4

I am trying to use roles for hiding elements in my application, and this is working fine in Visual Studio Express in my development environment. However when I publish the site and put in into a live environment I now get an error about not being able to connect to the sql server instance.

It looks like several people commented the same thing in this post: The Role Manager feature has not been enabled

but I don't see a solution to that comment.

If I take out the roleManager enabled="true" line of code in web.config the site will connect until I get to where I have code that looks to hide a control, then the error about rolemanager not being enabled.

Here is my web.config file, I don't know how to get this to work correctly. Still a noob to a lot of web programming:

<?xml version="1.0" encoding="utf-8"?>
<!--
For more information on how to configure your ASP.NET application, please visit
http://go.microsoft.com/fwlink/?LinkId=169433
-->
<configuration>
<configSections>
<!-- For more information on Entity Framework configuration, visit http://go.microsoft.com/fwlink/?LinkID=237468 -->
<section name="entityFramework" type="System.Data.Entity.Internal.ConfigFile.EntityFrameworkSection, EntityFramework, Version=6.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" requirePermission="false" />
</configSections>
<connectionStrings>
<add name="DefaultConnection" connectionString="Data Source=S192-169-136-24\ABPATH;Initial Catalog=aspnet-cs1-20160511031253;Integrated Security=True" providerName="System.Data.SqlClient" />
<add name="CS1" connectionString="Data Source=S192-169-136-24\ABPATH;Initial Catalog=CS1;Integrated Security=True" providerName="System.Data.SqlClient" />
 </connectionStrings>
 <system.web>
 <authentication mode="None" />
 <compilation targetFramework="4.5.2" />
 <httpRuntime maxRequestLength="2097151" targetFramework="4.5.2" requestValidationMode="2.0" requestPathInvalidCharacters="" />
  <pages validateRequest="false">
  <namespaces>
    <add namespace="System.Web.Optimization" />
    <add namespace="Microsoft.AspNet.Identity" />
  </namespaces>
  <controls>
    <add assembly="Microsoft.AspNet.Web.Optimization.WebForms" namespace="Microsoft.AspNet.Web.Optimization.WebForms" tagPrefix="webopt" />
  </controls>
</pages>
<membership>
  <providers>
    <!--
      ASP.NET Membership is disabled in this template. Please visit the following link http://go.microsoft.com/fwlink/?LinkId=301889 to learn about the ASP.NET Membership support in this template
    -->
    <clear />
  </providers>
</membership>
<profile>
  <providers>
    <!--
      ASP.NET Membership Profile is disabled in this template. Please visit the following link http://go.microsoft.com/fwlink/?LinkId=301889 to learn about the ASP.NET Membership support in this template
    -->
    <clear />
  </providers>
</profile>
<roleManager defaultProvider="DefaultConnection" enabled="true">
<providers>
   <add name="DefaultConnection" type="System.Web.Providers.DefaultRoleProvider, System.Web.Providers, Version=2.0.0.0, Culture=neutral, PublicKeyToken=NUMBER" connectionStringName="DefaultConnection" applicationName="/" />
 </providers>
</roleManager>
<!--
        If you are deploying to a cloud environment that has multiple web server instances,
        you should change session state mode from "InProc" to "Custom". In addition,
        change the connection string named "DefaultConnection" to connect to an instance
        of SQL Server (including SQL Azure and SQL  Compact) instead of to SQL Server Express.
  -->
  <sessionState mode="InProc" customProvider="DefaultSessionProvider">
  <providers>
    <add name="DefaultSessionProvider" type="System.Web.Providers.DefaultSessionStateProvider, System.Web.Providers, Version=2.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" connectionStringName="DefaultConnection" />
  </providers>
 </sessionState>
  <httpModules>
  <add name="ApplicationInsightsWebTracking" type="Microsoft.ApplicationInsights.Web.ApplicationInsightsHttpModule, Microsoft.AI.Web" />
 </httpModules>
 </system.web>
 <system.webServer>
 <rewrite>
    <rules>
    <rule name="HTTP to HTTPS redirect" stopProcessing="true"> 
    <match url="(.*)" /> 
    <conditions> 
        <add input="{HTTPS}" pattern="off" ignoreCase="true" />
    </conditions> 
    <action type="Redirect" redirectType="Permanent" url="https://{HTTP_HOST}/{R:1}" />
  </rule>   
    </rules>
  </rewrite>
  <modules>
  <remove name="FormsAuthentication" />
  <remove name="ApplicationInsightsWebTracking" />
  <add name="ApplicationInsightsWebTracking" type="Microsoft.ApplicationInsights.Web.ApplicationInsightsHttpModule, Microsoft.AI.Web" preCondition="managedHandler" />
</modules>
<validation validateIntegratedModeConfiguration="false" />
    <httpRedirect enabled="false" destination="https://www.pathcertlink.com/" exactDestination="true" />
</system.webServer>
<runtime>
<assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
  <dependentAssembly>
    <assemblyIdentity name="Newtonsoft.Json" culture="neutral" publicKeyToken="30ad4fe6b2a6aeed" />
    <bindingRedirect oldVersion="0.0.0.0-6.0.0.0" newVersion="6.0.0.0" />
  </dependentAssembly>
  <dependentAssembly>
    <assemblyIdentity name="WebGrease" culture="neutral" publicKeyToken="31bf3856ad364e35" />
    <bindingRedirect oldVersion="0.0.0.0-1.5.2.14234" newVersion="1.5.2.14234" />
  </dependentAssembly>
  <dependentAssembly>
    <assemblyIdentity name="EntityFramework" publicKeyToken="b77a5c561934e089" />
    <bindingRedirect oldVersion="0.0.0.0-6.0.0.0" newVersion="6.0.0.0" />
  </dependentAssembly>
  <dependentAssembly>
    <assemblyIdentity name="Microsoft.Owin" culture="neutral" publicKeyToken="31bf3856ad364e35" />
    <bindingRedirect oldVersion="0.0.0.0-3.0.1.0" newVersion="3.0.1.0" />
  </dependentAssembly>
  <dependentAssembly>
    <assemblyIdentity name="Microsoft.Owin.Security.OAuth" culture="neutral" publicKeyToken="31bf3856ad364e35" />
    <bindingRedirect oldVersion="0.0.0.0-3.0.1.0" newVersion="3.0.1.0" />
  </dependentAssembly>
  <dependentAssembly>
    <assemblyIdentity name="Microsoft.Owin.Security.Cookies" culture="neutral" publicKeyToken="31bf3856ad364e35" />
    <bindingRedirect oldVersion="0.0.0.0-3.0.1.0" newVersion="3.0.1.0" />
    </dependentAssembly>
    <dependentAssembly>
    <assemblyIdentity name="Microsoft.Owin.Security" culture="neutral" publicKeyToken="31bf3856ad364e35" />
    <bindingRedirect oldVersion="0.0.0.0-3.0.1.0" newVersion="3.0.1.0" />
    </dependentAssembly>
    </assemblyBinding>
   </runtime>
 <entityFramework>
  <defaultConnectionFactory type="System.Data.Entity.Infrastructure.SqlConnectionFactory, EntityFramework" />
   <providers>
  <provider invariantName="System.Data.SqlClient" type="System.Data.Entity.SqlServer.SqlProviderServices, EntityFramework.SqlServer" />
   </providers>
  </entityFramework>
  <system.codedom>
 <compilers>
  <compiler language="c#;cs;csharp" extension=".cs" type="Microsoft.CodeDom.Providers.DotNetCompilerPlatform.CSharpCodeProvider, Microsoft.CodeDom.Providers.DotNetCompilerPlatform, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" warningLevel="4" compilerOptions="/langversion:6 /nowarn:1659;1699;1701" />
  <compiler language="vb;vbs;visualbasic;vbscript" extension=".vb" type="Microsoft.CodeDom.Providers.DotNetCompilerPlatform.VBCodeProvider, Microsoft.CodeDom.Providers.DotNetCompilerPlatform, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" warningLevel="4" compilerOptions="/langversion:14 /nowarn:41008 /define:_MYTYPE=\&quot;Web\&quot; /optionInfer+" />
  </compilers>
 </system.codedom>
 </configuration>
Community
  • 1
  • 1
Brent Oliver
  • 171
  • 3
  • 21
  • Are you sure the problem is because of role provider? It seems the error is because of using Windows Authentication in connection strings: `Integrated Security=True`. So you should first enable impersonation `` under ``. Take a look at [How to: Access SQL Server Using Windows Integrated Security](https://msdn.microsoft.com/en-us/library/bsz5788z.aspx) – Reza Aghaei Nov 30 '16 at 12:22
  • @RezaAghaei The application in question is on the Internet, not an Intranet, but you may be onto something as the development environment is obviously an Intranet. I am pretty new to creating web applications (this is my first) so changing the web.config to work with the Internet is new to me. The users of the application only log into the application, they do not have any other association with the organization, so no Windows accounts at all. If I need to make changes to the web.config to work, that is what I need to know how to do. – Brent Oliver Nov 30 '16 at 13:30
  • You are using *Windows Authentication* for `DefaultRoleProvider`. It means the account that executes your application (your Application Pool Identity, or the impersonated user) should have access to the database using windows authentication. Otherwise you should change the connection string to SQL Server Authentication. For a remote database, If you want to use Windows Authentication you should have a domain user account that access to the remote database. For a local database (the same machine as application server machine) you should have a local user account that access to database. – Reza Aghaei Nov 30 '16 at 14:01
  • These are essential questions: **1)** Do you use a local database (SQL Installed on the same machine) or the database is remote (SQL Server installed on a different machine)? **2)** Is the application server (and database server) joined to the domain? **3)** Do you have a domain username/password or a SQL Server username/password to connect to database? **4)** What's the authentication mechanism in your application? Do you use Forms Authentication or Windows Authentication or something else? – Reza Aghaei Dec 01 '16 at 22:19

3 Answers3

4

I don't think the server is called LAPTOP-168YQ32

You probably need to change that to localhost or an IP address supplied by the hosting provider. I also don't think it will use integrated security but needs a username/password combo.

The connection string should look something like this.

<add name="DefaultConnection" connectionString="Data Source=192.168.0.101;Initial Catalog=aspnet-cs1-20160511031253;User ID=userName;Password=passWord" providerName="System.Data.SqlClient"/>
VDWWD
  • 35,079
  • 22
  • 62
  • 79
  • tried the change to User ID=userName;Password=passWord now nobody can log into the site period as login fails for "userName". Know this must stand for something simple, but no idea what that should be. – Brent Oliver Nov 16 '16 at 12:50
  • Also the web config listed is from my development environment, the connection string on the live site does point to the live server via IP, but it does have integrated security configured as shown above. – Brent Oliver Nov 16 '16 at 12:52
  • Check the configuration of the SQL server and see if it accepts username/password combo's? And is your website hosted internally on the company server, because if not integrated security is not really an option. – VDWWD Nov 16 '16 at 14:52
1

your rolemanager section looks a little bizarre. What is this "NUMBER" in the assembly token ?

Also, might be a detail, worth to try at this point, give a name different than "DefaultConnection" to the role manager, as it is also the name of the connection

Try this:

<roleManager defaultProvider="DefaultRoleProvider">
  <providers>
    <add name="DefaultRoleProvider" type="System.Web.Providers.DefaultRoleProvider, System.Web.Providers, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" connectionStringName="DefaultConnection" applicationName="/"/>
  </providers>
</roleManager>

Also i see in the connections that you have 2 connections

<connectionStrings>
<add name="DefaultConnection" connectionString="Data Source=S192-169-136-24\ABPATH;Initial Catalog=aspnet-cs1-20160511031253;Integrated Security=True" providerName="System.Data.SqlClient" />
<add name="CS1" connectionString="Data Source=S192-169-136-24\ABPATH;Initial Catalog=CS1;Integrated Security=True" providerName="System.Data.SqlClient" />
 </connectionStrings>

I guess that your application is using the connection "CS1" while the Rolemanager uses the "DefaultConnection" which point to another database ("aspnet-cs1-20160511031253")

Do you have that database online: aspnet-cs1-20160511031253 If not, you add it, or add the aspnet tables in CS1 and change the role manager to point to CS1 database isntead of DefaultConnection

<roleManager defaultProvider="DefaultRoleProvider">
  <providers>
    <add name="DefaultRoleProvider" type="System.Web.Providers.DefaultRoleProvider, System.Web.Providers, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" connectionStringName="CS1" applicationName="/"/>
  </providers>
</roleManager>
Luc Debliquis
  • 304
  • 1
  • 6
  • That is actually something from an earlier comment that has been put back to its original value. The application is connecting and using SQL server fine,,, until the role manager role is enabled. then it has an issue, but only with role manager. Odd as roles are also used to hide/show menu items elsewhere without using role manager. – Brent Oliver Dec 07 '16 at 13:49
  • Ok, i edited the answer, the problem might be that you are using a wrong connection (DefaultConnection instead of CS1), see the answer bottom – Luc Debliquis Dec 07 '16 at 14:01
1

Role based authentication is all about authenticating users on the web site - not about your SQL Server connection, so I would remove that complication from this problem. Your problem is that you cannot connect to SQL Server - plain and simple.

To resolve this, check the specific error message your are getting with "Cannot connect to SQL Server" - is the connection denied? (This implies SQL Server is not listening to TCP/1433 and is only using sockets or temporary files). Most probably, the password is incorrect. On your remote server, try using RDP (remote desktop) to verify you can log into SQL Server using the username and password of the account you got in with. Most likely, you should use a simple username and password on the remote server instead of bothering with Integrated Security, which is usually done in development.

Charlie Dalsass
  • 1,986
  • 18
  • 23
  • That is what I don't really get. The application is working and clearly is reading and writing to the SQL database,,, until I enable role manager. I don't know what is so unique to this and why it is not able to connect. – Brent Oliver Dec 07 '16 at 13:48
  • It does make sense to me that enabling "rolemanager", then adding "Integrated Security" - which takes the current userid and uses that to login to SQL Server - might cause the SQL Server login to break. Though I don't understand the internals - you've in fact changed users within ASP.net/IIS. I recommend adding a username and password to SQL server and forgetting about "Integrated Security" on this production/live host. – Charlie Dalsass Dec 07 '16 at 19:28