ASP.NET MVC4 Forms Authentication - how can I tell which database my app is looking to when authenticating users?

Question

I hope that the answer to this is as straight forward as I think it is. I just wanted to be sure. So, I have an ASP.NET MVC4 app that uses Forms authentication. I have a database hosted by Arvixe that contains the aspnet_ membership tables. This is the database I have specified in my connection string in my web.config. So, when I hit the Login.cshtml page of my app, and I put my credentials in, is it authenticating against the data in the database I specified in the web.config?

What brings this question on is I set up a user in my database by way of MyWSAT (a third party Web Site Administration Tool that allows managing of user accounts, roles, etc.). I've confirmed that the user is now added in the aspnet_Membership and aspnet_User tables (as well as any other tables). But, when I try to log in using these credentials from my app, it fails on Membership.ValidateUser in my AccountController. It comes back saying Invalid Username/Password. Any ideas on what I might be doing wrong?

Here's my membership provider:

<membership defaultProvider="SqlMembershipProvider" userIsOnlineTimeWindow="15">
  <providers>
    <add
      name="SqlMembershipProvider"
      type="System.Web.Security.SqlMembershipProvider"
      connectionStringName="DefaultConnection"
      applicationName="/"
      enablePasswordRetrieval="true"
      enablePasswordReset="true"
      maxInvalidPasswordAttempts="5"
      requiresQuestionAndAnswer="true"
      requiresUniqueEmail="true"
      passwordFormat="Encrypted" />
  </providers>
</membership>

Have you considered adding a `` tag to ensure this provider specification is the only one in use? — David Tansey, Apr 05 '13 at 16:23

score 1 · Answer 1 · answered Apr 05 '13 at 16:22

Do you see "connectionStringName" below? This names the connection string it uses. So look at your web.config and find the connection string called "DefaultConnection" and make sure it points to the correct database or change the connectionStringName to point to the correct connection string.

<membership defaultProvider="SqlMembershipProvider" userIsOnlineTimeWindow="15">
  <providers>
    <add
      name="SqlMembershipProvider"
      type="System.Web.Security.SqlMembershipProvider"
      connectionStringName="DefaultConnection"
      applicationName="/"
      enablePasswordRetrieval="true"
      enablePasswordReset="true"
      maxInvalidPasswordAttempts="5"
      requiresQuestionAndAnswer="true"
      requiresUniqueEmail="true"
      passwordFormat="Encrypted" />
  </providers>
</membership>

Yep, I'm aware... that's what I was 99% sure of, but I just wanted some reassurance. Now, the question still exists, why isn't my app liking my credentials? — Mike Marks, Apr 05 '13 at 16:24
Do you have something like this in you code? if(Membership.ValidateUser(username, password)). Can you put a break point in this line and step in? — Flavia, Apr 05 '13 at 16:34

score 1 · Accepted Answer · answered Apr 05 '13 at 16:33

1

The problem was that my application name needed to be "MyCMS" instead of just blank. When I set up the user account from the MyWSAT tool, I initially set the admin account up under the WSAT tool within the MyWSAT project (the ASP.NET Configuration website), and the application name associated with this was MyCMS.

answered Apr 05 '13 at 16:33

Mike Marks

10,017
17
69
128

The following blog post [**problem with link** -- see _ScottGu_ 'always set the applicationName' blog post] describes this problem and some ways of looking at the database tables to see the symptoms. – David Tansey Apr 05 '13 at 16:38

ASP.NET MVC4 Forms Authentication - how can I tell which database my app is looking to when authenticating users?

2 Answers2