locked
Security version confusion RRS feed

  • Question

  • User-626985523 posted

    I am starting a new web application project in VS2015, web forms, ASP.NET 4.5.2.

    I create the site and run in a browser from my local machine, go to the Login page, create a user and observe in the db that five tables have been created AspNetUsers etc. I can Register, log in, log out and create new users. All is fine.

    I then work on a page a bit (cosmetically and no coding) but without touching web.config or anything in the Account folder, and then go back to login but now, when logging back in, I get error  'Invalid object name 'dbo.aspnet_SchemaVersions'.'  I scrub the project and restart from scratch and the same behaviour repeats. I cannot figure what I am doing to cause the security model to look for a nonexistent object.

    I feel that somehow my project is wanting to use the previous security version - where I remember such a table exists - and would welcome any suggestion as to where to look to identify the cause.

    <configuration>
    <configSections>
    <!-- For more information on Entity Framework configuration, visit http://go.microsoft.com/fwlink/?LinkID=237468 -->
    <section name="entityFramework" type="System.Data.Entity.Internal.ConfigFile.EntityFrameworkSection, EntityFramework, Version=6.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" requirePermission="false" />
    </configSections>
    <appSettings>
    <add key="webpages:Version" value="3.0.0.0" />
    <add key="webpages:Enabled" value="false" />
    <add key="PreserveLoginUrl" value="true" />
    <add key="ClientValidationEnabled" value="true" />
    <add key="UnobtrusiveJavaScriptEnabled" value="true" />
    </appSettings>
    <connectionStrings>
    <remove name="LocalSqlServer" />
    <add name="DefaultConnection" connectionString="Data Source=sqlxxxxxx;Initial Catalog=xxxxx;Persist Security Info=True;User ID=xxxx;Password=xxxx" providerName="System.Data.SqlClient" />
    </connectionStrings>
    <system.web>
    <authentication mode="Forms" />
    <compilation debug="true" strict="false" explicit="true" targetFramework="4.5.2" />
    <httpRuntime targetFramework="4.5.2" />
    <pages>
    <namespaces>
    <add namespace="System.Web.Helpers" />
    <add namespace="System.Web.Mvc" />
    <add namespace="System.Web.Mvc.Ajax" />
    <add namespace="System.Web.Mvc.Html" />
    <add namespace="System.Web.Optimization" />
    <add namespace="System.Web.Routing" />
    <add namespace="System.Web.WebPages" />
    <add namespace="BathBSAC" />
    </namespaces>
    <controls>
    <add assembly="Microsoft.AspNet.Web.Optimization.WebForms" namespace="Microsoft.AspNet.Web.Optimization.WebForms" tagPrefix="webopt" />
    </controls>
    </pages>
    <membership defaultProvider="SqlMembershipProvider">
    <providers>
    <!--
    ASP.NET Membership is disabled in this template. Please visit the following link http://go.microsoft.com/fwlink/?LinkId=301889 to learn about the ASP.NET Membership support in this template
    -->
    <clear />
    <add name="SqlMembershipProvider" type="System.Web.Security.SqlMembershipProvider, System.Web, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" connectionStringName="DefaultConnection" enablePasswordReset="false" enablePasswordRetrieval="false" passwordFormat="Clear" requiresQuestionAndAnswer="false" requiresUniqueEmail="false" />
    </providers>
    </membership>
    <profile>
    <providers>
    <!--
    ASP.NET Membership Profile is disabled in this template. Please visit the following link http://go.microsoft.com/fwlink/?LinkId=301889 to learn about the ASP.NET Membership support in this template
    -->
    <clear />
    </providers>
    </profile>
    <roleManager defaultProvider="SqlMembershipProvider" enabled="true">
    <!--
    ASP.NET Membership Role is disabled in this template. Please visit the following link http://go.microsoft.com/fwlink/?LinkId=301889 to learn about the ASP.NET Membership support in this template
    -->
    <providers>
    <clear />
    <add name="SqlMembershipProvider" type="System.Web.Security.SqlRoleProvider, System.Web, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" connectionStringName="DefaultConnection" />
    </providers>
    </roleManager>
    <!--
    If you are deploying to a cloud environment that has multiple web server instances,
    you should change session state mode from "InProc" to "Custom". In addition,
    change the connection string named "DefaultConnection" to connect to an instance
    of SQL Server (including SQL Azure and SQL Compact) instead of to SQL Server Express.
    -->
    <sessionState mode="InProc" customProvider="DefaultSessionProvider">
    <providers>
    <add name="DefaultSessionProvider" type="System.Web.Providers.DefaultSessionStateProvider, System.Web.Providers, Version=2.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" connectionStringName="DefaultConnection" />
    </providers>
    </sessionState>
    </system.web>
    <system.webServer>
    <validation validateIntegratedModeConfiguration="false" />
    <modules>
    <remove name="FormsAuthentication" />
    </modules>
    </system.webServer>
    <runtime>
    <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
    <dependentAssembly>
    <assemblyIdentity name="Newtonsoft.Json" culture="neutral" publicKeyToken="30ad4fe6b2a6aeed" />
    <bindingRedirect oldVersion="0.0.0.0-6.0.0.0" newVersion="6.0.0.0" />
    </dependentAssembly>
    <dependentAssembly>
    <assemblyIdentity name="WebGrease" culture="neutral" publicKeyToken="31bf3856ad364e35" />
    <bindingRedirect oldVersion="0.0.0.0-1.5.2.14234" newVersion="1.5.2.14234" />
    </dependentAssembly>
    <dependentAssembly>
    <assemblyIdentity name="EntityFramework" publicKeyToken="b77a5c561934e089" />
    <bindingRedirect oldVersion="0.0.0.0-6.0.0.0" newVersion="6.0.0.0" />
    </dependentAssembly>
    <dependentAssembly>
    <assemblyIdentity name="Microsoft.Owin" culture="neutral" publicKeyToken="31bf3856ad364e35" />
    <bindingRedirect oldVersion="0.0.0.0-3.0.1.0" newVersion="3.0.1.0" />
    </dependentAssembly>
    <dependentAssembly>
    <assemblyIdentity name="Microsoft.Owin.Security.OAuth" culture="neutral" publicKeyToken="31bf3856ad364e35" />
    <bindingRedirect oldVersion="0.0.0.0-3.0.1.0" newVersion="3.0.1.0" />
    </dependentAssembly>
    <dependentAssembly>
    <assemblyIdentity name="Microsoft.Owin.Security.Cookies" culture="neutral" publicKeyToken="31bf3856ad364e35" />
    <bindingRedirect oldVersion="0.0.0.0-3.0.1.0" newVersion="3.0.1.0" />
    </dependentAssembly>
    <dependentAssembly>
    <assemblyIdentity name="Microsoft.Owin.Security" culture="neutral" publicKeyToken="31bf3856ad364e35" />
    <bindingRedirect oldVersion="0.0.0.0-3.0.1.0" newVersion="3.0.1.0" />
    </dependentAssembly>
    </assemblyBinding>
    </runtime>
    <entityFramework>
    <defaultConnectionFactory type="System.Data.Entity.Infrastructure.LocalDbConnectionFactory, EntityFramework">
    <parameters>
    <parameter value="mssqllocaldb" />
    </parameters>
    </defaultConnectionFactory>
    <providers>
    <provider invariantName="System.Data.SqlClient" type="System.Data.Entity.SqlServer.SqlProviderServices, EntityFramework.SqlServer" />
    </providers>
    </entityFramework>
    <system.codedom>
    <compilers>
    <compiler language="c#;cs;csharp" extension=".cs" type="Microsoft.CodeDom.Providers.DotNetCompilerPlatform.CSharpCodeProvider, Microsoft.CodeDom.Providers.DotNetCompilerPlatform, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" warningLevel="4" compilerOptions="/langversion:6 /nowarn:1659;1699;1701" />
    <compiler language="vb;vbs;visualbasic;vbscript" extension=".vb" type="Microsoft.CodeDom.Providers.DotNetCompilerPlatform.VBCodeProvider, Microsoft.CodeDom.Providers.DotNetCompilerPlatform, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" warningLevel="4" compilerOptions="/langversion:14 /nowarn:41008 /define:_MYTYPE=\&quot;Web\&quot; /optionInfer+" />
    </compilers>
    </system.codedom>
    </configuration>

    Wednesday, December 16, 2015 3:39 PM

All replies

  • User614698185 posted

    Hi davidxt,

    I get error  'Invalid object name 'dbo.aspnet_SchemaVersions'.'

    Maybe the reason for this error is that your application is trying to first connect using the old version of Identity. You shouldn't use the old versions of the objects to manage roles. Use the new UserManager and RoleManager classes.

    For example:

    var store = new UserStore<ApplicationUser>(context);
    var userManager = new ApplicationUserManager(store);    
    
    if(userManager.IsInRole(userId, "NameOfRole")
    {
        //do stuff
    }

    To use this in your views, you can create your own helpers:

    namespace MyProject.MyNamespace.MyExtensions
    {
        public static class IdentityExtensions
        {
            public static bool IsInIdentityRole(this IPrincipal user, string role)
            {
                var userManager = GetUserManager(); //implement this!
                return userManager.IsInRole(user.Identity.GetUserId(), role); 
            }
        }
    }

    Make sure your views know about this namespace, add this line into the web.config file in your Views folder (NOT the main web.config):

    <add namespace="MyProject.MyNamespace.MyExtensions"/>

    And use in your view like this:

    @if (User.IsInIdentityRole("admin"))
    {
        <li>@Html.ActionLink("Admins", "Index", "Admins")</li>
    }

    For more information, please see:  http://forums.asp.net/t/1974349.aspx?Invalid+object+name+dbo+aspnet_SchemaVersions+

    Best Regards,

    Candice Zhou

    Thursday, December 17, 2015 7:37 AM
  • User-626985523 posted

    Hi Candice

    I just wanted to thank you for your response.

    My website is not using MVC so I am not using Views and I was reluctant to follow your suggestions too closely, and in any event the solution was direct from the template so should not have needed amendment to work.

    I do think as you said that my application was trying to use both authentication methods and now suspect that I had done something in the ASP.NET section of my IIS control panel that had made it do that. I did not get to the bottom of it but after recreating the website several times and steering clear of IIS and of the Website Administration Tool from VS2010 which I had also set up to add roles etc, I now have a working site, though still no way of unravelling that error error if it should decide to try to use V1 and start setting up the old suite of SQL tables by itself and then go hunting for them...

    This is the first web app I have done for a couple of years and my unfamiliarity with Identity is undoubtedly the cause of my problems. Its So hard and impractical without the web admin tool to create Roles and maintain users, I am really hating it. 

    But appreciation for your help.

    Tuesday, December 22, 2015 10:14 AM
  • User614698185 posted

    Hi davidxt,

    I suggest that you could use the aspnet_regsql.exe tool to create the new schema again and use that database.

    For more information, please refer to: http://www.asp.net/web-forms/overview/older-versions-security/membership/creating-the-membership-schema-in-sql-server-cs

    It will generate table that name is dbo.aspnet_SchemaVersions.

    Best Regards,

    Candice Zhou

    Thursday, December 24, 2015 8:50 AM