Re: web.config credentials section - original reply

Tech-Archive recommends: Fix windows errors by optimizing your registry

From: allenc@xxxxxxxxxxxxxxxxxxxx (Allen Chen [MSFT])
Date: Tue, 12 May 2009 02:12:23 GMT

Hi Gerry,

Since there doesn't appear to be a WebConfigMembershipProvider, and the
default membership provider ( or any membership provider for that matter )
is not smart enough to recognize that the credentials section is present

and

use it, I have to ask - why is the credentials section in the web.config at
all ?

If we have to special case everything dealing with users & authentication

use it - doesn't that defeat the whole point in the provider framework ?
ie. this no longer works :
protected void Login1_LoggedIn( object sender , EventArgs e )
{
MembershipUser User2 = Membership.GetUser(); // User2 is
always null
}

I think I will take a few minutes and create a WebConfigMembershipProvider
just for kicks.

Thanks for your reply. Actually the credential stored in web.config is
dedicated for the FormsAuthentication.Authenticate method to validate user
in a simple username&password scenario. It's used in forms authentication
and has nothing to do with ASP.NET membership. No roles and other advanced
functions supported for this. With this keep in mind we can understand why
membership APIs don't check the credentials stored in web.config.

You are free to write a custom membership provider that can validate user
against the credentials stored in web.config. But it doesn't make much
sense and involves a lot of code. To let the Login control check these
credentials, the way shown in my previous post is probably a better choice.
Or you can write a custom Login control that can do this. It's much easier
than writing a membership provider.

Regards,
Allen Chen
Microsoft Online Support

.

References:
- RE: web.config credentials section
  - From: Allen Chen [MSFT]
- Re: web.config credentials section - original reply
  - From: gerry

Prev by Date: Re: Can't update Access database with AccessDataSource and GridView
Next by Date: RE: Subject: VS2005 website deployment problems with EFS
Previous by thread: Re: web.config credentials section - original reply
Next by thread: Re: web.config credentials section - original reply
Index(es):
- Date
- Thread

Relevant Pages

Re: web.config credentials section - original reply
... Subject: web.config credentials section ... default membership provider ... Microsoft Online Support ... where an initial response from the community or a Microsoft Support ...
(microsoft.public.dotnet.framework.aspnet)
How to use membership provider with login control
... I have created a custom Membership Provider, ... I have also set deny users ="?" ... The ValidateUser return true, but it can't redierct to home.aspx. ... How can I use Membership Provider without login control? ...
(microsoft.public.dotnet.framework.aspnet)
Re: MembershipProvider limit no effect.
... Unless you are creating a Custom Membership Provider from scratch ... *all* the features in the the Membership Provider class ... asp.net faq: http://asp.net.do/faq/ ...
(microsoft.public.dotnet.framework.aspnet)
Re: SQLException after submitting form in ASP.Net 2.0
... You have to execute InstallCommon.sql too ... I developed a form using Login Control in ASP.Net 2.0. ... used Membership provider. ...
(microsoft.public.dotnet.framework.aspnet)
Login default provider
... 'couldnt connect to SqlServer Express....'. ... Unless you specify otherwise, the Login control uses the default ... I dont have a membership provider in my web config, ...
(microsoft.public.dotnet.framework.aspnet)