Your login attempt was not successful. Please try again

Question

I have a standard Login ASP.NET 2.0 control on a login Page, a LoginName and LoginStatus controls on the member's page.
once the user login successfully I am redirecting the user to Member.aspx page. The following is my machine configuration

Windows XP Pro Service Pack2
IIS 5.1
SQL Server 2000
visual Studio 2005
DISABLE ANONMYOUS ACCESS IN IIS
ENABLE WINDOWS AUTHENTICATION

I am Using form authentication, and I am getting following error  "Your login attempt was not successful. Please try again".

To debug,I am displaying the follwoing properties

Membership.ValidateUser(Login1.UserName, Login1.Password) : - True
HttpContext.Current.User.Identity.Name : -   // is blank
FormsAuthentication.FormsCookieName : - SqlAuthCookie
FormsAuthentication.CookieDomain :-    // is blank
FormsAuthentication.CookieMode :- UseCookies
FormsAuthentication.CookiesSupported :- True
FormsAuthentication.DefaultUrl :- /webIT/default.aspx
FormsAuthentication.EnableCrossAppRedirects :- False
FormsAuthentication.FormsCookieName :- SqlAuthCookie
FormsAuthentication.FormsCookiePath :- /
FormsAuthentication.LoginUrl :- /webIT/ASPX/Security/Login.aspx
FormsAuthentication.RequireSSL :- False
FormsAuthentication.SlidingExpiration :- True
User.Identity.IsAuthenticated :- False
User.Identity.Name :-   // is blank
User.Identity.AuthenticationType :- // is blank

Is it something to do with the security of Windows XP Pro ? or a IIS 5.1? Any help will be highly appreciated.

 

Login.aspx file is

<%@ Page Language="C#" AutoEventWireup="true" CodeFile="Login.aspx.cs" Inherits="Login" %>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" >
<head runat="server">
<title>Untitled Page</title>
</head>
<body>
<form id="form1" runat="server">
<div>
&nbsp;</div>
<asp:Login ID="Login1" runat="server" DestinationPageUrl="~/Member.aspx" RememberMeSet="True">
</asp:Login>
</form>
</body>
</html>

 

Member.aspx is

<%@ Page Language="C#" AutoEventWireup="true" CodeFile="Member.aspx.cs" Inherits="Member" %>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" >
<head runat="server">
<title>Untitled Page</title>
</head>
<body>
<form id="form1" runat="server">
<div>
You are back ........
<asp:LoginName ID="LoginName1" runat="server" />
<asp:LoginStatus ID="LoginStatus1" runat="server" LogoutAction="Redirect" LogoutPageUrl="~/Login.aspx" />

</div>
</form>
</body>
</html>

Member.aspx.cs

using System;
using System.Data;
using System.Configuration;
using System.Collections;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;

public partial class Member : System.Web.UI.Page
{
protected void Page_Load(object sender, EventArgs e)
{
Response.Write("<br/>Page.User.Identity.Name: " + Page.User.Identity.Name);
Response.Write("<br/>Page.User.Identity.IsAuthenticated: " + Page.User.Identity.IsAuthenticated);
Response.Write("<br/>Page.User.Identity.AuthenticationType: " + Page.User.Identity.AuthenticationType);

}//end
}

 

 Web.config file is

<configuration xmlns="http://schemas.microsoft.com/.NetConfiguration/v2.0">    
   <connectionStrings>
        <clear />
  <add  name="SQL_CONNECTION_STRING"
                connectionString="server=Sample;database=sample;user id=sa;password=temp;"
                providerName="System.Data.SqlClient"
           />
   </connectionStrings>
 
 
   <system.web>     
        <authentication mode="Forms">
    <forms name="SqlAuthCookie"
       loginUrl="~/ASPX/Security/Login.aspx"
       timeout="60"
       domain=""
       path="/"
       protection="All"
       requireSSL="false"
       slidingExpiration="true"
       defaultUrl="default.aspx"
       cookieless="UseCookies"
       enableCrossAppRedirects="false"
        />
  </authentication>

     
      <!-- Deny Access to anonymous user -->
      <authorization>
 <deny users="?" />
 <allow users="*"/>       
      </authorization>
     
     
     
 <!-- SQL Server Memebership Provider's-->
 <membership defaultProvider="SqlProvider"
      userIsOnlineTimeWindow="30">
              <providers>
              <clear />
              <add connectionStringName="SQL_CONNECTION_STRING"
                   enablePasswordRetrieval="false"
                      enablePasswordReset="true"
                      requiresQuestionAndAnswer="true"
                      passwordFormat="Hashed"
                      applicationName="webIT"
                      name="SqlProvider"
                      type="System.Web.Security.SqlMembershipProvider" />
             </providers>
      </membership>
     
   
    <!-- SQL Server RoleManager Provider's-->
    <roleManager enabled="true"
   cacheRolesInCookie="true"
   cookieName=".ASPXROLES"
   defaultProvider="SqlRoleProvider">
  <providers>
   <clear />
   <add connectionStringName="SQL_CONNECTION_STRING"
        applicationName="webIT"
        name="SqlRoleProvider"
        type="System.Web.Security.SqlRoleProvider" />
  </providers>
   </roleManager>     
   
</configuration>

NOTE : The applicationName is same in web.config as well as in the aspnet_Applications table in SQL Server 2000 membership database.

Answer 1

Does the server where the application is deployed to, have the .Net Framework 2.0 installed ?

Also check whether the login attempted default database is available at that point of time.

Answer 2

Hello Satya,

Yes the server is running ASP.NET 2.0 framework.

Also check whether the login attempted default database is available at that point of time.? Do you mean Membership database.?

Thanks,

Muder

 

 

Answer 3

What is the SQL Server 2000 error logged out in the ERRORLOG file?

Can you connect using osql or isqlw?

Thanks
Laurentiu

Answer 4

hi Laurentiu,

Check the error log file , there is no error in the log file, also I can connect to osql and isqlw with the same userid and password that I use for connection string. I am still not able to login..? It seems it is a very strange problem.. Any clue.?

 

Thanks,

Muder

Answer 5

Hi ,

Am also facing the same problem.
Did you get the solution.
Please share if you got the solution.

Nandagopal.P.K.S

Answer 6

Nandagopal,

I didn't got the solution..? Still struggling with the same problem. Do you have the same configuration as mine. and are you using the standard login control..? I tried the folowing things and it didn't worked for me. You can try..it might work for you.

1. check the application Name of the Memebership provider both in web config as well as in the aspnet_Appliction table.It has to be same.

2. Uninstall and Reinstall Membership database.

3. Also Refer this URL : http://support.microsoft.com/kb/306359

4. If you are using Access db for Membership, try giving read/write permissions on the App_Data folder to "Network Service" and "ASPNET".

I tried all the above solution, but it didn't worked for me. I hope one of the solution might work for you. or if you get any other solution , please let me know.

Thanks,

Muder

 

 

 

Answer 7

Hi,

does your ASP .NET user have access permission to IIS?!

Answer 8

 Hemantgiri ,

Yes the ASP.NET have access to IIS. FYI, I have IIS 5.1. is this make any difference.?

Thanks,

Muder

 

Answer 9

Hi,

here is a KB link FYI for Authentication methods for connections to SQL Server in ASP
http://support.microsoft.com/kb/247931/en-us

HTH

Hemantgiri S. Goswami

Answer 10

Hemantgiri,

Thanks for reply, but that KB article is for connection from ASP using ODBC, I am using ASP.NET 2.0 with Membership database on SQL Server 2000.

Here is some more info : The membership.ValidateUser() returns true, that means the user is getting validated, but the page is not getting redirected, it seems either it is a Cookie problem or authentication because if I print the following values the output is a shown below.

HttpContext.Current.User.Identity.Name : -   // is blank
User.Identity.IsAuthenticated :- False
User.Identity.AuthenticationType :- // is blank

any clue as to why it is happening.???

Thanks,

Muder

 

 

Answer 11

Hi,

refer below links

http://support.microsoft.com/?id=306359

http://www.dotnetjohn.com/articles.aspx?articleid=144

http://www.dotnet247.com/247reference/msgs/35/176441.aspx

Answer 12

Hi Murder,

I have a work around try out.
Its working for me.

Step 1 :  Go to the following folder you can find machine.config.comments      C:\WINNT\Microsoft.NET\Framework\v2.0.50727\CONFIG
Step2 : Copy the following code from the Machine.config.comments to your web.config
i.e : Membership tad and roleManager

<membership defaultProvider="AspNetSqlMembershipProvider" userIsOnlineTimeWindow="15" hashAlgorithmType="">
      <providers>
        <clear />
        <add connectionStringName="LocalSqlServer" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="true" applicationName="/" requiresUniqueEmail="false" passwordFormat="Hashed" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="7" minRequiredNonalphanumericCharacters="1" passwordAttemptWindow="10" passwordStrengthRegularExpression="" name="AspNetSqlMembershipProvider" type="System.Web.Security.SqlMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
      </providers>
    </membership>

    <roleManager enabled="true">
       <providers>
          <clear />
          <add connectionStringName="LocalSqlServer" applicationName="/"
             name="AspNetSqlRoleProvider" type="System.Web.Security.SqlRoleProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
          <add applicationName="/" name="AspNetWindowsTokenRoleProvider"
             type="System.Web.Security.WindowsTokenRoleProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
       </providers>
    </roleManager>


Step3 : Here comes the important, while you configure a new database for membership and roles, we normal assign our own database. using aspnet_regsql.
But don't do it, instead allow the wizard to take the default database (aspnetdb).
So you application will use actual db for business logic but stores the membership and roles in the default aspnet.db

Step4 : Check and verify whether you have given connectionstring for the default database.

<connectionStrings>
        <remove name="LocalSqlServer"/>
        <add name="LocalSqlServer" connectionString="Data Source=cprwb003;Initial Catalog=aspnetdb;User Id=;Password=" providerName="System.Data.SqlClient"/>

    <add name="MainConnection" connectionString="Data Source=cprwb003;Initial Catalog=fileupload;User Id=;Password=;" providerName="System.Data.SqlClient"/>
    </connectionStrings>

Step5 : For me LocalSQLSever is the connection string name which will store the connection string for membership and roles. Same name should be given in the membership and roles tag.

Step 6 : Configure you username and roles.
Step 7 : Place your login-control. If you have already placed delete and add new control

Step 8 : The simple solution is using seperate DB for membership and role. Its not mandatory to copy the tag from machine.config, but when we go for deployment we can change the application name when you are having more than one application sharing the same membership and roles database.

Try out.. the above work around..

Nandagopal.P.K.S

Answer 13

If you do not get an answer from this thread, then try asking the question on an ASP forum.

If you get a SQL Server error in the ERRORLOG, then we can provide more information about what to do about it.

Thanks
Laurentiu

Answer 14

Laurentiu,

No I am not getting any SQL Server error. I believe it is something to do with my authentication or cookie creation.

I posted the problem in ASP.NET forum, no solution yet.

 

Thanks,

Muder

 

 

Answer 15

Thanks to everyone who replied to my post, Finally I got this problem resloved by isolating the IIS 5.1, What I did is created a new project as a FileSystem.So, instead of running my project on IIS 5.1, my project is getting executed on the default web server provided by Visual Studio.NET 2.0.

When I ran my proejct on using FileSystem and default web server, I get all the values for User.Identity.Name, RedirectionFromLoginPage is  working. Overall everything is working fine with me.

Conclusion: This lead me to believe that there is some problem with my IIS 5.1 not authenticating or identifying a user.

Nandagopal, I will try your code and see if it works with my IIS server.

Thanks,
Muder.

Answer 16

Hi Murder,

Have you tried what I have mentioned.
Its working for me.

Nandagopal.

Answer 17

My solution was to grant the USERS group on the server the rights to modyfy and write to de App_Data folder. It wasn't enought with granting the ASPNET user.

Answer 18

I was having the problem where I created new website, configured forms membership through ASP.NET config website, added login control and ran website, and it would let me login once, but subsequent logins failed with identical user/pass. deleting and re-adding the login control (as was suggested above) seems to be a bandaid, but there is something going on here

Answer 19

Thanks Nandagopal,

 

I was working on a Sharepoint 2007 Site with FBA and I had used the Login Control in the Homepage. Your steps helped me to fix the issue.

 

'machine.config.comments' made the trick for me.

 

Thanks,

Gunasekar

Answer 20

Seems pretty silly, but if you have anything in the form authenticate event (even code that is commented out) and do not explicitly validate, the error mentioned will generate.

ie

protected void Login1_Authenticate(object sender, AuthenticateEventArgs e) {
if (Membership.ValidateUser(Login1.UserName, Login1.Password)) {
e.Authenticated = true; }
else{e.Authenticated = false; }}

 

See the following for more:

http://www.codeproject.com/KB/aspnet/LoginControlError.aspx

happy coding and hope this saves you a wasted few hours.