ASP.NET 登录控制拒绝存在的用户
我在使用 ASP.NET 2.0 登录控件时遇到一些问题。
- 我已经使用 aspI.net regsql 工具设置了一个数据库。
- 我检查了应用程序名称。它被设置为“/”。
应用程序可以访问 SQL Server。事实上,当我去检索密码时,它甚至会将密码发送给我。尽管如此,登录控件仍然拒绝登录。
我将其添加到 web.config
中:
<membership defaultProvider="AspNetSqlProvider">
<providers>
<clear/>
<add name="AspNetSqlProvider" connectionStringName="LocalSqlServer" applicationName="/" type="System.Web.Security.SqlMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"/>
</providers>
并将以下内容添加到我的连接字符串中:(
<remove name="LocalSqlServer" />
<add name="LocalSqlServer" connectionString="Data Source=IDC-4\EXCALIBUR;Initial Catalog=allied_nr;Integrated Security=True;Asynchronous Processing=True"/>
请注意,“删除名称”是为了删除 App_Data 目录中的默认连接字符串。)
为什么赢了登录控件不验证用户身份吗?
I'm having some trouble with the ASP.NET 2.0 Login Control.
- I've setup a database with the aspI.net regsql tool.
- I've checked the application name. It is set to "/".
The application can access the SQL Server. In fact, when I go to retrieve the password, it will even send me the password. Despite this, the login control continues to reject logins.
I added this to the web.config
:
<membership defaultProvider="AspNetSqlProvider">
<providers>
<clear/>
<add name="AspNetSqlProvider" connectionStringName="LocalSqlServer" applicationName="/" type="System.Web.Security.SqlMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"/>
</providers>
And I added the following to my connection strings:
<remove name="LocalSqlServer" />
<add name="LocalSqlServer" connectionString="Data Source=IDC-4\EXCALIBUR;Initial Catalog=allied_nr;Integrated Security=True;Asynchronous Processing=True"/>
(Note the "remove name" is to get rid of the default connection string in the App_Data directory.)
Why won't the login control authenticate users?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
听起来您正在以纯文本形式存储密码,但 SqlMembershipProvider 的默认密码存储格式是“Hashed”。如果用户的密码以散列形式存储,您将永远无法从数据库中检索该密码。
It sounds like you are storing your passwords in plain text, but the default password storage format of SqlMembershipProvider is "Hashed." You would never be able to retrieve a user's password from the database if it is stored as hashed.
4 Guys From Rolla 网站上撰写了一系列有关会员资格提供商的精彩文章。检查一下,因为我认为这会有所帮助!
https://web. archive.org/web/20211020202857/http://www.4guysfromrolla.com/articles/120705-1.aspx
来自该系列的第 4 部分:
“在会员系统中,存在多种情况,用户的凭据可能无效:
不幸的是,如果凭据无效,ValidateUser(userName,password) 方法仅返回 False,并且不包含如下信息确切地说,为什么凭证无效”
A great set of articles about the Memebership Provider was written on the 4 Guys From Rolla site. Check it out, as I think it will help!
https://web.archive.org/web/20211020202857/http://www.4guysfromrolla.com/articles/120705-1.aspx
From Part 4 of the series:
"In the Membership system, there are multiple scenarios by which a user's credentials can be invalid:
Unfortunately, the ValidateUser(userName, password) method just returns False if the credentials are invalid, and does not include information as to why, exactly, the credentials are invalid"