
After:
<asp:EntityDataSource ID="SqlDataSourceProducts" runat="server" Select="Id, Description"
EntitySetName="Products" ConnectionString="<%$ ConnectionStrings:crmConnectionString %>" DefaultContainerName="CRM" >
</asp:EntityDataSource>
In your web.config you need to have two separate connections: One is for the Entity Frame work and one is for ADO.net
Should look like this:
<connectionStrings>
<add name="LoginDB" connectionString="Data Source=****;Initial Catalog=int422_113b16;User ID=****;Password=****" />
<add name="BlogEntities" connectionString="metadata=res://*/App_Code.BlogModel.csdl|res://*/App_Code.BlogModel.ssdl|res://*/App_Code.BlogModel.msl;provider=System.Data.SqlClient;provider connection string="data source****;initial catalog=int422_113b16;user id=****;password=****;multipleactiveresultsets=True;App=EntityFramework"" providerName="System.Data.EntityClient" />
</connectionStrings>
Remove he meta data from your connection string. That is only for the local debugging. For the online application can does not require that.
Kindly try the connection string given by naim
Had a similar problem, seems like the connection string from the somee server has to be between two "
That's all I changed and it works...
I'm not sure why people think that you need two connections in your web.config, that's not true. First thing I like to check is to see if my connection works in Visual Studio. Try going to your server explorer and connect to your database there. If you are able to connect with no problem and you are able to see your tables then you know its not a connection problem. Second thing make sure that your Model name matches the name in your web.config. This minimizes the amount of confusion in your project and finally make sure that your model name space points to your projects namespace, this way you can just call on your model by its name and not have to import or fully qualify it.
You should be able to create a strong view using any of the tables in your model. That's what I did for mine, I didn't modify the connection string like many suggest, or removed the metadata.
Check this troubleshooting guide it might shine some light, and help you understand how the entity connection works.
I had the same exception, but was able to fix it by keeping the ConnectionString the same but using an EntityConnection instead of a SqlConnection.

Html.Telerik().StyleSheetRegistrar() output file generating 404 message on asset.axd

I'm using the Telerik controls form MVC and they work great in my work/home dev environments, and in the work prod environment, but when I tried to deploy to my home prod environment (IIS7) I get a problem.
I've added the axd mime type, but wan't sure what else to do.
I read a post suggesting adding a handler, but wasn't sure if I'm setting that wrong or I'm just looking in the wrong direciton.
if you're on IIS7 make sure you add the handler to the <system.webServer><handlers> section:
<add name="MyName" path="MyName.axd" verb="*" type="NameSpace.Class, Assembly" />
I added: <add name="ScriptRegistrar" path="Access.axd" verb="*" type="Telerik.Web.Mvc.UI.ScriptRegistrar, Version=v2.0.50727" />
http://localhost:1000/asset.axd?id=sQAAAB-LCAAAAAAABADsvQdgHEmWJSYvbcp7f0r1StfgdKEIgGATJNiQQBDswYjN5pLsHWlHIymrKoHKZVZlXWYWQMztnbz33nvvvffee--997o7nU4n99__P1xmZAFs9s5K2smeIYCqyB8_fnwfPyJ-8UfT9qNHH7X5u_butGk-Gn10SX_u7ezujHfH93Ye0gfTjx619TqnX2YfPbr36f3RR_Tze7_4oxU1PKmWbb5s775ur8scb5_zV9VHj3ZGHy2pwbRaLKrlGKB_yYi_2JUv2rzM6-LtuN9gL2xwWTRtJt9__5d8_5f8PwEAAP__qtxwmrEAAAA%3d
To enable web resource combining with the Telerik Extensions you need to register the WebAssetHttpHandler in your webconfig:
IIS 7
<add name="AssetHandler" preCondition="integratedMode" verb="GET,HEAD" path="asset.axd" type="Telerik.Web.Mvc.WebAssetHttpHandler, Telerik.Web.Mvc"/>
IIS 6
<add verb="GET,HEAD" path="asset.axd" validate="false" type="Telerik.Web.Mvc.WebAssetHttpHandler, Telerik.Web.Mvc"/>
This handler enables you to use the Combine, Compress, and Cache features of the Script and StyleSheet Registrars. You can learn more and see additional config details in the Telerik online docs:
http://www.telerik.com/help/aspnet-mvc/web-assets-working-with-javascript-web-assets.html

Asp.net Membership - Accounts getting locked out

We're using the standard ASP.net membership features that come with asp.net.
Certain accounts in our membership database have a "Locked Out" flag set to true - when/how does this happen?
After a configurable number of failed logins (maxInvalidPasswordAttempts, default = 5) within a configurable length of time (passwordAttemptWindow, default = 10 minutes), the account will be locked out.
see here for membership related configuration properties
These 4 guys did a great job of explaining in depth the asp.net membership controls
<system.web>
... authentication & authorization settings ...
<membership defaultProvider="CustomizedProvider">
<providers>
<add name="CustomizedProvider"
type="System.Web.Security.SqlMembershipProvider"
connectionStringName="MyDB"
applicationName="MyProject"
minRequiredPasswordLength="5"
minRequiredNonalphanumericCharacters="0" />
</providers>
</membership>
basically add your provider and then set the setting the way you'd like them
When someone try to login 5 times (or whatever "maxInvalidPasswordAttempts" is set to) with the wrong password the account gets locked out ...
to avoid this in the future change the attribute maxInvalidPasswordAttempts in the web.config
example :
<membership defaultProvider="SqlProvider" userIsOnlineTimeWindow="15">
<providers>
<clear />
<add
name="SqlProvider"
....
maxInvalidPasswordAttempts="the new value here "
/>
</providers>
Account locking is a feature of SqlMembershipProvider that provides a safeguard against password guessing.
Looking at this page you can see that the aspnet_Membership table has IsLockedOut, LastLockoutDate, FailedPasswordAttemptCount, FailedPasswordAnswer-AttemptCount. By reviewing this table and those columns you should be able to determin who is having a failed login, when they failed on their login, and how many times they failed.
The actual count for the number of login tries can be sest in the section of the web.config. You can read more about account locking here.

Resources