asp.net mvc authentication only works when debugging

Question

I have an asp.net mvc application that works fine under visual studio but when I publish it to the localhost, I'm unable to login.

I already striped down the code and found that MembershipService.ValidateUser(model.UserName, model.Password) won't work but the next line FormsService.SignIn(model.UserName, model.RememberMe) works fine.

On the web config I got the following:

<membership defaultProvider="MySqlMembershipProvider">
  <providers>
    <clear/>
    <add autogenerateschema="true"
             connectionStringName="ConnString"
             enablePasswordRetrieval="false"
             enablePasswordReset="true"
             requiresQuestionAndAnswer="false"
             requiresUniqueEmail="false"
             passwordFormat="Hashed"
             maxInvalidPasswordAttempts="5"
             minRequiredPasswordLength="6"
             minRequiredNonalphanumericCharacters="0"
             passwordAttemptWindow="10"
             passwordStrengthRegularExpression=""
             applicationName="/"
             name="MySqlMembershipProvider"
             type="MySql.Web.Security.MySQLMembershipProvider, MySql.Web, Version=6.3.6.0, Culture=neutral, PublicKeyToken=c5687fc88969c44d"/>
    </providers>
 </membership>
 <profile defaultProvider="MySqlProfileProvider">
   <providers>
     <clear/>
     <add name="MySqlProfileProvider"
             type="MySql.Web.Profile.MySQLProfileProvider, MySql.Web, Version=6.3.6.0, Culture=neutral, PublicKeyToken=c5687fc88969c44d"
             connectionStringName="ConnString" applicationName="/" autogenerateschema="true"/>
    </providers>
  </profile>
  <roleManager enabled="true" defaultProvider="MySqlRoleProvider">
    <providers>
      <clear/>
      <add name="MySqlRoleProvider" autogenerateschema="true" connectionStringName="ConnString" applicationName="/"
             type="MySql.Web.Security.MySQLRoleProvider, MySql.Web, Version=6.3.6.0, Culture=neutral, PublicKeyToken=c5687fc88969c44d" />
      </providers>
   </roleManager>

The ConnString is ok because other parts of the application work just fine (including the FormsService.SignIn).

Where's the physical path where Visual Studio debug applications so I can compare Web.configs with the one on my localhost IIS?

Answer 1

For you guys that might have this problem, my issue was my path in authentication.forms section of web.config. My application was running under the directory wwwroot/myappdir, my path logically set to /myappdir

<authentication mode = "forms">
    <forms loginUrl="/Login.aspx" path="/myappdir" name=".ASPXFORMSAUTH" protection="Validation">
</authentication>

When I'd run the debugger, it would work flawlessly starting the app with http://localhost:xxxx/myappdir/.

However, this was the only website running on my server so, for convenience, I'd test in my variety of browsers from the website root, http://localhost/, and kept bouncing right back to the login form.

It was a couple of hours before it dawned on me what was happening.

Answer 2

I was able to found the problem, it was kinda embarrassing actually.

I was building the project with framework 4.0 but was deploying it to a Application pool using .net framework 2.0.

Though I still find strange that the ValidateUser method depends on the framework

Answer 3

You may need to add the domain to your web.config when you publish.

<system.web>

    <authentication mode="Forms" >
        <forms loginUrl="~/Account/LogOn" timeout="10080" path="/" protection="All" domain="yourdomain.com" />
    </authentication>

</system.web>

NOTE: When debugging in visual studio, DO NOT include the domain. You can use the web.config transformation feature to automate this.