Welcome!

By registering with us, you'll be able to discuss, share and private message with other members of our community.

SignUp Now!

VS 2010 Why can't I login to the web even though the User and password are correct ?

dong

New member
Joined
Mar 31, 2008
Messages
428
I am writing a small example of Login webSite, there are two types of accounts and passwords, one is an account and password is stored in the Web.config file and the other two accounts and passwords are saved in SQL Server database, My problem is that in form 1, when logging in it opens Logon_Redirect.aspx file but cannot access, the following is my code
I am debugging and running to the code where this opens the Logon_Redirect.aspx file but nothing, but when I log in with another account and password (the user password of SQL Server) log in well.

Code:
In file Web.config
<appSettings>
...
<add key="SmtpServer" value="localhost"/>
<add key="EmailWebmaster" value="admin"/>
<add key="Password" value="123"/>
...
</appSettings>
 
 
 In file Logon_Redirect.aspx
... 
<html xmlns="http://www.w3.org/1999/xhtml" >
<head runat="server">
<title>Untitled Page</title>
</head>
<body>
<form id="form1" runat="server">
<div>
</div>
</form>
</body>
</html>
 
 
In file Logon_Redirect.aspx.cs
... 
public partial class Logon_Redirect : System.Web.UI.Page
{
     protected void Page_Load(object sender, EventArgs e)
    {
          // kiem tra va Redirect toi trang can thiet
          if (Page.User.IsInRole(Globals.Settings.AppRoles.KhachHang))
          Response.Redirect(Globals.ApplicationPath);
          else if (Page.User.IsInRole(Globals.Settings.AppRoles.Admin))
          Response.Redirect(Globals.ApplicationPath + "WebMaster/Contacts/Contact.aspx");
     }
}
 
 
In file Logon.aspx.cs  
protected void btLogon_Click(object sender, EventArgs e)
{
     //I can't Login User/Pass in file Web.config, check User: admin and Pass: 123
     if (Membership.ValidateUser(txtEmail.Text, txtPassword.Text))
     {            
            if (Request.QueryString["ReturnUrl"] != null)
     {
      FormsAuthentication.RedirectFromLoginPage(txtEmail.Text, false);
     }
     else
    {
          FormsAuthentication.SetAuthCookie(txtEmail.Text, false);
          Session["username"] = txtEmail.Text.Trim();
          Response.Redirect(Globals.ApplicationPath + "Logon_Redirect.aspx");
          //I am debugging and running to the code here and opens the Logon_Redirect.aspx file but nothing 
    }
    }
   else  //Login SQL Server very good
   {
          // check User/pass other on SQL Server
          if (webapp4U.BOL.User.CheckUserName(txtEmail.Text) && txtPassword.Text ==             ConfigurationManager.AppSettings["Password"].ToString())
          {
                 FormsAuthentication.SetAuthCookie(txtEmail.Text, false);
                 Session["username"] = txtEmail.Text.Trim();
                 Response.Redirect(Globals.ApplicationPath + "Logon_Redirect.aspx");
         }
        else
                lblMsg.Text = ResourceManager.GetString("Logon_False");
     }
}
 

sapator

King of sapila
Joined
Oct 5, 2006
Messages
5,625
So, just to clear this up:
You are using validate user, passing the credentials from the web.config.
So you are using validate user, that hosts the credentials in the asp.net membership database and you try to do what?
If the asp.net membership database has the credentials that you are trying to pass from web.config then it will succeed, else it won't.
Are the user and pass of the web.config stored in the membership database?
 

techgnome

PowerPoster
Joined
May 15, 2002
Messages
32,778
Hmmm.... It sounds like he is using the User/Pwd that is entered as part of the Connection Credentials... and since they do not have access... it fails... But when he enters the credentials of theSQL Server user... it works:
when I log in with another account and password (the user password of SQL Server) log in well.

That's not how it is suppose to work. You didn't show us the code for Membership.ValidateUser(txtEmail.Text, txtPassword.Text) .... but is should be using the credential from web.config to connect to the SQL Server, then check the membership database to see if the supplied User and Password are correct... But sounds like it's using the User and Password to make the connection, which will and should fail.

-tg
 

sapator

King of sapila
Joined
Oct 5, 2006
Messages
5,625
From what I can figure it,but I may be wrong, he has it's own SQL server and over there it authenticates.
The web.config attempt seems to be what you say.
Also, it think (I was counting the bracelets but I may counted wrong, and too bored to open VS) the membership failure does not put any text in lblMsg.Text .
 

dong

New member
Joined
Mar 31, 2008
Messages
428
I have debugged that I have checked the correct user/password so the program opened the "Logon_Redirect.aspx" page. It does not load the content of the page, you see the attached image file: http://www.mediafire.com/file/wydeh0jm629lchm/website2010_09.jpg

otherwise if I enter the user/pass of the sql server the program loads normally

I do not have a duplicate user/pass of the web.config file with sql server database.

tables save user/pass in sql server database following microsoft model
- Aspnet_Membership (save pass)
- Aspnet_Profile (?)
- Aspnet_User (save User)
- Aspnet_UserInRoles (?)
- Aspnet_JobLocation
- Job_User (User)
 
Top