Solved

C# ASP.NET Forms Authentication Isn't Work

Posted on 2006-07-02
6
420 Views
Last Modified: 2008-02-01
I have a page that uses a MySQL data. It works fine. Then I wanted to add forms security to it, so I created a table of users, passwords, and roles. After every login and password was invalid, I printed out the exception and this is what it is:
System.Data.SqlClient.SqlException: SQL Server does not exist or access denied. at System.Data.SqlClient.ConnectionPool.GetConnection(Boolean& isInTransaction) at System.Data.SqlClient.SqlConnectionPoolManager.GetPooledConnection(SqlConnectionString options, Boolean& isInTransaction) at System.Data.SqlClient.SqlConnection.Open() at _ASP.LoginPage_aspx.CustomAuthenticate(String username, String password)

Here are my two files:

Global.asax:
<%@ Import Namespace="System.Data.SqlClient" %>
<%@ Import Namespace="System.Security.Principal" %>

<script language="C#" runat="server">
  void Application_AuthenticateRequest (Object sender, EventArgs e)
  {
      HttpApplication app = (HttpApplication) sender;

      if (app.Request.IsAuthenticated &&
          app.User.Identity is FormsIdentity) {
          FormsIdentity identity = (FormsIdentity) app.User.Identity;

          // Find out what role (if any) the user belongs to
          string role = GetUserRole (identity.Name);

          // Create a GenericPrincipal containing the role name
          // and assign it to the current request
          if (role != null)
              app.Context.User = new GenericPrincipal (identity,
                  new string[] { role });
      }
  }

  string GetUserRole (string name)
  {
      SqlConnection connection = new SqlConnection
          ("Trusted_Connection=yes;server=localhost;database=xiaoweblogin;uid=root;pwd=");

      try {
          connection.Open ();

          StringBuilder builder = new StringBuilder ();
          builder.Append ("select role from users " +
              "where username = \'");
          builder.Append (name);
          builder.Append ("\'");

          SqlCommand command = new SqlCommand (builder.ToString (),
              connection);

          object role = command.ExecuteScalar ();

          if (role is DBNull)
              return null;

          return (string) role;
      }
      catch (SqlException) {
          return null;
      }
      finally {
          connection.Close ();
      }
  }
</script>

LoginPage.aspx:
<<%@ Import NameSpace="System.Data.SqlClient" %>

<html>
  <body>
    <h1>Please Log In</h1>
    <hr>
    <form runat="server">
      <table cellpadding="8">
        <tr>
          <td>
            User Name:
          </td>
          <td>
            <asp:TextBox ID="UserName" RunAt="server" />
          </td>
        </tr>
        <tr>      
          <td>
            Password:
          </td>
          <td>
            <asp:TextBox ID="Password" TextMode="password"
              RunAt="server" />
          </td>
        </tr>
        <tr>
          <td>
            <asp:Button Text="Log In" OnClick="OnLogIn"
              RunAt="server" />
          </td>
          <td>
            <asp:CheckBox Text="Keep me signed in" ID="Persistent"
              RunAt="server" />
          </td>
        </tr>
      </table>
    </form>
    <hr>
    <h3><asp:Label ID="Output" RunAt="server" /></h3>
  </body>
</html>

<script language="C#" runat="server">
  void OnLogIn (Object sender, EventArgs e)
  {
      if (CustomAuthenticate (UserName.Text, Password.Text)) {
          string url = FormsAuthentication.GetRedirectUrl
              (UserName.Text, Persistent.Checked);

          FormsAuthentication.SetAuthCookie (UserName.Text,
              Persistent.Checked);

          if (Persistent.Checked) {
              HttpCookie cookie =
                Response.Cookies[FormsAuthentication.FormsCookieName];
              cookie.Expires = DateTime.Now +
                  new TimeSpan (0, 0, 0, 8);
          }

          Response.Redirect (url);
      }
      else
          Output.Text = "Invalid login";
  }

  bool CustomAuthenticate (string username, string password)
  {
      SqlConnection connection = new SqlConnection
          ("Trusted_Connection=yes;server=localhost;database=xiaoweblogin;uid=root;pwd=");

      try {
          connection.Open ();

          StringBuilder builder = new StringBuilder ();
          builder.Append ("select count (*) from users " +
              "where username = \'");
          builder.Append (username);
          builder.Append ("\' and cast (rtrim (password) as " +
              "varbinary) = cast (\'");
          builder.Append (password);
          builder.Append ("\' as varbinary)");

          SqlCommand command = new SqlCommand (builder.ToString (),
              connection);

          int count = (int) command.ExecuteScalar ();
          return (count > 0);
      }
      catch (SqlException ex) {
        Response.Write(ex.ToString());
          return false;
      }
      finally {
          connection.Close ();
      }
  }
</script>
0
Comment
Question by:HarryDuno16957
6 Comments
 
LVL 27

Expert Comment

by:Sammy
ID: 17029021
are you using MYSQL or MSSQL?
you are stating MySSQL in your post and your code is using MSSQL
If you are trying to use MySql then you should look into creating membership profile
http://www.codeproject.com/aspnet/MySQLMembershipProvider.asp
0
 

Author Comment

by:HarryDuno16957
ID: 17029404
I am using MySQL, but I am also using .Net 1.1.
0
 
LVL 22

Accepted Solution

by:
Mohammed Nasman earned 500 total points
ID: 17029450
SqlClient only for Sql server, and will not work with MySql

if you need to work with MySql, you could download the ODBC driver or OleDb drivers from mysql web site
or you can use  mysql connect/net as native .Net data provider for mysql
http://www.mysql.com/products/connector/net

and for  Forms Authentication to work, you have to modify your web.config to allow forms instead of the default one "windows"
0

Featured Post

ScreenConnect 6.0 Free Trial

At ScreenConnect, partner feedback doesn't fall on deaf ears. We collected partner suggestions off of their virtual wish list and transformed them into one game-changing release: ScreenConnect 6.0. Explore all of the extras and enhancements for yourself!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

I have developed many web applications with asp & asp.net and to add and use a dropdownlist was always a very simple task, but with the new asp.net, setting the value is a bit tricky and its not similar to the old traditional method. So in this a…
Sometimes in DotNetNuke module development you want to swap controls within the same module definition.  In doing this DNN (somewhat annoyingly) swaps the Skin and Container definitions to the default admin selections.  To get around this you need t…
This Micro Tutorial will give you a basic overview how to record your screen with Microsoft Expression Encoder. This program is still free and open for the public to download. This will be demonstrated using Microsoft Expression Encoder 4.
Although Jacob Bernoulli (1654-1705) has been credited as the creator of "Binomial Distribution Table", Gottfried Leibniz (1646-1716) did his dissertation on the subject in 1666; Leibniz you may recall is the co-inventor of "Calculus" and beat Isaac…

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question