Wrox Programmer Forums
|
BOOK: ASP.NET 2.0 Website Programming Problem Design Solution ISBN: 978-0-7645-8464-0
This is the forum to discuss the Wrox book ASP.NET 2.0 Website Programming: Problem - Design - Solution by Marco Bellinaso; ISBN: 9780764584640
Welcome to the p2p.wrox.com Forums.

You are currently viewing the BOOK: ASP.NET 2.0 Website Programming Problem Design Solution ISBN: 978-0-7645-8464-0 section of the Wrox Programmer to Programmer discussions. This is a community of software programmers and website developers including Wrox book authors and readers. New member registration was closed in 2019. New posts were shut off and the site was archived into this static format as of October 1, 2020. If you require technical support for a Wrox book please contact http://hub.wiley.com
 
Old December 23rd, 2006, 10:00 AM
Registered User
 
Join Date: Dec 2006
Posts: 2
Thanks: 0
Thanked 0 Times in 0 Posts
Default Custom Membership Provider and Medium Trust level

Hi all
I deployed my website (TheBeerHouse Website) to the shared host enviroment
I have a database account named 'monila_monilaDBLogin' with full access on my database.I have no access to dbo account so i downloaded the open source of Membership provider from
http://download.microsoft.com/downlo...kitSamples.msi
and i replaced all of the 'dbo' to 'monila_monilaDBLogin' then i compile the project and use that dll in my website like:

<membership defaultProvider="ELearningCenter_MembershipProvide r">
            <providers>
                <add connectionStringName="ELearningCenterConnectionStr ing"
                     applicationName="/"
                    enablePasswordRetrieval="true" enablePasswordReset="true"
                    requiresQuestionAndAnswer="false" requiresUniqueEmail="true"
                    passwordFormat="Encrypted" maxInvalidPasswordAttempts="5"
                    passwordAttemptWindow="10" minRequiredPasswordLength="5"
                    minRequiredNonalphanumericCharacters="0"
                    name="ELearningCenter_MembershipProvider" type="Microsoft.Samples.SqlMembershipProvider,Prov iderToolkitSampleProviders,Version=1.0.0.0, Culture=neutral, PublicKeyToken=null" />
            </providers>
     </membership>
     <roleManager defaultProvider="ELearningCenter_RoleProvider" enabled="true" cacheRolesInCookie="true" cookieName="ELearningCenterRoles">
            <providers>
                <add connectionStringName="ELearningCenterConnectionStr ing" applicationName="/"
                    name="ELearningCenter_RoleProvider" type="Microsoft.Samples.SqlRoleProvider,ProviderTo olkitSampleProviders,Version=1.0.0.0, Culture=neutral, PublicKeyToken=null" />
            </providers>
        </roleManager>
        <profile defaultProvider="ELearningCenter_ProfileProvider">
         <providers>
            <add name="ELearningCenter_ProfileProvider"
             connectionStringName="ELearningCenterConnect ionString"
             applicationName="/" type="Microsoft.Samples.SqlProfileProvider,Pro viderToolkitSampleProviders,Version=1.0.0.0, Culture=neutral, PublicKeyToken=null" />
         </providers>
         <properties>
            <add name="FirstName" type="String"/>
            <add name="LastName" type="String"/>
            <add name="Website" type="String"/>
            <group name="Preferences">
             <add name="Theme" type="String"/>
             <add name="Newsletter" type="Newsletters.BusinessLogicLayer.SubscriptionT ype"/>
            </group>
            <group name="Forum">
             <add name="Posts" type="Int32" />
             <add name="AvatarUrl" type="String" />
             <add name="Signature" type="String" />
            </group>
         </properties>
        </profile>

ok! what is problem? Membership is work fine but when i want get users profile or write users profile , Security Exception occured! this is the detail of error:
'---------------------------------------------------------------------------------------
Security Exception
Description: The application attempted to perform an operation not allowed by the security policy. To grant this application the required permission please contact your system administrator or change the application's trust level in the configuration file.

Exception Details: System.Security.SecurityException: Request for the permission of type 'System.Security.Permissions.SecurityPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.

Source Error:

[No relevant source lines]


Source File: App_Code.0a3uskaz.5.cs Line: 81

Stack Trace:

[SecurityException: Request for the permission of type 'System.Security.Permissions.SecurityPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.]
Microsoft.Samples.SqlProfileProvider.ParseDa taFromDB(String[] names, String values, Byte[] buf, SettingsPropertyValueCollection properties) in SqlProfileProvider.cs:532
Microsoft.Samples.SqlProfileProvider.GetProp ertyValuesFromDatabase(String userName, SettingsPropertyValueCollection svc) in SqlProfileProvider.cs:203
Microsoft.Samples.SqlProfileProvider.GetProp ertyValues(SettingsContext sc, SettingsPropertyCollection properties) in SqlProfileProvider.cs:146
System.Configuration.SettingsBase.GetPropert iesFromProvider(SettingsProvider provider) +410
System.Configuration.SettingsBase.GetPropert yValueByName(String propertyName) +117
System.Configuration.SettingsBase.get_Item(S tring propertyName) +89
System.Web.Profile.ProfileBase.GetInternal(S tring propertyName) +36
System.Web.Profile.ProfileBase.get_Item(Stri ng propertyName) +68
System.Web.Profile.ProfileBase.GetPropertyVa lue(String propertyName) +4
ProfileCommon.get_FirstName() in App_Code.0a3uskaz.5.cs:81
MA.ELearningCenter.UI.UserControls.UserProfi le.Page_Load(Object sender, EventArgs e) in f:\hshome\monila\monila.ir\UserControls\UserProfil e.ascx.cs:40
System.Web.Util.CalliHelper.EventArgFunction Caller(IntPtr fp, Object o, Object t, EventArgs e) +15
System.Web.Util.CalliEventHandlerDelegatePro xy.Callback(Object sender, EventArgs e) +34
System.Web.UI.Control.OnLoad(EventArgs e) +99
System.Web.UI.Control.LoadRecursive() +47
System.Web.UI.Control.LoadRecursive() +131
System.Web.UI.Control.LoadRecursive() +131
System.Web.UI.Control.LoadRecursive() +131
System.Web.UI.Control.LoadRecursive() +131
System.Web.UI.Page.ProcessRequestMain(Boolea n includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +6953
System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +154
System.Web.UI.Page.ProcessRequest() +86
System.Web.UI.Page.ProcessRequestWithNoAsser t(HttpContext context) +18
System.Web.UI.Page.ProcessRequest(HttpContex t context) +49
ASP.admin_accounts_edituser_aspx.ProcessRequ est(HttpContext context) in App_Web_wkzlxkry.2.cs:0
System.Web.CallHandlerExecutionStep.System.W eb.HttpApplication.IExecutionStep.Execute() +154
System.Web.HttpApplication.ExecuteStep(IExec utionStep step, Boolean& completedSynchronously) +64
'---------------------------------------------------------------------------------------
windows server's host only accept "Medium Trust Level".In my pc when i add
<trust level="Medium" />
in web.config and i use default membership provider in System.Web.dll and database login 'dbo', all work fine!

any idea???
i confused!
please help me!


A king,in my own mind
 
Old December 24th, 2006, 01:36 AM
Friend of Wrox
 
Join Date: Jun 2003
Posts: 917
Thanks: 0
Thanked 0 Times in 0 Posts
Default

>I have no access to dbo account so i downloaded the open source of Membership provider from...

This must have been a misunderstanding. DBO is a role, not one particular user account. You can specify your own account in your connection string. If you have a shared hosting database, then you're certainly in the DBO role. After all, it is your database, right? The DBO role just designates who is allowed to make changes to everything in that database (including the security grants). This does not give you any access to the server itself, or to anyone else's database.

Only experts should attempt to do anything with the MS provider examples. You can get into trouble if you don't completely understand what you're doing with them.

Medium trust is just a less priviledged way of running a web site. The owner of the server is preventing you from doing certain types of "risky" behavior. You can do a search here for other messages relating to medium trust.

Eric

 
Old December 24th, 2006, 02:44 AM
Authorized User
 
Join Date: May 2006
Posts: 99
Thanks: 0
Thanked 1 Time in 1 Post
Default

That's not entirely true Eric. I had a dispute with an ISP (shared hosting) who insisted that I use another role other than DBO because they were afraid that I would overstep my bounds on the SQL server. Right or wrong, I had to rewrite hundreds of shared procedures simply to specify that the DBO wasn't the owner. I was PO'd enough about it that I canceled my accounts with them.

As another point of reference, if you try to convert the first version of the book to ASP 2.0 ("The Phile website") it won't work under medium trust. ASP 2.0 chokes on the membership class.

I now have 3 clients on another ISP that gives full trust and has SQL Server 2005.

 
Old December 24th, 2006, 11:11 AM
Registered User
 
Join Date: Dec 2006
Posts: 2
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Quote:
quote:Originally posted by englere
 >I have no access to dbo account so i downloaded the open source of Membership provider from...

This must have been a misunderstanding. DBO is a role, not one particular user account. You can specify your own account in your connection string. If you have a shared hosting database, then you're certainly in the DBO role. After all, it is your database, right? The DBO role just designates who is allowed to make changes to everything in that database (including the security grants). This does not give you any access to the server itself, or to anyone else's database.

Only experts should attempt to do anything with the MS provider examples. You can get into trouble if you don't completely understand what you're doing with them.

Medium trust is just a less priviledged way of running a web site. The owner of the server is preventing you from doing certain types of "risky" behavior. You can do a search here for other messages relating to medium trust.

Eric

hi
in shared host all database object should had this signature:
myDatabaseOwner.ObjectName ( like monila_dbLogin.aspnet_Users )
so if i create stored procedure like 'dbo.aspnet_CheckSchemaVersion' and execute it an error occured :

"EXECUTE permission denied on object 'aspnet_CheckSchemaVersion', database 'monila_monilaDB', owner 'dbo'."

so i download membership source code from microsoft and replcae all dbo to monila_dblogin.

A king,in my own mind





Similar Threads
Thread Thread Starter Forum Replies Last Post
Custom Membership Provider Scott663 BOOK: ASP.NET 2.0 Website Programming Problem Design Solution ISBN: 978-0-7645-8464-0 4 August 1st, 2008 05:16 PM
Membership not working in Medium Trust stoverje BOOK: Beginning ASP.NET 2.0 BOOK VB ISBN: 978-0-7645-8850-1; C# ISBN: 978-0-470-04258-8 0 July 5th, 2008 10:43 AM
Custom Membership Provider kulkarnimonica ASP.NET 2.0 Professional 0 June 21st, 2007 03:56 PM
Issue with custom membership provider cacaldo ASP.NET 2.0 Professional 1 October 7th, 2006 03:05 AM
custom membership provider msrnivas General .NET 1 September 18th, 2005 04:28 AM





Powered by vBulletin®
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.
Copyright (c) 2020 John Wiley & Sons, Inc.