Solved

MembershipUser is not persistent.

Posted on 2009-03-29
6
587 Views
Last Modified: 2012-05-06
Based on all the references,  
Membership.GetUser(); should return the logged in user object when no parameters are included.

However this is not happening. There are no error messages.
Any ideas.


protected void StockProLogin_Authenticate(object sender, AuthenticateEventArgs e)

    {

   

        if (Membership.ValidateUser(StockProLogin.UserName, StockProLogin.Password))

        {

            e.Authenticated = true;

            MembershipUser currentUser = Membership.GetUser(StockProLogin.UserName);

            // currentUser is not null Membership table is updated as expected.

            MembershipUser newUser = Membership.GetUser();

           //newUser is null.
 

web.config

<authentication mode="Forms">

   <forms loginUrl="~/Login.aspx" />

</authentication>

<authorization>

    <allow users="*"/>

</authorization>

		

<membership defaultProvider="SQLProvider" userIsOnlineTimeWindow="15">

<providers>

      <remove name="SqlMembershipProvider" />

      <add name="SQLProvider" connectionStringName="MemberShipSQLConnectionString" 

         enablePasswordRetrieval="false"

         enablePasswordReset="true" requiresQuestionAndAnswer="true" 

         applicationName="StockPro"

         requiresUniqueEmail="true" passwordFormat="Hashed" 

         maxInvalidPasswordAttempts="5"

         passwordAttemptWindow="10" minRequiredNonalphanumericCharacters="0"

         minRequiredPasswordLength="8"

         type="System.Web.Security.SqlMembershipProvider, 

             System.Web,Version=2.0.0.0,     Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />

   </providers>

</membership>

Open in new window

0
Comment
Question by:Dovberman
  • 4
  • 2
6 Comments
 
LVL 21

Expert Comment

by:tovvenki
Comment Utility
Hi,
1.  Membership.GetUser() will only work for an authenticated user.  Otherwise, it's going to return null.  To verify you're dealing with an authenticated request call "User.Identity.IsAuthenticated" on the page.  If you've got an authenticated request, but Membership.GetUser() is still returning null, then that means the username associated with the authenticated user can't be found in the Membership datasource.  Verify the username of the authenticated user with "User.Identity.Name".

2.  If you're calling one of the Membership.GetUser() overloads which takes the username and it's returning null, then that user doesn't exist in the Membership datasource (or we've got a bug).  One way to easily verify this is to try a Membership.CreateUser() with the same username.  If this doesn't throw an error because of a duplicate user, then you know the user never existed in the first place.

3.  Membership.GetUser() should have never worked for an anonymous user.  No support was built into Membership for handling this case.

you can refer to the discussion in the following url
http://forums.asp.net/p/939408/1119989.aspx

Thanks and regards,
Venki
0
 

Author Comment

by:Dovberman
Comment Utility
Everything seems OK.
The user is authentication test returns true.
The user name is in the membership database.

MembershipUser currentUser = Membership.GetUser(StockProLogin.UserName);
currentUser.Name returns "MaryAnn" as expected.

currentUser.Name returns currentUser object
the currentUser object is null outside of the Login validation section.
That's what I mean about the currentUser object not being persistent.

MembershipUser newUser = Membership.GetUser(); should not have returned null.


{
                     e.Authenticated = true;
            MembershipUser currentUser = Membership.GetUser(StockProLogin.UserName);
            // currentUser is not null Membership table is updated as expected.
            MembershipUser newUser = Membership.GetUser();
           //newUser is null.
0
 
LVL 21

Expert Comment

by:tovvenki
Comment Utility
hey,
its strange.. are you sure that you have set the authentication mode in the web.config to "Forms" and it is not allowing anonymous access.
I think this should be because of some config settings in the web.config file can you check it.

Thanks and regards,
Venki
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 

Author Comment

by:Dovberman
Comment Utility
Yes, See code included in original post.

web.config
<authentication mode="Forms">
   <forms loginUrl="~/Login.aspx" />
</authentication>
<authorization>
    <allow users="*"/>
</authorization>

The url you referred to has lead me to a possible solution that I am currently reviewing:
Reply 19 of http://forums.asp.net/p/939408/1119989.aspx
refers to:
http://weblogs.asp.net/scottgu/archive/2006/04/22/Always-set-the-_2200_applicationName_2200_-property-when-configuring-ASP.NET-2.0-Membership-and-other-Providers.aspx

0
 

Author Comment

by:Dovberman
Comment Utility
The reference resolved an inability to login. Users are able to login in my app.

I may need to contact Microsoft support.
0
 

Accepted Solution

by:
Dovberman earned 0 total points
Comment Utility
Called Microsoft support. The SetAuthCookie method resolved this issue.
 protected void StockProLogin_Authenticate(object sender, AuthenticateEventArgs e)

    {

   

        if (Membership.ValidateUser(StockProLogin.UserName, StockProLogin.Password))

        {

            FormsAuthentication.SetAuthCookie(StockProLogin.UserName, false);

            Response.Redirect("~/MasterPages/Default.aspx");

        }

        else

        {

            Response.Redirect("~/FindPriceExceptions.aspx");

        }

Open in new window

0

Featured Post

What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

Just a quick little trick I learned recently.  Now that I'm using jQuery with abandon in my asp.net applications, I have grown tired of the following syntax:      (CODE) I suppose it just offends my sense of decency to put inline VBScript on a…
Problem Hi all,    While many today have fast Internet connection, there are many still who do not, or are connecting through devices with a slower connect, so light web pages and fast load times are still popular.    If your ASP.NET page …
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now