I have an Asp.Net MVC 3 website that uses asp.net membership services for authentication. The membership database has been running on Sql Server Express 2008 and I am attempting to convert it to Sql Sever Compact 4.0.
Following the instructions here I have created the Sql Server Compact 4.0 database. I used the code from here to switch the membership provider in the MVC app.
Using the new provider and database I am able to successfully create new users and log in using the new user's password. However, I am not able to login to any of the users that previously existed in the Sql Server Express database. I am able to browse the new database and have verified that the users are all there, so I believe the problem is somehow related to not being able to successfully access the encrypted passwords that had been previously created. I really don't want to have all of the existing users change their passwords. Can anyone shed some light as to how I can make this happen?
Is it possible it has something to do with the ApplicationName property in the web.config file?
See this blog post from ScottGu for more information:
Always set the "applicationName" property when configuring ASP.NET 2.0 Membership and other Providers
Related
In my project I need to publish an Access database into Sharepoint. I need to add a web form into it. Is it possible to add a WebForm that can be shown in the Sharepoint site, using ODBC(Database from SQL server on local machine)?
I can connect to that database and edit records in it. But I can't make a form with that web icon on it. Is that even possible to publish something from Access to Sharepoint using local SQL server and make a form to show data from it?
I found something like that:
I totally missed the fact that this was a web app. Access web apps
work with SharePoint, no other data source. That's true for Access
2010. But in Access 2013, there is a hybrid solution possible: Access Client + Access Web + SQL Server. It's still very new and not
common yet, and unfortunately there isn't a migration path from Access
2010 web forms to Access 2013 web forms. You have to build the web app
from scratch. But it's a better platform than Access 2010 offered.
that means i should use access 2013 ?
I am no expert and can't test my ideas, but I read that if you publish an Access db with Access tables to SP, Access tables will be converted to a SQL Server table by SP. Perhaps you could then delete or rename the SP created table on SP's SQL Server and create a view with the same name which points to you table on the other server ?
Have a look at the SP site: https://sharepoint.stackexchange.com/q/104005
I am trying to create a login system on an asp.net website which allows a user to register and log in the website. I require the registered user details to be stored on a database which I already have on Azure.
I have so far created the login system as shown here: http://msdn.microsoft.com/en-us/library/windowsazure/hh508981.aspx and the form works. However, when I log in to the azure management portal I cannot find the user's registered details. I also need to add more fields to the registration form in the database.
Does anyone know where I can view the registered users and how I can add more fields?
If you follow the same link you used to create your application you will see the schema that is used by SQL Azure to store this information as below:
Now if you want to access this database directly, what you really need is SQL Server Management Studio (SSMS) to connect with this Database and access it from your local machine. Follow this link below to download and configure SQL Azure studio locally so you can connect to SQL database and the modify the schema or look the records etc. Once you have SSMS connected with SQL Database, you can manage it like any other on-premise database.
Managing Windows Azure SQL Database using SQL Server Management Studio
I have developer MVC4 + EF Code First + SQL Server 2008 web app. Uploaded it to prod server with IIS7. Created new credentials PC. Added empty database PCDB to SQL Server and assigned user PC to it with owner permission. When I run web app I get error
Model compatibility cannot be checked because the database does not contain model metadata. Model compatibility can only be checked for databases created using Code First or Code First Migrations
My connection string is
data source=174.xx.x.x;initial catalog=pcdb;user id=pc;password=xxxxx;
The exception is understandable, I can delete PCDB database and let EFCode First create it by itself. But how about credentials PC? I do not want to make PC user as administrator but without it EF Code First will not be able to create new database in SQL Server.
How to solve the problem?
The overall design starts with Forms or Windows authentication at the WebsiteASP.NET/ IIS.
and ends with Application and DB authentication you want/need. Application authorization is another topic. I will not discuss that here.
You dont actually state the authentication model desired.
So I will start with a disclaimer. This a suggestion that I WOULD use in a production site. But it is not the ultimate end game nor is it the ONLY short term solution you might consider.
This is a solution that a one man show can get working. And is secure and without excessive admin effort to keep running.
Use SQL server logon via Windows Auth
BUT you do not need to add every user to SQL server.
There is also the option of impersonation. But that can get tricky and this explanation is not NOT impersonation. That is another another approach.
first make sure Website is using Windows Authentication
set IIS to use Windows Authentication:
Now the APP Pool behind the website on IIS you have configured. .
Im going to suggest a Psuedo-service user in the APP pool as a good way to start.
ie WEBAPPLICATION_X_USER. You can have a separate user per APP pool. Each user can access only its DB. So you get application separation. Your enter a user and password here. IIS will encrypt and decrypt as required. (better than plan text in Web.config)
This user should have reduced auth on the server itself. NOT AN ADMIN user on domain or even local admin. Just enough so it can use Sql server to create a DB. So create a regular windows user
Let ASP.Net logon to DB. Let ASP.net encrypt and decrypt the password.
So now the situation is Windows AUTH on IIS. IIS has an App pool with a special windows user that can logon to SQL server. You have added this user to SQL server instance and Allocated this service user the ability create DBs. Dont give the user access to ALL Dbs :-) Just the one it will create. Plus public access (via EF).
Verify the user credential situation in your WEB APP.
See [System.Security.Principal.WindowsIdentity]
This should show your windows authenticated end user.
System.Environment.UserName should have the service user ID you placed in the IIS APP POOL.
Now when EF goes to create or access data on the SQL server instance, it will connect with
System.Environment.UserName if the WEB.CONFIG entry is set to use windows integrated security
<connectionStrings>
<add name="DbContextName" connectionString="Data Source=Your SQL server Instance;Initial Catalog=The DBNAME;Integrated Security=True;MultipleActiveResultSets=True;App=EntityFramework" providerName="System.Data.SqlClient" />
And you KNOW the authenticated user.
httpContext will give it to you as does thread current principal.
HttpContext.User is by default mapped to {System.Security.Principal.WindowsPrincipal}
So you can perform application level checking.
The same approach should also work with Forms Authentication.
WARNING: If you have windows WPF approach (ie you are not using IIS and therefore no APP pool), then this approach MUST be changed and is more complex and no longer the best place to start.
I hope this helps you get started
I'm want to create a SQl Server login for a IIS web application. Since the Web Application using IIS 7.5 identity, and in addition in production the Sql Server may be in a separate machine, I'm looking for use a user and password based connection string.
Now, I'm a little confused how to create this login in Sql Server 2008 R2. Should I use databawse specific User, or a global login? Should I Database Role or Application Role?
What are the best practices to get a login for an IIS application that don't use Stored Procedures, but makes a use of an ORM tool, like NHibernate?
The following article:
http://msdn.microsoft.com/en-us/library/bb882673.aspx
recommends using Integrated Security to connect to the database.
I've been developing a site using ASP.NET MVC, and have decided to use the new SQL Server 2008 FILESTREAM facility to store files 'within' the database rather than as separate entities. While initially working within VS2008 (using a trusted connection to the database), everything was fine and dandy. Issues arose, however, when I shifted the site to IIS7 and changed over to SQL authentication on the database.
It seems that streaming a FILESTREAM doesn't work with SQL authentication, only with Windows authentication. Given this, what is the best practice to follow?
Is there a way to force this sort of thing to work under SQL authentication?
Should I add NETWORK SERVICE as a database user and then use Trusted authentication?
Should I create another user, and run both the IIS site and the database connection under this?
Any other suggestions?
Take a look at this article. I don't know a whole lot about FileStreaming and security, but there are a couple of interesting options in the FileStreaming setup such as allowing remote connections and allow remote clients to access FileStreaming