Strange Error On Failed ASP.Net Login

2018-06-20 03:44:26

I've an ASP.Net 3.5 (C#) web application which uses Sql Server 2008 for its database. In that db is a standard users table with columns username/password and I have a simple login form to authenticate users. The login page simple queries the table for matching username/password combination for the values inputted. If a user enters a valid username/password it works fine and proceeds, however if an invalid combination for some reason it throws an error rather than simply finding no matches. The error is:

System.Web Message: Exception of type 'System.Web.HttpUnhandledException' was thrown. Stack trace: at System.Web.UI.Page.HandleError(Exception e) at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) at System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) at System.Web.UI.Page.ProcessRequest() at System.Web.UI.Page.ProcessRequest(HttpContext context) at ASP.login_aspx.ProcessRequest(HttpContext context) in c:WindowsMicrosoft.NETFramework64v2.0.50727Temporary ASP.NET Filesroot55c40ade918a8ce7App_Web_xyhtxem7.17.cs:line 0 at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) Complete Error Text: System.Web.HttpUnhandledException: Exception of type 'System.Web.HttpUnhandledException' was thrown. ---> System.Data.SqlClient.SqlException: Failed to generate a user instance of SQL Server due to a failure in starting the process for the user instance. The connection will be closed. at System.Data.SqlClient.SqlInternalConnection.OnError(SqlException exception, Boolean breakConnection) at System.Data.SqlClient.TdsParser.ThrowExceptionAndWarning(TdsParserStateObject stateObj) at System.Data.SqlClient.TdsParser.Run(RunBehavior runBehavior, SqlCommand cmdHandler, SqlDataReader dataStream, BulkCopySimpleResultSet bulkCopyHandler, TdsParserStateObject stateObj) at System.Data.SqlClient.SqlInternalConnectionTds.CompleteLogin(Boolean enlistOK) at System.Data.SqlClient.SqlInternalConnectionTds.AttemptOneLogin(ServerInfo serverInfo, String newPassword, Boolean ignoreSniOpenTimeout, Int64 timerExpire, SqlConnection owningObject) at System.Data.SqlClient.SqlInternalConnectionTds.LoginNoFailover(String host, String newPassword, Boolean redirectedUserInstance, SqlConnection owningObject, SqlConnectionString connectionOptions, Int64 timerStart) at System.Data.SqlClient.SqlInternalConnectionTds.OpenLoginEnlist(SqlConnection owningObject, SqlConnectionString connectionOptions, Str ing newPassword, Boolean redirectedUserInstance) at System.Data.SqlClient.SqlInternalConnectionTds..ctor(DbConnectionPoolIdentity identity, SqlConnectionString connectionOptions, Object providerInfo, String newPassword, SqlConnection owningObject, Boolean redirectedUserInstance) at System.Data.SqlClient.SqlConnectionFactory.CreateConnection(DbConnectionOptions options, Object poolGroupProviderInfo, DbConnectionPool pool, DbConnection owningConnection) at System.Data.ProviderBase.DbConnectionFactory.CreatePooledConnection(DbConnection owningConnection, DbConnectionPool pool, DbConnectionOptions options) at System.Data.ProviderBase.DbConnectionPool.CreateObject(DbConnection owningObject) at System.Data.ProviderBase.DbConnectionPool.UserCreateRequest(DbConnection owningObject) at System.Data.ProviderBase.DbConnectionPool.GetConnection(DbConnection owningObject) at System.Data.ProviderBase.DbConnectionFactory.GetConnection(DbConnection owningConnection) at System.Data.ProviderBase.DbConnec tionClosed.OpenConnection(DbConnection outerConnection, DbConnectionFactory connectionFactory) at System.Data.SqlClient.SqlConnection.Open() at System.Web.DataAccess.SqlConnectionHolder.Open(HttpContext context, Boolean revertImpersonate) at System.Web.DataAccess.SqlConnectionHelper.GetConnection(String connectionString, Boolean revertImpersonation) at System.Web.Security.SqlMembershipProvider.GetPasswordWithFormat(String username, Boolean updateLastLoginActivityDate, Int32& status, String& password, Int32& passwordFormat, String& passwordSalt, Int32& failedPasswordAttemptCount, Int32& failedPasswordAnswerAttemptCount, Boolean& isApproved, DateTime& lastLoginDate, DateTime& lastActivityDate) at System.Web.Security.SqlMembershipProvider.CheckPassword(String username, String password, Boolean updateLastLoginActivityDate, Boolean failIfNotApproved, String& salt, Int32& passwordFormat) at System.Web.Security.SqlMembershipProvider.ValidateUser(String username, String password) at System.Web .UI.WebControls.Login.AuthenticateUsingMembershipProvider(AuthenticateEventArgs e) at System.Web.UI.WebControls.Login.AttemptLogin() at System.Web.UI.WebControls.Login.OnBubbleEvent(Object source, EventArgs e) at System.Web.UI.Control.RaiseBubbleEvent(Object source, EventArgs args) at System.Web.UI.Page.RaisePostBackEvent(IPostBackEventHandler sourceControl, String eventArgument) at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) --- End of inner exception stack trace --- at System.Web.UI.Page.HandleError(Exception e) at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) at System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) at System.Web.UI.Page.ProcessRequest() at System.Web.UI.Page.ProcessRequest(HttpContext context) at ASP.login_aspx.ProcessRequest(HttpContext context) in c:WindowsMicrosoft.NE TFramework64v2.0.50727Temporary ASP.NET Filesroot55c40ade918a8ce7App_Web_xyhtxem7.17.cs:line 0 at System.Web.HttpApplication

Any ideas what's happening?

If you don't match the sql result is probably NULL. So you don't get any valid result for the method. If you do something like this

SELECT * FROM xxx WHERE username = {0} and password = {1}

try

SELECT COUNT(*) FROM xxx WHERE username = {0} and password = {1}

then you get and int value 0 or >0 back to validate. But show us the code to help more specified.

This is a guess as you've not given enough info to be certain.

It sounds like you've written your own provider or are trying to circumvent it somehow.

If you fail to login it looks like the code is automatically falling back to the default provider that you've still got a connection string for in the web.config. Probably the default connection string that visual studio 'helpfully' adds. Which is an mdf, and this is the error it throws when the mdf doesn't exist.

That database obviously doesn't exist and it's failing with that error.

So you probably need to get rid of the provider in your web.config or fix your own provider or fix the way you're validating the user.

You are using membership provider is trying to connect to the sql server - I guess that most probably you are trying to use local sql express instance by providing the database file name.
In such case, the provider tries to create the database if it does not exists and the account (under which your code is running) may need to have read/write permissions on the folder. Or in you may not even have sqlexpress installed on your machine etc.

I would suggest you to check connection string and try debug from there - for example, try to connect to that database (remote/local) or create that database (along with required schema) if not exists. Change the connection string to conventional one (instead of providing the file name) and so on...

See this article for more help regarding creation of database and schema needed for membership provider: http://www.asp.net/web-forms/tutorials/security/membership/creating-the-membership-schema-in-sql-server-cs

链接地址: http://www.djcxy.com/p/56694.html

上一篇: 我的web服务无法登录到本地数据库

下一篇: 奇怪的错误失败的ASP.Net登录