Re: web.config credentials section - original reply

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

Hi Gerry,

Since there doesn't appear to be a WebConfigMembershipProvider, and the
default membership provider ( or any membership provider for that matter )
is not smart enough to recognize that the credentials section is present
and
use it, I have to ask - why is the credentials section in the web.config at
all ?

If we have to special case everything dealing with users & authentication
to
use it - doesn't that defeat the whole point in the provider framework ?
ie. this no longer works :
protected void Login1_LoggedIn( object sender , EventArgs e )
{
MembershipUser User2 = Membership.GetUser(); // User2 is
always null
}


I think I will take a few minutes and create a WebConfigMembershipProvider
just for kicks.

Thanks for your reply. Actually the credential stored in web.config is
dedicated for the FormsAuthentication.Authenticate method to validate user
in a simple username&password scenario. It's used in forms authentication
and has nothing to do with ASP.NET membership. No roles and other advanced
functions supported for this. With this keep in mind we can understand why
membership APIs don't check the credentials stored in web.config.

You are free to write a custom membership provider that can validate user
against the credentials stored in web.config. But it doesn't make much
sense and involves a lot of code. To let the Login control check these
credentials, the way shown in my previous post is probably a better choice.
Or you can write a custom Login control that can do this. It's much easier
than writing a membership provider.

Regards,
Allen Chen
Microsoft Online Support

.

Relevant Pages

  • Re: web.config credentials section - original reply
    ... Subject: web.config credentials section ... default membership provider ... Microsoft Online Support ... where an initial response from the community or a Microsoft Support ...
    (microsoft.public.dotnet.framework.aspnet)
  • Re: Keeping track of users LogIn
    ... If user A logged in I can update a flag in a table called MemberInfo and when he/she Logged out I can reset that flag and also have a counter of the numbers of logins.... ... If the browser is crashed then there is no way for me to update the flag. ... On an intranet you could use the user's windows credentials. ... take a look at the membership provider. ...
    (microsoft.public.dotnet.framework.aspnet)
  • How to use membership provider with login control
    ... I have created a custom Membership Provider, ... I have also set deny users ="?" ... The ValidateUser return true, but it can't redierct to home.aspx. ... How can I use Membership Provider without login control? ...
    (microsoft.public.dotnet.framework.aspnet)
  • Re: MembershipProvider limit no effect.
    ... Unless you are creating a Custom Membership Provider from scratch ... *all* the features in the the Membership Provider class ... asp.net faq: http://asp.net.do/faq/ ...
    (microsoft.public.dotnet.framework.aspnet)
  • Re: SQLException after submitting form in ASP.Net 2.0
    ... You have to execute InstallCommon.sql too ... I developed a form using Login Control in ASP.Net 2.0. ... used Membership provider. ...
    (microsoft.public.dotnet.framework.aspnet)