Here's the problem, I want to handle users using the built in Membership functionality, specifically using Oracle.Web.Security.OracleMembershipProvider. I've got the provider to work in .aspx files, correctly inserting new users into the appropriate Oracle tables and handling logins. However, I have a webservice beside the website component of the solution. I want only users who registered via the website and that can send a valid username/password with web-requests to be able to access data.
Anyways, in a .cs file I do this:
OracleMembershipProvider provider = new OracleMembershipProvider();
if (!provider.ValidateUser(username, password))
{
return null;
}
The call to ValidateUser throws an exception, details: "OracleConnection.ConnectionString is invalid".
I'd like to think the fact that the connection string works on the .aspx pages is enough to confirm the connectionstring is valid.
Here's what it looks like in the .aspx file, the key being on the second line MembershipProvider="MyOracleMembershipProvider"
<asp:Login ID="LoginUser" runat="server" EnableViewState="false"
RenderOuterTable="false" MembershipProvider="MyOracleMembershipProvider">
<LayoutTemplate>
<span class="failureNotification">
<asp:Literal ID="FailureText" runat="server"></asp:Literal>
</span>
<asp:ValidationSummary ID="LoginUserValidationSummary" runat="server" CssClass="failureNotification"
ValidationGroup="LoginUserValidationGroup"/>
<div class="accountInfo">
<fieldset class="login">
<legend>Account Information</legend>
<p>
<asp:Label ID="UserNameLabel" runat="server" AssociatedControlID="UserName">Username:</asp:Label>
<asp:TextBox ID="UserName" runat="server" CssClass="textEntry"></asp:TextBox>
<asp:RequiredFieldValidator ID="UserNameRequired" runat="server" ControlToValidate="UserName"
CssClass="failureNotification" ErrorMessage="User Name is required." ToolTip="User Name is required."
ValidationGroup="LoginUserValidationGroup">*</asp:RequiredFieldValidator>
</p>
//blah blah blah, code removed for length.
</fieldset>
<p class="submitButton">
<asp:Button ID="LoginButton" runat="server" CommandName="Login" Text="Log In" ValidationGroup="LoginUserValidationGroup"/>
</p>
</div>
</LayoutTemplate>
</asp:Login>
Viewing some of the details of 'provider' reveal basically all null/default values, indicating it wasn't initialized properly. I'm under the impression the constructor should initialize the membership provider using my default membership provider, as per my web.config file, which is as follows:
<configuration>
<system.data>
<DbProviderFactories>
<clear />
<add name="xxxOracleDataProvider" invariant="Oracle.DataAccess.Client" description=".Net Framework Data Provider for Oracle"
type="Oracle.DataAccess.Client.OracleClientFactory,
Oracle.DataAccess,
Version=4.112.2.0,
Culture=neutral,
PublicKeyToken=89b483f429c47342" />
</DbProviderFactories>
</system.data>
<connectionStrings>
<add name="MEMBERSHIP_PROVIDER"
connectionString="
Persist Security Info=True;
user id = xxxxxx;
password = xxxxxx;
data source=
(DESCRIPTION =
(ADDRESS_LIST =
(ADDRESS =
(PROTOCOL = TCP)
(HOST = xxxxxxx)
(PORT = xxxxxxxx)
)
)
(CONNECT_DATA =
(SERVICE_NAME = xxxxx)
(SERVER = DEDICATED)
)
);"
providerName="Oracle.DataAccess"
/>
</connectionStrings>
<system.web>
<customErrors mode="Off"/>
<webServices>
<protocols>
<add name="HttpGet"/>
<add name="HttpPost"/>
</protocols>
</webServices>
<compilation debug="true"/>
<authentication mode="Forms">
<forms loginUrl="~/Account/Login.aspx" timeout="2880"/>
</authentication>
<membership defaultProvider="MyOracleMembershipProvider" hashAlgorithmType="SHA1">
<providers>
<clear />
<add name="MyOracleMembershipProvider"
type="Oracle.Web.Security.OracleMembershipProvider,
Oracle.Web, Version=4.112.1.2, Culture=neutral,
PublicKeyToken=89b483f429c47342"
connectionStringName="MEMBERSHIP_PROVIDER"
applicationName="xxx_xxxx_xxxxxx"
enablePasswordRetrieval="false"
enablePasswordReset="true"
requiresQuestionAndAnswer="false"
requiresUniqueEmail="true"
passwordFormat="Hashed"
minRequiredNonalphanumericCharacters="0"
maxInvalidPasswordAttempts="7"
minRequiredPasswordLength="12"
passwordAttemptWindow="8"
/>
</providers>
</membership>
</system.web>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true"/>
</system.webServer>
</configuration>
I've tried:
Membership.Provider.ValidateUser(username, password)
as well. It always returns false and the Providers attributes do not match the attributes of my default provider (when I set up breakpoints and observe the object).
Anyone have any ideas how to resolve this issue? I feel like it should be simple, seeing as the data provider is working fine on .aspx pages, but I can't for the life of me get a .cs file to use the same provider, or even see that the provider exists.
