Menu
I am using MVC3 and have put the user authentication in the web.config file. This is to bypass sqlserver authentication.
code as below in web.config:
<authentication mode="Forms">
<forms loginUrl="~/Account/LogOn" timeout="2880" >
<credentials passwordFormat="Clear">
<user name="test123" password="test123" />
</credentials>
</forms>
</authentication>
I tried login with the mentioned user id and password, I am getting error in the page as
Login was unsuccessful. Please correct the errors and try again.
* The user name or password provided is incorrect.
when I debug into the AccountController.cs file, failing at the MembershipService.ValidateUser(model.UserName, model.Password) method.
215
Form Authentication is a token-based system. When users log in, they receive a token with user information that is stored in an encrypted cookie. When a user requests an ASP.NET page via the browser, the ASP.NET verifies whether the form authentication token is available.
To configure forms authentication by using the UIOpen IIS Manager and navigate to the level you want to manage. In Features View, double-click Authentication. On the Authentication page, select Forms Authentication. In the Actions pane, click Enable to use Forms authentication with the default settings.
Form-based authentication allows the developer to control the look and feel of the login authentication screens by customizing the login screen and error pages that an HTTP browser presents to the end user.
If you examine standard ASP.NET MVC 3 AccountController.cs and AccountModels.cs files you'll learn what MembershipProvider.ValidateUser method is used internally (via Membership.Provider). If you want to store password in web.config you should use FormsAuthentication.Authenticate method instead.
For example:
public class AuthorizationController : Controller
{
public ActionResult LogOn()
{
return View("LogOn");
}
[AcceptVerbs(HttpVerbs.Post)]
public ActionResult LogOn(string userName, string password,
bool rememberMe, string returnUrl)
{
if (!ValidateLogOn(userName, password))
return View("LogOn");
FormsAuthentication.SetAuthCookie(userName, rememberMe);
if (!string.IsNullOrEmpty(returnUrl))
return Redirect(returnUrl);
else
return RedirectToAction("Index", "News");
}
private bool ValidateLogOn(string userName, string password)
{
if (string.IsNullOrEmpty(userName))
ModelState.AddModelError("username", "User name required");
if (string.IsNullOrEmpty(password))
ModelState.AddModelError("password", "Password required");
if (ModelState.IsValid && !FormsAuthentication.
Authenticate(userName, password))
ModelState.AddModelError("_FORM", "Wrong user name or password");
return ModelState.IsValid;
}
public RedirectToRouteResult LogOff()
{
FormsAuthentication.SignOut();
return RedirectToAction("LogOn");
}
}
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
