Solved

debug MembershipProvider.cs

Posted on 2010-11-25
21
597 Views
Last Modified: 2012-05-10
is there a way to attach to (in the debugger), the MembershipProvdider.cs.? I'm trying to figure out why it always fails during the authenticate method. i'd like to step into it to see where the failure is occuring.
0
Comment
Question by:mikesExpertExchange
  • 13
  • 7
21 Comments
 
LVL 52

Expert Comment

by:Carl Tawn
ID: 34214158
Which MembershipProvider.cs? If you mean the one underlying the built-in sql membership provider then no, because it's compiled into the framework. Or do you mean something else?
0
 
LVL 1

Author Comment

by:mikesExpertExchange
ID: 34214699
nah i think that's the one i meant...i thought i could step through it, but maybe i can't. i can't figure out, for the life of me, why my Membership.ValidateUser always fails. i'm using a MySql db, i've got all my tables generated and the site administrator tool allows me to add and remove users and roles correctly. i've checked the db and they do exist. all of the control fields (IsLockedOut etc...) are set correctly but it fails, with out fail, every time. so i thought i could step through it and see where it was failing but i guess not...any suggestions would help...
0
 
LVL 52

Expert Comment

by:Carl Tawn
ID: 34215876
Do you have ay kind of database profiling tool yu can use to see if the membership provider is actually hitting your database when you try and authenticate?
0
 
LVL 7

Expert Comment

by:dacIT
ID: 34220646
I wonder if you could build and implement a custom provider, but inherit sqlmembershipprovider and assign each method the base.[methodname]. Then you could put in breakpoints and debug your provider, but it would still be using the built in methods. Worth a shot anyway.
0
 
LVL 1

Author Comment

by:mikesExpertExchange
ID: 34232058
@dacIT i kind of tried that and i'm actually completely buggered up now and am in barney as i now can't even successfully add users anymore. any suggestions how to get back to square 1? anyone?
Exception has been thrown by the target of an invocation. at System.RuntimeMethodHandle._InvokeMethodFast(IRuntimeMethodInfo method, Object target, Object[] arguments, SignatureStruct& sig, MethodAttributes methodAttributes, RuntimeType typeOwner) at System.RuntimeMethodHandle.InvokeMethodFast(IRuntimeMethodInfo method, Object target, Object[] arguments, Signature sig, MethodAttributes methodAttributes, RuntimeType typeOwner) at System.Reflection.RuntimeMethodInfo.Invoke(Object obj, BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture, Boolean skipVisibilityChecks) at System.Reflection.RuntimeMethodInfo.Invoke(Object obj, BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture) at System.Web.Administration.WebAdminMembershipProvider.CallWebAdminMembershipProviderHelperMethodOutParams(String methodName, Object[] parameters, Type[] paramTypes) at System.Web.Administration.WebAdminMembershipProvider.CreateUser(String username, String password, String email, String passwordQuestion, String passwordAnswer, Boolean isApproved, Object providerUserKey, MembershipCreateStatus& status) at System.Web.UI.WebControls.CreateUserWizard.AttemptCreateUser() at System.Web.UI.WebControls.CreateUserWizard.OnNextButtonClick(WizardNavigationEventArgs e) at System.Web.UI.WebControls.Wizard.OnBubbleEvent(Object source, EventArgs e) at System.Web.UI.WebControls.CreateUserWizard.OnBubbleEvent(Object source, EventArgs e) at System.Web.UI.WebControls.Wizard.WizardChildTable.OnBubbleEvent(Object source, EventArgs args) at System.Web.UI.Control.RaiseBubbleEvent(Object source, EventArgs args) at System.Web.UI.WebControls.Button.OnCommand(CommandEventArgs e) at System.Web.UI.WebControls.Button.RaisePostBackEvent(String eventArgument) at System.Web.UI.WebControls.Button.System.Web.UI.IPostBackEventHandler.RaisePostBackEvent(String eventArgument) at System.Web.UI.Page.RaisePostBackEvent(IPostBackEventHandler sourceControl, String eventArgument) at System.Web.UI.Page.RaisePostBackEvent(NameValueCollection postData) at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)

Open in new window

0
 
LVL 1

Author Comment

by:mikesExpertExchange
ID: 34232113
attached is my web.config
<?xml version="1.0"?>
<!--
  For more information on how to configure your ASP.NET application, please visit
  http://go.microsoft.com/fwlink/?LinkId=169433
  -->
<configuration>
  <connectionStrings>
    <add name="STTEntities" connectionString="metadata=res://*/STTE.csdl|res://*/STTE.ssdl|res://*/STTE.msl;provider=MySql.Data.MySqlClient;provider connection string=&quot;User Id=root;password=apswrd;Persist Security Info=True;server=0.0.0.0;database=myMySQLDB&quot;" providerName="System.Data.EntityClient" />
    <remove name="LocalMySqlServer"/>
    <add name="LocalMySqlServer"
         connectionString="Server=localhost;Database=myMySQLDB;User Id=root;Password=apswrd;"
    providerName="MySql.Data.MySqlClient"/>
  </connectionStrings>
  <system.web>
    <compilation debug="true" targetFramework="4.0">
      <assemblies>
        <add assembly="MySql.Data, Version=6.3.3.0, Culture=neutral, PublicKeyToken=c5687fc88969c44d"/>
      </assemblies>
    </compilation>
    <authentication mode="Forms">
      <forms loginUrl="~/Admin/Login.aspx" defaultUrl="~/Admin/Default.aspx" timeout="2880"/>
    </authentication>
    <!--<authorization>
      <deny users="?" />
      <allow users="*"/>
    </authorization>-->
    <membership defaultProvider="MySqlMembershipProvider">
      <providers>
        <clear/>
        <remove name="MySqlMembershipProvider"/>
        <add name="MySqlMembershipProvider"
             connectionStringName="LocalMySqlServer"
             applicationName="myMySQLDB"
             type="MySql.Web.Security.MySqlMembershipProvider"
             passwordFormat="Encrypted"
             writeExceptionsToEventLog="true"
             autogenerateschema="true"/>
      </providers>
    </membership>
    <profile>
      <providers>
        <clear/>
        <add name="AspNetSqlProfileProvider" type="System.Web.Profile.SqlProfileProvider" connectionStringName="ApplicationServices" applicationName="/"/>
        <add name="MySqlProfileProvider" type="MySql.Web.Security.MySqlProfileProvider, MySql.Web, Version=6.3.3.0, Culture=neutral, PublicKeyToken=c5687fc88969c44d" connectionStringName="LocalMySqlServer" applicationName="myMySQLDB" autogenerateschema="true"/>
      </providers>
    </profile>
    <roleManager enabled="true" defaultProvider="MySqlRoleProvider">
      <providers>
        <clear />
        <!--<add connectionStringName="ApplicationServices" applicationName="/"
          name="AspNetSqlRoleProvider" type="System.Web.Security.SqlRoleProvider" />-->
        <add applicationName="/" name="AspNetWindowsTokenRoleProvider"
          type="System.Web.Security.WindowsTokenRoleProvider" />
        <add connectionStringName="LocalMySqlServer" applicationName="myMySQLDB"
          autogenerateschema="true" name="MySqlRoleProvider" type="MySql.Web.Security.MySQLRoleProvider, MySql.Web, Version=6.3.3.0, Culture=neutral, PublicKeyToken=c5687fc88969c44d" />
      </providers>
    </roleManager>
  </system.web>
  <system.webServer>
    <modules runAllManagedModulesForAllRequests="true"/>
  </system.webServer>
  <location path="Admin/Default.aspx" allowOverride="true">
    <system.web>
      <!--<authorization>
        <deny users="?"/>
        <allow users="*"/>
      </authorization>-->
    </system.web>
  </location>
</configuration>

Open in new window

0
 
LVL 1

Author Comment

by:mikesExpertExchange
ID: 34232251
sometimes when i go to create a new user, i get this:
Value cannot be null. Parameter name: virtualPath at 
System.Web.VirtualPath.Create(String virtualPath, VirtualPathOptions options) at 
System.Web.VirtualPath.CreateAbsolute(String virtualPath) at 
System.Web.Hosting.ApplicationManager.CreateObject(String appId, Type type, String virtualPath, String physicalPath, Boolean failIfExists, Boolean throwOnError) at 
System.Web.Hosting.ApplicationManager.CreateObject(String appId, Type type, String virtualPath, String physicalPath, Boolean failIfExists, Boolean throwOnError) at 
System.Web.Administration.WebAdminRemotingManager.CreateConfigurationHelper() at 
System.Web.Administration.WebAdminRemotingManager.get_ConfigurationHelperInstance() at 
System.Web.Administration.WebAdminMembershipProvider.GetWebAdminMembershipProviderHelperProperty(String propertyName) at 
System.Web.Administration.WebAdminMembershipProvider.get_RequiresQuestionAndAnswer() at 
System.Web.UI.WebControls.CreateUserWizard.get_QuestionAndAnswerRequired() at 
System.Web.UI.WebControls.CreateUserWizard.UpdateValidators() at 
System.Web.UI.WebControls.CreateUserWizard.CreateChildControls() at System.Web.UI.Control.EnsureChildControls() at 
System.Web.UI.WebControls.Wizard.OnInit(EventArgs e) at 
System.Web.UI.Control.InitRecursive(Control namingContainer) at 
System.Web.UI.Control.InitRecursive(Control namingContainer) at 
System.Web.UI.Control.InitRecursive(Control namingContainer) at 
System.Web.UI.Control.InitRecursive(Control namingContainer) at 
System.Web.UI.Control.InitRecursive(Control namingContainer) at 
System.Web.UI.Control.InitRecursive(Control namingContainer) at
 System.Web.UI.Control.InitRecursive(Control namingContainer) at 
System.Web.UI.Control.InitRecursive(Control namingContainer) at
 System.Web.UI.Control.InitRecursive(Control namingContainer) at 
System.Web.UI.Page.ProcessRequestMain(Boolean 
includeStagesBeforeAsyncPoint, Boolean
 includeStagesAfterAsyncPoint)

Open in new window

0
 
LVL 1

Author Comment

by:mikesExpertExchange
ID: 34232430
i figured it out. in my membership provider in my web.config file, it really didn't like the passwordFormat being set to "Encrypted" (i set it to Hashed and now I'm back to square one). I've been having issues with this for a while now, (the whole: "Your login attempt was unsuccessful. Please try again." error) and i can't for 100% sure say that my passwordFormat property has always been "Hashed", but maybe it has? I'm wondering if this has anything to do with my current problem of not being able to authenticate and getting the: "Your login attempt was unsuccessful. Please try again." erro? Any ideas?
0
 
LVL 52

Expert Comment

by:Carl Tawn
ID: 34232616
How are you trying to authenticate? Are you using the built-in login control or are you using the FormsAuthentication.Authenticate() method?
0
 
LVL 1

Author Comment

by:mikesExpertExchange
ID: 34232689
i'm using the built in login control. and have tried both methods (below) with no success.

        if (Membership.ValidateUser(lgAdmin.UserName, lgAdmin.Password))
        {
            e.Authenticated = true;
        }
        else { e.Authenticated = false; }    

        //bool authenticated = ValidateUser(lgAdmin.UserName, lgAdmin.Password);
        //e.Authenticated = authenticated;

        //if (authenticated)
        //{
        //    FormsAuthentication.SetAuthCookie(lgAdmin.UserName, true);
        //    Response.Redirect("~/Admin/Default.aspx");
        //    //anything else you need to do
        //}
        //else
        //{
        //    //authentication failed ... do something
        //}
0
Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

 
LVL 1

Author Comment

by:mikesExpertExchange
ID: 34232713
@carl tawn: the line above that reads:

//bool authenticated = ValidateUser(lgAdmin.UserName, lgAdmin.Password);

should read:

//bool authenticated = Membership.ValidateUser(lgAdmin.UserName, lgAdmin.Password);

i understand that the "block" of code that this resides in is commented out but, I've made it live code, and tried to use it with no success...
0
 
LVL 52

Expert Comment

by:Carl Tawn
ID: 34232743
Have you tried using it with clear text passwords? That will at least rule out it being an issue with the hashing.
0
 
LVL 1

Author Comment

by:mikesExpertExchange
ID: 34232757
yes. the clear password does work. but why does the Hashed not work? or am i making a mountain out of a mole hill, and should "let this one go" and move on?
0
 
LVL 1

Author Comment

by:mikesExpertExchange
ID: 34232771
i take that back...i just tried the clear and it does not work either.
0
 
LVL 52

Expert Comment

by:Carl Tawn
ID: 34232774
Well the simple answer is because your Authenticate method isn't managing to generate the same hash value as the one stored in the database. Why it isn't is another matter. I assume you're not implementing your own hashing routine?
0
 
LVL 1

Author Comment

by:mikesExpertExchange
ID: 34232781
hold on...that's not true. i was operating against a user that i'd created with the "Hashed" password....let me try this again.
0
 
LVL 52

Expert Comment

by:Carl Tawn
ID: 34232791
Oh, OK. That at least makes it a more general login problem. How did you generate the schema for your membership database?
0
 
LVL 1

Author Comment

by:mikesExpertExchange
ID: 34232793
yes, the clear does work, as stated above. and i am not implementing my own hashing routine.
0
 
LVL 1

Author Comment

by:mikesExpertExchange
ID: 34232824
i used a script to generate the tables as the "autogenerateschema" did not seem to work. and my understanding as to why it didn't was that the particular version of MySqlConnector that I'm using had a bug that didn't generate the tables. so the schema that i generated works with regards to inserting and removing users and adding roles etc. so it does recognize it and communicates with it correctly on those levels...
0
 
LVL 52

Accepted Solution

by:
Carl Tawn earned 500 total points
ID: 34232874
0
 
LVL 1

Author Closing Comment

by:mikesExpertExchange
ID: 34232940
FLIPPIN FANTASTIC! been trying to solve this for a solid 2 weeks so it seems (maybe less, feels like more ;-), but it always does...) thanks again!
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
ASP.net See list of pdf documents in folder and read 2 23
ASP SQL Syntax Duplicate Key 7 68
c# code 19 61
Check my code out(2) 1 35
We all know that functional code is the leg that any good program stands on when it comes right down to it, however, if your program lacks a good user interface your product may not have the appeal needed to keep your customers happy. This issue can…
A quick way to get a menu to work on our website, is using the Menu control and assign it to a web.sitemap using SiteMapDataSource. Example of web.sitemap file: (CODE) Sample code to add to the page menu: (CODE) Running the application, we wi…
Excel styles will make formatting consistent and let you apply and change formatting faster. In this tutorial, you'll learn how to use Excel's built-in styles, how to modify styles, and how to create your own. You'll also learn how to use your custo…
This video demonstrates how to create an example email signature rule for a department in a company using CodeTwo Exchange Rules. The signature will be inserted beneath users' latest emails in conversations and will be displayed in users' Sent Items…

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now