So I've been working on an MVC app that pulls data from an existing database. I designed this as an 'Intranet Application' so that users would automatically be logged on to the app using their Windows credentials. This works, since the property #User.Identity.Name returns my Windows login name. (as well as other users), and they have access to the application itself. HOWEVER, when trying to access the database the information is on, I get the following error:
[SqlException (0x80131904): Login failed for user '**My computer name**'.]
It would appear that it's recognizing my windows login, but for some reason trying to use my machine name to access the database instead. At the company, this particular database is also accessed using employees' windows usernames, so I'd rather people be able to automatically access it using the built-in windows authentication in the MVC app.
In my web.config, I have identity impersonate set to false, authentication mode equal to Windows and the following keys in appSettings:
<add key="ClientValidationEnabled" value="true" />
<add key="UnobtrusiveJavaScriptEnabled" value="true" />
<add key="enableSimpleMembership" value="false"/>
<add key="autoFormsAuthentication" value="false" />
The connection strings were auto-generated for me, and the information IS retrievable when running the app from Visual Studio, so I can only assume it's an issue with IIS settings. (I've never deployed an MVC app before)
On the application's IIS settings I have every authentication disabled except for Windows Authentication. Any ideas what I'm doing wrong? Let me know if there's any additional information you need as well.
Turn on the impersonation in your authentication configuration. Otherwise, the application pool's identity is used to connect to your Sql Server.
Related
I have created ASP.NET MVC Web application but I cannot see ASPNet tables created in database.
Tried so far:
I checked in web-config file if choosing the authentication at the time of creation of project makes this difference and and found <authentication mode="None" /> in web-config. So I thought may be because i might have chosen No Authentication in the beginning that is why I dont have those tables in database. Then I have changed manually in web-config file to <authentication mode="Forms" /> to create individual user authentication.
However even after updating the authentication mode to forms it is still not showing ASPNet tables in the database.
I have noticed that ASP.Net Identity tables are created in localDb and I have created my another database with tables for my application. Now I want to see ASPNet Identity tables from local db in my own created database.
In the web-config file i have updated the data source with the data source of other connection string of my database .
<add name="DefaultConnection" connectionString="Data Source=SQLCLUSTER;initial catalog=TimeSheet;integrated security=True;MultipleActiveResultSets=True" providerName="System.Data.SqlClient" />
<add name="TimeSheetEntities" connectionString="metadata=res://*/TimeSheet.csdl|res://*/TimeSheet.ssdl|res://*/TimeSheet.msl;provider=System.Data.SqlClient;provider connection string="data source=SQLCLUSTER;initial catalog=TimeSheet;integrated security=True;MultipleActiveResultSets=True;App=EntityFramework"" providerName="System.Data.EntityClient" /></connectionStrings> ```
After running the application in debug mode I still can't see the ASPNet tables in my own database.
How can I get those tables?
What did I miss which is cause of this issue?
Any clarification would be much appreciated as I am newbie and learning Authentication and Authorisation at this point.
I'm going through a basic tutorial for ASP.NET MVC based on this Microsoft Help document. The app displays books and authors from a database and allows for CRUD operations on that data. Everything is working fine on my machine when I run locally developing with Visual Studio 2017. But when I try to to deploy to my PLESK hosted website I'm having problems. I recreated (from scratch) a MySQL database designed to exactly replicate the schema of local database and populated it with sample values. When the page loads, I'm getting a long hang and ultimately a 500 error after it tries unsuccessfully to connect to the database.
This is the connection string that is working locally:
<add name="BookServiceContext" connectionString="Data Source=(localdb)\MSSQLLocalDB; Initial Catalog=BookServiceContext-20200803155333; Integrated Security=True; MultipleActiveResultSets=True; AttachDbFilename=|DataDirectory|BookServiceContext-20200803155333.mdf" providerName="System.Data.SqlClient" />
And here's the connectionStrings part of the remote web.config:
<add name="BookServiceContext" connectionString="Server=###.##.###.##;Database=BookServiceContext;Uid=myPLESKUserIDAssociatedWithDatabase;Pwd=PasswordForTheUser;multipleactiveresultsets=True" providerName="System.Data.SqlClient" />
Perhaps I have the syntax wrong or am missing a setting in PLESK (I was trying to use a sample from ConnectionStrings.com and haven't set up a DB in PLESK before).
I have an application which connects to our SQL Server 2008 enterprise.
My config file contains:
name="patbase" connectionString="Data Source=pbsqlserver1;Initial Catalog=patentbase;Trusted_Connection=True;;Application Name=PatBase Images;" providerName="System.Data.SqlClient"
When I test it from my PC it works.
When I publish it to the (internal) server I can see my user has logged into asp.net but data base access gives me:
An error occurred while getting provider information from the
database. This can be caused by Entity Framework using an incorrect
connection string. Check the inner exceptions for details and ensure
that the connection string is correct.
Your connection string is using a "trusted connection" which means the identity of the client process/thread is used in the SQL login attempt. You say that your user has logged in to the ASP.NET app, but what is the identity of the application pool your app runs in?
You don't say what kind of authentication your app uses, but I'm going to assume Windows Authentication. If you want the end-user's account to be used for the SQL login, you will need to enable ASP.NET impersonation for your app. You can do this under "Authentication" in the IIS Manager, or in your web.config with <identity impersonate="true" />
If you don't care which identity is used for the SQL login attempt, you can create a SQL login for your application pool's identity.
try to see if SSPI security works
<connectionStrings>
<add name="patbase" connectionString="Data Source=pbsqlserver1;Initial Catalog=patentbase;Integrated Security=SSPI;;Application Name=PatBase Images" providerName="System.Data.SqlClient"/>
</connectionStrings>
or remove the ;;Application Name=PatBase Images at the end if that doesn't work.
I've run into an issue and I can't identify what the difference is between App 1 and App 2. Both Apps execute the exact same line of code below from the Session_Start() in the Global.asax. One app identifies the user correctly DOMAIN\USER, the other app simply returns ''...
UserService.GetUserInfo(Context.User.Identity.Name.ToString());
Both apps have this in the Web.config for using Windows Authentication.
<authentication mode="Windows"></authentication>
You can test it with IIS Express locally which supports Windows authentication. So in your web.config you must have the following:
<authentication mode="Windows" />
and in the properties of the project configure IIS Express to enable Windows Authentication:
Anonymous Authentication must be set to Disabled and Windows Authentication must be set to Enabled.
I am building a local intranet web application which uses the current user's AD credentials to access the system. My web server is running IIS 7.5 on Server 2008.
My AD is configured with two groups, Users and Admins, both of which I want to access my web application and I have added the two groups (read/execute permissions) to my directory in IIS. My web.config is pretty standard and I do not have any additional filters in my Global.asax file.
I am able to access my application if I use my user or admin account, but my coworker can not, which further complicates things. My accounts do not have any permissions on the folder - only the groups to which they belong.
Authentication mode is set to Windows, but unfortunately every attempt as my coworker to access the website fails with the following:
HTTP Error 401.0 - Unauthorized
You do not have permission to view this directory or page.
The "most likely cause" box suggests:
The authenticated user does not have access to a resource needed to process the request.
I just can not figure this out. If I create a sample mvc3 application and deploy it in the same directory, I can authenticate and view pages fine as any user.
There can be many reasons for this.
Your controller needs to be decorated with appropriate authorization attribute like following
[Authorize(Roles = "Administrator")]
In your web.config, you need to have following code inside your system.web configuration
<roleManager enabled="true" defaultProvider="YourRoleProvider">
Finally you need to see if that user has been added to their respective roles
I'd the exact same issue. After having few hours of research, it seems to be very easy way to deal with this issue.
<system.webServer>
<modules>
<!--<remove name="FormsAuthentication" />-->
</modules>
</system.webServer>
I'd to remove <remove name="FormsAuthentication" /> statement from modules attribute in Web.config file which was added by default while creating default MVC website.
I had the same problem in MVC 4, and I have resolved it with this:
[AllowAnonymous]
(Add this line in controller, above action you are calling when this error appears.)