Search code examples
asp.netc#-4.0aspnetdb

My ASP.NET 4 login stopped working...why?

I am working on an ASP.NET 4.0 C# project. The CreateUserWizard is working fine, but the login controls I built are always showing this message: 

Your login attempt was not successful. Please try again.

This started happening after I changed the membership and connection string settings in machine.config to experiment, which I changed to default later i.e.:

Here's the connection string settings:

<connectionStrings>
    <add name="LocalSqlServer" connectionString="data source=.\SQLEXPRESS;Integrated Security=SSPI;AttachDBFilename=|DataDirectory|aspnetdb.mdf;User Instance=true" providerName="System.Data.SqlClient"/>
</connectionStrings>

And here is the membership section:

<membership>
    <providers>
        <add name="AspNetSqlMembershipProvider" type="System.Web.Security.SqlMembershipProvider, System.Web, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" connectionStringName="LocalSqlServer" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="true" applicationName="/" requiresUniqueEmail="false" passwordFormat="Hashed" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="7" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10" passwordStrengthRegularExpression=""/>
</providers>
</membership>

Also, I have changed my default database to store my websites data to login controls default data i.e. ASPNEDB.mdf by writing two lines in every code behind of page

SqlConnection con = new SqlConnection("data source=.\\SQLEXPRESS;Integrated Security=SSPI;AttachDBFilename=|DataDirectory|aspnetdb.mdf;User Instance=true");
SqlCommand cmd = new SqlCommand();

Even when I finish CreateUserWizard1 successfully and redirect to my homepage.aspx, where I have used default label of asp.net LoginName, the label is showing blank.

And if I manually put Label1 and type Label1.Text = HttpContext.Current.User.Identity.Name;, its still not working.

Will you please help me. I have to show this project to my college and not only that but my team will fail due to my EXPERIMENT.

Solution

  • There are several potential issues here:

    1. You changed the machinekey in the web.config. If so, change it back. If you can't change it back then delete all the users in your table and recreate them. You're using a one way hash algorithm that requires the machinekey to hash the entered password for comparison.

    2. You made changes to the connection string. Are you sure the database even has those user records in it? Next, did you happen to delete / recreate the database? If so those users are gone. See #1.

    More to the point it's obvious you haven't put everything back like it was.

    So, why are you getting login failed? Potential options are:

    1. The database being accessed isn't the one you think it is.
    2. The user truly doesn't exist in the database its looking at.
    3. The user does exist but the password you are providing isn't the correct one.
    4. The user exists and the password is correct, but the machinekey has changed and therefore the system can't hash it correctly.

    Basically it's probably time to start over by clearing out your database and adding users into it again.