Solved

MembershipUser is not persistent.

Posted on 2009-03-29
6
596 Views
Last Modified: 2012-05-06
Based on all the references,  
Membership.GetUser(); should return the logged in user object when no parameters are included.

However this is not happening. There are no error messages.
Any ideas.


protected void StockProLogin_Authenticate(object sender, AuthenticateEventArgs e)

    {

   

        if (Membership.ValidateUser(StockProLogin.UserName, StockProLogin.Password))

        {

            e.Authenticated = true;

            MembershipUser currentUser = Membership.GetUser(StockProLogin.UserName);

            // currentUser is not null Membership table is updated as expected.

            MembershipUser newUser = Membership.GetUser();

           //newUser is null.
 

web.config

<authentication mode="Forms">

   <forms loginUrl="~/Login.aspx" />

</authentication>

<authorization>

    <allow users="*"/>

</authorization>

		

<membership defaultProvider="SQLProvider" userIsOnlineTimeWindow="15">

<providers>

      <remove name="SqlMembershipProvider" />

      <add name="SQLProvider" connectionStringName="MemberShipSQLConnectionString" 

         enablePasswordRetrieval="false"

         enablePasswordReset="true" requiresQuestionAndAnswer="true" 

         applicationName="StockPro"

         requiresUniqueEmail="true" passwordFormat="Hashed" 

         maxInvalidPasswordAttempts="5"

         passwordAttemptWindow="10" minRequiredNonalphanumericCharacters="0"

         minRequiredPasswordLength="8"

         type="System.Web.Security.SqlMembershipProvider, 

             System.Web,Version=2.0.0.0,     Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />

   </providers>

</membership>

Open in new window

0
Comment
Question by:Dovberman
  • 4
  • 2
6 Comments
 
LVL 21

Expert Comment

by:tovvenki
ID: 24026457
Hi,
1.  Membership.GetUser() will only work for an authenticated user.  Otherwise, it's going to return null.  To verify you're dealing with an authenticated request call "User.Identity.IsAuthenticated" on the page.  If you've got an authenticated request, but Membership.GetUser() is still returning null, then that means the username associated with the authenticated user can't be found in the Membership datasource.  Verify the username of the authenticated user with "User.Identity.Name".

2.  If you're calling one of the Membership.GetUser() overloads which takes the username and it's returning null, then that user doesn't exist in the Membership datasource (or we've got a bug).  One way to easily verify this is to try a Membership.CreateUser() with the same username.  If this doesn't throw an error because of a duplicate user, then you know the user never existed in the first place.

3.  Membership.GetUser() should have never worked for an anonymous user.  No support was built into Membership for handling this case.

you can refer to the discussion in the following url
http://forums.asp.net/p/939408/1119989.aspx

Thanks and regards,
Venki
0
 

Author Comment

by:Dovberman
ID: 24027668
Everything seems OK.
The user is authentication test returns true.
The user name is in the membership database.

MembershipUser currentUser = Membership.GetUser(StockProLogin.UserName);
currentUser.Name returns "MaryAnn" as expected.

currentUser.Name returns currentUser object
the currentUser object is null outside of the Login validation section.
That's what I mean about the currentUser object not being persistent.

MembershipUser newUser = Membership.GetUser(); should not have returned null.


{
                     e.Authenticated = true;
            MembershipUser currentUser = Membership.GetUser(StockProLogin.UserName);
            // currentUser is not null Membership table is updated as expected.
            MembershipUser newUser = Membership.GetUser();
           //newUser is null.
0
 
LVL 21

Expert Comment

by:tovvenki
ID: 24027763
hey,
its strange.. are you sure that you have set the authentication mode in the web.config to "Forms" and it is not allowing anonymous access.
I think this should be because of some config settings in the web.config file can you check it.

Thanks and regards,
Venki
0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 

Author Comment

by:Dovberman
ID: 24027966
Yes, See code included in original post.

web.config
<authentication mode="Forms">
   <forms loginUrl="~/Login.aspx" />
</authentication>
<authorization>
    <allow users="*"/>
</authorization>

The url you referred to has lead me to a possible solution that I am currently reviewing:
Reply 19 of http://forums.asp.net/p/939408/1119989.aspx 
refers to:
http://weblogs.asp.net/scottgu/archive/2006/04/22/Always-set-the-_2200_applicationName_2200_-property-when-configuring-ASP.NET-2.0-Membership-and-other-Providers.aspx 

0
 

Author Comment

by:Dovberman
ID: 24028302
The reference resolved an inability to login. Users are able to login in my app.

I may need to contact Microsoft support.
0
 

Accepted Solution

by:
Dovberman earned 0 total points
ID: 24044237
Called Microsoft support. The SetAuthCookie method resolved this issue.
 protected void StockProLogin_Authenticate(object sender, AuthenticateEventArgs e)

    {

   

        if (Membership.ValidateUser(StockProLogin.UserName, StockProLogin.Password))

        {

            FormsAuthentication.SetAuthCookie(StockProLogin.UserName, false);

            Response.Redirect("~/MasterPages/Default.aspx");

        }

        else

        {

            Response.Redirect("~/FindPriceExceptions.aspx");

        }

Open in new window

0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Lots of people ask this question on how to extend the “MembershipProvider” to make use of custom authentication like using existing database or make use of some other way of authentication. Many blogs show you how to extend the membership provider c…
Problem Hi all,    While many today have fast Internet connection, there are many still who do not, or are connecting through devices with a slower connect, so light web pages and fast load times are still popular.    If your ASP.NET page …
Learn how to create flexible layouts using relative units in CSS.  New relative units added in CSS3 include vw(viewports width), vh(viewports height), vmin(minimum of viewports height and width), and vmax (maximum of viewports height and width).
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …

895 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now