Forms authentication: how do you store username password in web.config?

Question

I'm used to using Forms Authentication with a database, but I'm writing a little internal utility and the app doesn't have a database so I want to store the username and password in web.config. However for some reason, forms authentication is still trying to access SQL Server and I can't see how to stop it doing this and pick up the credentials from web.config. What am I doing wrong? I just get the error "Failed to generate a user instance of SQL Server due to a failure in impersonating the client. The connection will be closed."

Here are the relevant sections of my web.config:

<configuration>
    <system.web>
        <authentication mode="Forms">
            <forms loginUrl="~/Login.aspx" timeout="60" name=".LoginCookie" path="/"  >
                <credentials passwordFormat="Clear">
                    <user name="user1" password="[pass]" />
                    <user name="user2" password="[pass]" />
                </credentials>
            </forms>
        </authentication>
        <authorization>
            <deny users="?" />
        </authorization>
    </system.web>
</configuration>

[Encrypt and store password in web.config file](http://stackoverflow.com/questions/7356537/encrypt-and-store-password-in-web-config-file) — huMpty duMpty, Nov 20 '12 at 11:06

score 3 · Accepted Answer · edited May 23 '17 at 12:27

3

The default MembershipProvider is the SqlMembershipProvider, which will try to use a SqlServer database.

Check out this similar question.

edited May 23 '17 at 12:27

Community

1
1

answered Nov 20 '12 at 10:57

Andy McCluggage

37,618
18
59
69

Forms authentication: how do you store username password in web.config?

1 Answers1