升级到 ASP.NET 4.5/MVC 4 表单身份验证失败 [英] Upgrading to ASP.NET 4.5/MVC 4 forms authentication fails
问题描述
我刚刚卸载了 VS 2012 以及 ASP.NET 4.5 和 MVC 4.0,并且正在使用示例应用程序进行测试,发现与 ASP.NET 4.0/MVC 3 完美配合的表单身份验证似乎不再适用使用最新版本.
当我调用操作控制器中的登录函数时,WebSecurity.Login 调用失败:
public ActionResult Login(LoginModel 模型,字符串 returnUrl){if (ModelState.IsValid && WebSecurity.Login(model.UserName, model.Password, persistCookie: model.RememberMe)){返回重定向到本地(returnUrl);}//如果我们到了这一步,有些事情失败了,重新显示表单ModelState.AddModelError("", "提供的用户名或密码不正确.");返回视图(模型);}我已经用 VS 2010 源代码中的等效代码替换了此代码,但这也失败了(使用现已弃用的 FormsAuthentication.Authenticate 函数).
我的问题是:是否有人将 MVC3 移植到 MVC4 应用程序并找到了解决此问题的方法?我正在使用 IIS Express,所以我想这可能会导致一些问题,但如果您有任何想法,我将不胜感激.
我从我的工作 asp.net 4/MVC3 应用程序中复制了我的配置,如下所示,但没有运气(这是相关部分):
<add name="DefaultConnection" connectionString="Data Source=tcp:sql2k1201.dbprovider.net;Initial Catalog=SQL2012_db;User ID=SQL2012_db_user;Password=dbpassword;"providerName="System.Data.SqlClient"/></connectionStrings><system.web><编译调试="true" targetFramework="4.5"/><httpRuntime targetFramework="4.5"/><认证模式=表单"><forms loginUrl="~/Account/Login" timeout="2880"/></认证><会员资格><提供者><清除/><add name="AspNetSqlMembershipProvider" type="System.Web.Security.SqlMembershipProvider" connectionStringName="DefaultConnection"enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" requiresUniqueEmail="false"maxInvalidPasswordAttempts="5" minRequiredPasswordLength="6" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10"applicationName="/"/></提供者></会员资格><个人资料><提供者><清除/><add name="AspNetSqlProfileProvider" type="System.Web.Profile.SqlProfileProvider" connectionStringName="DefaultConnection" applicationName="/"/></提供者></个人资料><roleManager enabled="true"><提供者><清除/><add name="AspNetSqlRoleProvider" type="System.Web.Security.SqlRoleProvider" connectionStringName="DefaultConnection" applicationName="/"/></提供者></roleManager> 这里的问题是默认的 mvc4 Internet 模板使用 SimpleMembership 来管理成员资格/角色信息.模板中的代码对此有假设,并且只能使用 simplemembership.当您安装通用提供程序时,帐户控制器代码会爆炸,因为它无法理解通用提供程序.看看这篇文章,它进一步解释了这个场景 http://weblogs.asp.net/jgalloway/archive/2012/08/29/simplemembership-membership-providers-universal-providers-and-the-new-asp-net-4-5-web-forms-and-asp-net-mvc-4-templates.aspx>
I've just downoaded a VS 2012 along with ASP.NET 4.5 and MVC 4.0 and was kicking the tires with a sample app and found that the forms authentication that works perfectly with ASP.NET 4.0/MVC 3 no longer seems to work with the latest release.
When I make a call to the Login function in the action controller, the WebSecurity.Login call fails:
public ActionResult Login(LoginModel model, string returnUrl)
{
if (ModelState.IsValid && WebSecurity.Login(model.UserName, model.Password, persistCookie: model.RememberMe))
{
return RedirectToLocal(returnUrl);
}
// If we got this far, something failed, redisplay form
ModelState.AddModelError("", "The user name or password provided is incorrect.");
return View(model);
}
I've replaced this code with the equivalent in my VS 2010 source, and that also fails (using the now deprecated FormsAuthentication.Authenticate function).
My question is: Has anybody ported a MVC3 to MVC4 app and found a workaround to this issue? I'm using IIS Express, so I guess that may be causing some problem somehow, but if you have any ideas, I'd appreciate it.
I copied my configuration from my working asp.net 4/MVC3 app as follows, but no luck (here's the relevant parts):
<connectionStrings>
<add name="DefaultConnection" connectionString="Data Source=tcp:sql2k1201.dbprovider.net;Initial Catalog=SQL2012_db;User ID=SQL2012_db_user;Password=dbpassword;" providerName="System.Data.SqlClient" />
</connectionStrings>
<system.web>
<compilation debug="true" targetFramework="4.5" />
<httpRuntime targetFramework="4.5" />
<authentication mode="Forms">
<forms loginUrl="~/Account/Login" timeout="2880"/>
</authentication>
<membership>
<providers>
<clear/>
<add name="AspNetSqlMembershipProvider" type="System.Web.Security.SqlMembershipProvider" connectionStringName="DefaultConnection"
enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" requiresUniqueEmail="false"
maxInvalidPasswordAttempts="5" minRequiredPasswordLength="6" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10"
applicationName="/" />
</providers>
</membership>
<profile>
<providers>
<clear/>
<add name="AspNetSqlProfileProvider" type="System.Web.Profile.SqlProfileProvider" connectionStringName="DefaultConnection" applicationName="/" />
</providers>
</profile>
<roleManager enabled="true">
<providers>
<clear/>
<add name="AspNetSqlRoleProvider" type="System.Web.Security.SqlRoleProvider" connectionStringName="DefaultConnection" applicationName="/" />
</providers>
</roleManager>
The issue here is that the default mvc4 internet template is using SimpleMembership to manage membership/roles information. The code in the template has assumption of this and can only work with simplemembership. When you install universal providers the account controller code blows up since it cannot understand universal providers. Look at this post which explains further on this scenario http://weblogs.asp.net/jgalloway/archive/2012/08/29/simplemembership-membership-providers-universal-providers-and-the-new-asp-net-4-5-web-forms-and-asp-net-mvc-4-templates.aspx
这篇关于升级到 ASP.NET 4.5/MVC 4 表单身份验证失败的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
