Home/ Questions/Q 7611241
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-31T01:37:26+00:00

I created a custom membership and role provider to leverage the authentication and authorization

  • 0

I created a custom membership and role provider to leverage the authentication and authorization built into ASP.NET MVC 4. Everything had been going smoothly during development of my application until I tried deploying it to a test environment.

Launching the application in Debug mode from Visual Studio works perfectly fine. However, I then use Visual Studio’s one click deployment to load my application into an instance of IIS running on my development machine. I am able to load the application in my browser, but authentication no longer works. Using Fiddler, I see that a cookie is sent back, but I am unable to access portions of the site that are restricted using [Authorize] attributes.

Below is a relevant snippet from my web.config.

<membership defaultProvider="PonosMembershipProvider">
  <providers>
    <clear />
    <add name="PonosMembershipProvider" type="Ponos.Identity.PonosMembershipProvider" connectionStringName="DefaultConnection" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" requiresUniqueEmail="false" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="6" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10" applicationName="/Ponos" />
  </providers>
</membership>
<roleManager enabled="true" defaultProvider="DefaultRoleProvider">
  <providers>
    <clear />
    <add name="DefaultRoleProvider" type="Ponos.Identity.PonosRoleProvider" connectionStringName="DefaultConnection" applicationName="/Ponos" />
  </providers>
</roleManager>

Additionally, I set the application name in both custom provider with logic as follows:

public override string ApplicationName
    {
        get
        {
            return "Ponos";
        }
        set
        {
            throw new NotImplementedException();
        }
    }

Additionally, after attaching to the running instance of IIS, I see that the information entered into the form passes validation, but that no access is granted to pages that have restricted authorized access.

Also, the database on being used for the deployment is populated with the same values as the development database.

Why wouldn’t the providers work after deployment when they are functioning fine in the debugging environment?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    This problem was only showing up when my deployed server was accessed directly by its IP. When I added a hosts entry mapping a domain to the IP and subsequently set the same domain in my auth cookie the issue was resolved.

    I’m not sure why I couldn’t access the cookie if the domain was an IP address, but this did fix the problem.

    • 0