I recently inherited an ASP.NET project from another programmer that required consolidating two databases. After consolidating them and fixing the resulting problems in the code I dropped the aspnet membership tables and then recreated them with the aspnet_regsql wizard. I created several users and roles and in my application was able to log in just fine using a standard asp.net login control. I then logged out and tried to log in again and it didn’t work.
In an attempt to pinpoint the problem I set breakpoints at the events LoggingIn, Authenticate, and LoggedIn and somehow none of these events are getting fired. The page will validate, but if you enter the correct credentials it seems to just post back without firing any of the login events.
Eventually I got frustrated and moved on to something else. Then today (the next day) I came in and checked again and somehow it let me log in the first time. I tried to log out and log back in and I got the same exact problem. Validation, but no authentication.
Here is the code for my login control:
<asp:Login ID="Login1" runat="server" UserNameLabelText="Username:" PasswordLabelText="Password:" OnLoggedIn="Login1_LoggedIn"></asp:Login>
The Login1_LoggedIn code-behind:
protected void Login1_LoggedIn(object sender, EventArgs e)
{
if (Roles.IsUserInRole(Login1.UserName,"Administrator"))
Response.Redirect("~/Admin/Default.aspx");
else if (Roles.IsUserInRole(Login1.UserName,"Appointment Administrator"))
Response.Redirect("~/ApptReq/Management/ManageEntities.aspx");
}
Web.config membership sections:
<system.web>
<authentication mode="Forms">
<forms loginUrl="Login.aspx" timeout="60" cookieless="UseCookies" name="Test" slidingExpiration="true" path="/"></forms>
</authentication>
<roleManager enabled="true">
<providers>
<clear />
<add name="AspNetSqlRoleProvider" type="System.Web.Security.SqlRoleProvider" connectionStringName="test" applicationName="Test" />
</providers>
</roleManager>
<membership defaultProvider="AspNetSqlMembershipProvider">
<providers>
<clear/>
<add name="AspNetSqlMembershipProvider" type="System.Web.Security.SqlMembershipProvider" connectionStringName="test" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" applicationName="Test" requiresUniqueEmail="false" passwordFormat="Hashed" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="6" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10" />
</providers>
</membership>
I’m going crazy trying to figure this thing out, so any help would be greatly appreciated.
Well I feel stupid. Turns out logging in worked fine if you clicked the “Login” button, however every time I was testing I was just hitting the Enter key. The enter key event was being capture by a search button I had on the page which hadn’t been implemented yet so all it did was post back.
I just wrapped the login control in a panel and set the DefaultButton to the ID of the login button. Problem solved.