禁用 SQL 成员资格提供程序(ASP.Net 表单身份验证)
我为需要基本密码保护的客户设置了一个简单的预览网站。我正在使用表单身份验证以及 web.config
中指定的凭据。
一切工作正常我的盒子 (著名的遗言)
但是,当我部署到运行 Win2008 的生产网站时,身份验证代码尝试打开 SQL Server 数据库(我没有引用 web 中的任何 SQL .config
)。如何禁用此行为,以便基于我在 web.config
中输入的凭据进行身份验证?
事件日志中出现异常
无法连接到 SQL Server 数据库。 在System.Web.Management.SqlServices.GetSqlConnection(字符串服务器,字符串用户,字符串密码,布尔信任,字符串连接字符串) 在 System.Web.Management.SqlServices.SetupApplicationServices(字符串服务器、字符串用户、字符串密码、布尔信任、字符串连接字符串、字符串数据库、字符串 dbFileName、SqlFeatures 功能、布尔安装) 在System.Web.DataAccess.SqlConnectionHelper.CreateMdfFile(字符串fullFileName,字符串dataDir,字符串connectionString) 在 System.Web.DataAccess.SqlConnectionHelper.EnsureSqlExpressDBFile(字符串连接字符串) ... 在 System.Data.SqlClient.SqlConnection.Open() 在 System.Web.Management.SqlServices.GetSqlConnection(字符串服务器、字符串用户、字符串密码、布尔信任、字符串连接字符串)
http://my.site.com/Login.aspx?ReturnUrl=/
web.config(相关部分)
<system.web>
<compilation targetFramework="4.0" />
<authentication mode="Forms">
<forms name="appNameAuth" path="/" loginUrl="Login.aspx" protection="All" timeout="30">
<credentials passwordFormat="SHA1">
<user name="me" password="SHA1OfMyPassword" />
</credentials>
</forms>
</authentication>
<authorization>
<deny users="?"/>
<allow users="me" />
</authorization>
</system.web>
I have setup a trivial preview website for a client that needs basic password protection. I'm using Forms Authentication with the credentials specified in web.config
.
Everything works fine on my box (famous last words)
However, when I deploy to a production website running Win2008, the authentication code attempts to open a SQL Server database (I have no reference to anything SQL in web.config
). How can I disable this behavior so that authentication is based on the credentials I have entered in web.config
?
Exception in Event Log
Unable to connect to SQL Server database.
at System.Web.Management.SqlServices.GetSqlConnection(String server, String user, String password, Boolean trusted, String connectionString)
at System.Web.Management.SqlServices.SetupApplicationServices(String server, String user, String password, Boolean trusted, String connectionString, String database, String dbFileName, SqlFeatures features, Boolean install)
at System.Web.DataAccess.SqlConnectionHelper.CreateMdfFile(String fullFileName, String dataDir, String connectionString)
at System.Web.DataAccess.SqlConnectionHelper.EnsureSqlExpressDBFile(String connectionString)
...
at System.Data.SqlClient.SqlConnection.Open() at System.Web.Management.SqlServices.GetSqlConnection(String server, String user, String password, Boolean trusted, String connectionString)
http://my.site.com/Login.aspx?ReturnUrl=/
web.config (relevant portion)
<system.web>
<compilation targetFramework="4.0" />
<authentication mode="Forms">
<forms name="appNameAuth" path="/" loginUrl="Login.aspx" protection="All" timeout="30">
<credentials passwordFormat="SHA1">
<user name="me" password="SHA1OfMyPassword" />
</credentials>
</forms>
</authentication>
<authorization>
<deny users="?"/>
<allow users="me" />
</authorization>
</system.web>
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
事实证明,在生产计算机上,SQL 成员身份提供程序是在 machine.config 中定义的。我认为运营团队没有对默认的 Windows 2008 安装进行任何更改,因此该平台的情况可能通常如此。
要删除对在更高级别定义的任何 SQL 提供程序的引用,请在 web.config 中包含以下内容
It turns out that, on the production machine, the SQL membership provider was defined in machine.config. I don't think the ops team changed anything from the default Windows 2008 install, so that's probably generally the case for that platform.
To remove references to any SQL providers defined at a higher level include the following in your web.config