基于表单的安全性和上传asp.net网站

I've written a little web site in my effort to learn vb.net and asp.net, fairly happy with it so rented some space and uploaded it, it was written using asp.net express edition 2008 and sql server express .... I've uploaded it and I've found that it was written in .NET 3.5 and my host only deals with 2.01 ... I've sorted most of that out, and trimmed my web.config file back to basics, but my forms based authentication isn't working

我写了一个小网站,努力学习vb.net和asp.net,相当满意,所以租了一些空间并上传它,它是用asp.net express edition 2008和sql server express编写的......我上传了它,我发现它是用.NET 3.5编写的,而我的主机只处理2.01 ...我已将其中的大部分内容排序,并将我的web.config文件修改回基础,但是我的基于表单的身份验证不起作用

<compilation debug="true" strict="false" explicit="true">
        </compilation>
        <authentication mode="Forms" />
    <customErrors mode="Off"/>
  </system.web>

And it keeps reporting that the sql server does not support remote access ...... not sure what to do next, I don't have to write my own security routines do i ? I have a sql server back end

并且它不断报告sql server不支持远程访问......不知道接下来要做什么,我不必写自己的安全例程吗?我有一个SQL Server后端

Thanks for your time

谢谢你的时间

Chris

3 个解决方案

#1

Are you using the SqlMembershipProvider to store your users in your database? Check your config file's section and make sure the connectionStringName refers to the name of your connection string.

您是否使用SqlMembershipProvider将用户存储在数据库中?检查配置文件的部分,确保connectionStringName引用连接字符串的名称。

#2

If the probllem is that you can not access your SQL Server it may be that you are using a trusted connection to it?

如果问题是您无法访问SQL Server,那么您可能正在使用可信连接吗?

It is not likely to work if the website is on a ISP network and your SQL Server is on another network.

如果网站位于ISP网络上且您的SQL Server位于另一个网络上,则不太可能正常工作。

What you then need to do is take a look at your connectionstring to change it so that you pass along the username/password in the connection string. NB: This is not optimal in terms of security but it is a way to access remot SQL Servers that are in antother domain.

您需要做的是查看您的connectionstring以更改它,以便您传递连接字符串中的用户名/密码。注意:这在安全性方面不是最佳的,但它是一种访问另一个域中的远程SQL Server的方法。

/joakim

#3

Cheers for your help people, changed my web.config to

为你的帮助人干杯,将我的web.config改为

<?xml version="1.0"?>
<configuration>
    <appSettings/>
  <connectionStrings>
    <add name="DatebaseConnectionString" connectionString="ohh wouldn't you like to know" />
  </connectionStrings>
    <system.web>
        <roleManager enabled="true" />
  <compilation debug="true" strict="false" explicit="true">
        </compilation>
    <pages>
      <namespaces>
        <clear/>
        <add namespace="System"/>
        <add namespace="System.Collections"/>
        <add namespace="System.Collections.Generic"/>
        <add namespace="System.Collections.Specialized"/>
        <add namespace="System.Configuration"/>
        <add namespace="System.Text"/>
        <add namespace="System.Text.RegularExpressions"/>
        <add namespace="System.Web"/>
        <add namespace="System.Web.Caching"/>
        <add namespace="System.Web.SessionState"/>
        <add namespace="System.Web.Security"/>
        <add namespace="System.Web.Profile"/>
        <add namespace="System.Web.UI"/>
        <add namespace="System.Web.UI.WebControls"/>
        <add namespace="System.Web.UI.WebControls.WebParts"/>
        <add namespace="System.Web.UI.HtmlControls"/>
      </namespaces>
    </pages>
        <authentication mode="Forms" />
    <membership defaultProvider="SqlProvider">
       <providers>
          <add connectionStringName="DatebaseConnectionString" applicationName="pedalpedalpuffpuff.com"
             enablePasswordRetrieval="false" enablePasswordReset="true"
             requiresQuestionAndAnswer="true" requiresUniqueEmail="true"
             passwordFormat="Hashed" maxInvalidPasswordAttempts="5" passwordAttemptWindow="10"
             name="SqlProvider" type="System.Web.Security.SqlMembershipProvider" />
       </providers>
    </membership>
    <customErrors mode="Off"/>
  </system.web>
</configuration>

And all worked fine

一切正常

#1