Membership.ValidateUser始终在IIS上返回false [英] Membership.ValidateUser always return false on IIS

问题描述

Membership.ValidateUser方法适用于开发服务器（iis express和cassini）。
但是在我的IIS上（它作为我的开发机器上的应用程序发布）它总是返回 false 。

Membership.ValidateUser methods works on development server both(iis express and cassini). But on my IIS (its publishing as an application on my development machine) It always return false.

即使用户已获批准，也未锁定且用户名和密码正确无误。没有跟踪错误。 ？

Even user is approved,not locked and username and password are correct. There is no trace error. ?

http请求1：
davutg-pc： 6423 / BpmService / Login？userName = abc& password = 0035

http request 1: davutg-pc:6423/BpmService/Login?userName=abc&password=0035

结果1：
<布尔值> true < / boolean>

result 1: < boolean >true< /boolean >

http请求2： davutg-pc / BPM / BpmService /登录？userName = abc& password = 0035

http request 2: davutg-pc/BPM/BpmService/Login?userName=abc&password=0035

结果2：<布尔值> 错误< / boolean>

result 2 :< boolean > false < /boolean >

这是我的设置

<roleManager enabled="true" defaultProvider="MySQLRoleProvider"/>

<machineKey validationKey="E8B40EEA5A8EFC6F...key" decryptionKey="385..." validation="SHA1" />

<membership defaultProvider="MySQLMembershipProvider"  hashAlgorithmType="SHA1">
  <providers>
    <remove name="MySQLMembershipProvider"  />
    <add type="MySql.Web.Security.MySQLMembershipProvider, MySql.Web, Version=6.5.5.0, Culture=neutral, 
         PublicKeyToken=c5687fc88969c44d"
         name="MySQLMembershipProvider"
         connectionStringName="LocalMySqlServer"
         minRequiredPasswordLength="3"
         minRequiredNonalphanumericCharacters="0"
         requiresUniqueEmail="false"
         requiresQuestionAndAnswer="false"
         passwordFormat="Encrypted"/>

我比较的machine.configs与Framework 64和Framework相同。

I compared machine.configs are the same Framework 64 and Framework.

它适用于开发服务器，但在IIS上总是返回false。我可以使用IIS查询不同的服务而没有这样的问题。

It works on development server but on IIS always return false. I can query different services with IIS and no such problem.

另外：
当我为开发服务器输入错误的密码FailedPasswordAttemptCount增加。
但不会因IIS而改变。 IIS出了什么问题。我只是致电Membership.ValidateUser（用户，通行证）

IN ADDITION: When I enter wrong password "FailedPasswordAttemptCount" increased for development server. But it doesn't change for IIS. What's going wrong with IIS. I just call Membership.ValidateUser(user,pass)

任何建议都将不胜感激！

Any suggestion will be appreciated !

推荐答案

解决了！希望这会节省一些人的时间。

Solved! Hope this will save someone's time.

问题在于应用程序名称。

主持人：港口/服务

主机/ BPM /服务

注意： BPM是您在IIS上提供的应用程序名称。

note:BPM is applicaton name you give it on IIS.

成员资格加密算法使用ApplicatonName。当我设置应用程序时，我使用BPM作为应用程序名称。在开发服务器上，name返回/。但它在IIS上的BPM！

Membership encryption algorithm uses "ApplicatonName". When I setup applicaton I used BPM as application name. on development server the "name" return "/". But its "BPM" on IIS !

我所有的旧密码都是用/appliacion名称生成的。所以始终提供应用程序名称。阅读文章。

All my old passwords was generated with "/" appliacion name. So always provide an application Name. Read this article from Scott-Gu 's blog.

    public bool Login(string userName,string password)
    {
        var provider = Membership.Provider;
        string name = provider.ApplicationName;

        return Membership.ValidateUser(userName, password);
    }

//错误的一个

      <membership>
        <providers>
            <clear/>
            <add name="AspNetSqlMembershipProvider"
                type="System...bla bla"
                connectionStringName="LocalSqlServer"
                enablePasswordRetrieval="false"
                enablePasswordReset="true"
                requiresQuestionAndAnswer="true"
                requiresUniqueEmail="false"
                passwordFormat="Hashed"
                maxInvalidPasswordAttempts="5"
                minRequiredPasswordLength="7"
                minRequiredNonalphanumericCharacters="1"
                passwordAttemptWindow="10"
                passwordStrengthRegularExpression=""
                applicationName="/" //Wrong
            />
         </providers>
    </membership>

//正确一个

          <membership>
                <providers>
                <clear/>
            <add name="AspNetSqlMembershipProvider"
                type="System.Web.Security.S.. bla bla"
                connectionStringName="LocalSqlServer"
                enablePasswordRetrieval="false"
                enablePasswordReset="true"
                requiresQuestionAndAnswer="true"
                requiresUniqueEmail="false"
                passwordFormat="Hashed"
                maxInvalidPasswordAttempts="5"
                minRequiredPasswordLength="7"
                minRequiredNonalphanumericCharacters="1"
                passwordAttemptWindow="10"
                passwordStrengthRegularExpression=""
                applicationName="MyAPPNAME" //Well :)
            />
         </providers>
    </membership>

这篇关于Membership.ValidateUser始终在IIS上返回false的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！