Wrox Programmer Forums

Need to download code?

View our list of code downloads.

| FAQ | Members List | Search | Today's Posts | Mark Forums Read
BOOK: ASP.NET 2.0 Website Programming Problem Design Solution ISBN: 978-0-7645-8464-0
This is the forum to discuss the Wrox book ASP.NET 2.0 Website Programming: Problem - Design - Solution by Marco Bellinaso; ISBN: 9780764584640
Welcome to the p2p.wrox.com Forums.

You are currently viewing the BOOK: ASP.NET 2.0 Website Programming Problem Design Solution ISBN: 978-0-7645-8464-0 section of the Wrox Programmer to Programmer discussions. This is a community of tens of thousands of software programmers and website developers including Wrox book authors and readers. As a guest, you can read any forum posting. By joining today you can post your own programming questions, respond to other developers’ questions, and eliminate the ads that are displayed to guests. Registration is fast, simple and absolutely free .
DRM-free e-books 300x50
 
 
Thread Tools Search this Thread Display Modes
  #1 (permalink)  
Old December 23rd, 2006, 10:00 AM
Registered User
 
Join Date: Dec 2006
Location: , , .
Posts: 2
Thanks: 0
Thanked 0 Times in 0 Posts
Default Custom Membership Provider and Medium Trust level

Hi all
I deployed my website (TheBeerHouse Website) to the shared host enviroment
I have a database account named 'monila_monilaDBLogin' with full access on my database.I have no access to dbo account so i downloaded the open source of Membership provider from
http://download.microsoft.com/downlo...kitSamples.msi
and i replaced all of the 'dbo' to 'monila_monilaDBLogin' then i compile the project and use that dll in my website like:

<membership defaultProvider="ELearningCenter_MembershipProvide r">
            <providers>
                <add connectionStringName="ELearningCenterConnectionStr ing"
                     applicationName="/"
                    enablePasswordRetrieval="true" enablePasswordReset="true"
                    requiresQuestionAndAnswer="false" requiresUniqueEmail="true"
                    passwordFormat="Encrypted" maxInvalidPasswordAttempts="5"
                    passwordAttemptWindow="10" minRequiredPasswordLength="5"
                    minRequiredNonalphanumericCharacters="0"
                    name="ELearningCenter_MembershipProvider" type="Microsoft.Samples.SqlMembershipProvider,Prov iderToolkitSampleProviders,Version=1.0.0.0, Culture=neutral, PublicKeyToken=null" />
            </providers>
     </membership>
     <roleManager defaultProvider="ELearningCenter_RoleProvider" enabled="true" cacheRolesInCookie="true" cookieName="ELearningCenterRoles">
            <providers>
                <add connectionStringName="ELearningCenterConnectionStr ing" applicationName="/"
                    name="ELearningCenter_RoleProvider" type="Microsoft.Samples.SqlRoleProvider,ProviderTo olkitSampleProviders,Version=1.0.0.0, Culture=neutral, PublicKeyToken=null" />
            </providers>
        </roleManager>
        <profile defaultProvider="ELearningCenter_ProfileProvider">
         <providers>
            <add name="ELearningCenter_ProfileProvider"
             connectionStringName="ELearningCenterConnect ionString"
             applicationName="/" type="Microsoft.Samples.SqlProfileProvider,Pro viderToolkitSampleProviders,Version=1.0.0.0, Culture=neutral, PublicKeyToken=null" />
         </providers>
         <properties>
            <add name="FirstName" type="String"/>
            <add name="LastName" type="String"/>
            <add name="Website" type="String"/>
            <group name="Preferences">
             <add name="Theme" type="String"/>
             <add name="Newsletter" type="Newsletters.BusinessLogicLayer.SubscriptionT ype"/>
            </group>
            <group name="Forum">
             <add name="Posts" type="Int32" />
             <add name="AvatarUrl" type="String" />
             <add name="Signature" type="String" />
            </group>
         </properties>
        </profile>

ok! what is problem? Membership is work fine but when i want get users profile or write users profile , Security Exception occured! this is the detail of error:
'---------------------------------------------------------------------------------------
Security Exception
Description: The application attempted to perform an operation not allowed by the security policy. To grant this application the required permission please contact your system administrator or change the application's trust level in the configuration file.

Exception Details: System.Security.SecurityException: Request for the permission of type 'System.Security.Permissions.SecurityPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.

Source Error:

[No relevant source lines]


Source File: App_Code.0a3uskaz.5.cs Line: 81

Stack Trace:

[SecurityException: Request for the permission of type 'System.Security.Permissions.SecurityPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.]
Microsoft.Samples.SqlProfileProvider.ParseDa taFromDB(String[] names, String values, Byte[] buf, SettingsPropertyValueCollection properties) in SqlProfileProvider.cs:532
Microsoft.Samples.SqlProfileProvider.GetProp ertyValuesFromDatabase(String userName, SettingsPropertyValueCollection svc) in SqlProfileProvider.cs:203
Microsoft.Samples.SqlProfileProvider.GetProp ertyValues(SettingsContext sc, SettingsPropertyCollection properties) in SqlProfileProvider.cs:146
System.Configuration.SettingsBase.GetPropert iesFromProvider(SettingsProvider provider) +410
System.Configuration.SettingsBase.GetPropert yValueByName(String propertyName) +117
System.Configuration.SettingsBase.get_Item(S tring propertyName) +89
System.Web.Profile.ProfileBase.GetInternal(S tring propertyName) +36
System.Web.Profile.ProfileBase.get_Item(Stri ng propertyName) +68
System.Web.Profile.ProfileBase.GetPropertyVa lue(String propertyName) +4
ProfileCommon.get_FirstName() in App_Code.0a3uskaz.5.cs:81
MA.ELearningCenter.UI.UserControls.UserProfi le.Page_Load(Object sender, EventArgs e) in f:\hshome\monila\monila.ir\UserControls\UserProfil e.ascx.cs:40
System.Web.Util.CalliHelper.EventArgFunction Caller(IntPtr fp, Object o, Object t, EventArgs e) +15
System.Web.Util.CalliEventHandlerDelegatePro xy.Callback(Object sender, EventArgs e) +34
System.Web.UI.Control.OnLoad(EventArgs e) +99
System.Web.UI.Control.LoadRecursive() +47
System.Web.UI.Control.LoadRecursive() +131
System.Web.UI.Control.LoadRecursive() +131
System.Web.UI.Control.LoadRecursive() +131
System.Web.UI.Control.LoadRecursive() +131
System.Web.UI.Page.ProcessRequestMain(Boolea n includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +6953
System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +154
System.Web.UI.Page.ProcessRequest() +86
System.Web.UI.Page.ProcessRequestWithNoAsser t(HttpContext context) +18
System.Web.UI.Page.ProcessRequest(HttpContex t context) +49
ASP.admin_accounts_edituser_aspx.ProcessRequ est(HttpContext context) in App_Web_wkzlxkry.2.cs:0
System.Web.CallHandlerExecutionStep.System.W eb.HttpApplication.IExecutionStep.Execute() +154
System.Web.HttpApplication.ExecuteStep(IExec utionStep step, Boolean& completedSynchronously) +64
'---------------------------------------------------------------------------------------
windows server's host only accept "Medium Trust Level".In my pc when i add
<trust level="Medium" />
in web.config and i use default membership provider in System.Web.dll and database login 'dbo', all work fine!

any idea???
i confused!
please help me!


A king,in my own mind
  #2 (permalink)  
Old December 24th, 2006, 01:36 AM
Friend of Wrox
 
Join Date: Jun 2003
Location: Atlanta, Georgia, USA.
Posts: 917
Thanks: 0
Thanked 0 Times in 0 Posts
Default

>I have no access to dbo account so i downloaded the open source of Membership provider from...

This must have been a misunderstanding. DBO is a role, not one particular user account. You can specify your own account in your connection string. If you have a shared hosting database, then you're certainly in the DBO role. After all, it is your database, right? The DBO role just designates who is allowed to make changes to everything in that database (including the security grants). This does not give you any access to the server itself, or to anyone else's database.

Only experts should attempt to do anything with the MS provider examples. You can get into trouble if you don't completely understand what you're doing with them.

Medium trust is just a less priviledged way of running a web site. The owner of the server is preventing you from doing certain types of "risky" behavior. You can do a search here for other messages relating to medium trust.

Eric

  #3 (permalink)  
Old December 24th, 2006, 02:44 AM
Authorized User
 
Join Date: May 2006
Location: , , .
Posts: 99
Thanks: 0
Thanked 1 Time in 1 Post
Default

That's not entirely true Eric. I had a dispute with an ISP (shared hosting) who insisted that I use another role other than DBO because they were afraid that I would overstep my bounds on the SQL server. Right or wrong, I had to rewrite hundreds of shared procedures simply to specify that the DBO wasn't the owner. I was PO'd enough about it that I canceled my accounts with them.

As another point of reference, if you try to convert the first version of the book to ASP 2.0 ("The Phile website") it won't work under medium trust. ASP 2.0 chokes on the membership class.

I now have 3 clients on another ISP that gives full trust and has SQL Server 2005.

  #4 (permalink)  
Old December 24th, 2006, 11:11 AM
Registered User
 
Join Date: Dec 2006
Location: , , .
Posts: 2
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Quote:
quote:Originally posted by englere
 >I have no access to dbo account so i downloaded the open source of Membership provider from...

This must have been a misunderstanding. DBO is a role, not one particular user account. You can specify your own account in your connection string. If you have a shared hosting database, then you're certainly in the DBO role. After all, it is your database, right? The DBO role just designates who is allowed to make changes to everything in that database (including the security grants). This does not give you any access to the server itself, or to anyone else's database.

Only experts should attempt to do anything with the MS provider examples. You can get into trouble if you don't completely understand what you're doing with them.

Medium trust is just a less priviledged way of running a web site. The owner of the server is preventing you from doing certain types of "risky" behavior. You can do a search here for other messages relating to medium trust.

Eric

hi
in shared host all database object should had this signature:
myDatabaseOwner.ObjectName ( like monila_dbLogin.aspnet_Users )
so if i create stored procedure like 'dbo.aspnet_CheckSchemaVersion' and execute it an error occured :

"EXECUTE permission denied on object 'aspnet_CheckSchemaVersion', database 'monila_monilaDB', owner 'dbo'."

so i download membership source code from microsoft and replcae all dbo to monila_dblogin.

A king,in my own mind
 


Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Custom Membership Provider Scott663 BOOK: ASP.NET 2.0 Website Programming Problem Design Solution ISBN: 978-0-7645-8464-0 4 August 1st, 2008 05:16 PM
Membership not working in Medium Trust stoverje BOOK: Beginning ASP.NET 2.0 BOOK VB ISBN: 978-0-7645-8850-1; C# ISBN: 978-0-470-04258-8 0 July 5th, 2008 10:43 AM
Custom Membership Provider kulkarnimonica ASP.NET 2.0 Professional 0 June 21st, 2007 03:56 PM
Issue with custom membership provider cacaldo ASP.NET 2.0 Professional 1 October 7th, 2006 03:05 AM
custom membership provider msrnivas General .NET 1 September 18th, 2005 04:28 AM



All times are GMT -4. The time now is 10:11 PM.


Powered by vBulletin®
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.
© 2013 John Wiley & Sons, Inc.