FormsAuthentication est je ne passe pas l'utilisateur mais je suis

Question

J'ai cette méthode de connexion:

// POST: /Account/LogOn 
    [HttpPost] 
    public ActionResult LogOn(LogOnModel model, string returnUrl, string corpid) 
    { 
     var sb = new StringBuilder(); 
     sb.AppendLine("Logon HttpPost start"); 
     sb.AppendLine(string.Format("returnUrl: {0}", returnUrl)); 
     sb.AppendLine(string.Format("corpid: {0}", corpid)); 
     sb.AppendLine(string.Format("model.UserName: {0}", model.UserName)); 
     sb.AppendLine(string.Format("model.Password: {0}", model.Password)); 

     try 
     { 
     sb.AppendLine(string.Format("ModelState.IsValid: {0}", ModelState.IsValid)); 
     if (ModelState.IsValid) 
     { 
      if (Membership.ValidateUser(model.UserName, model.Password)) 
      { 
      sb.AppendLine("Validated User"); 
      FormsAuthentication.SetAuthCookie(model.UserName, model.RememberMe); 
      if (Url.IsLocalUrl(returnUrl) && returnUrl.Length > 1 
       && returnUrl.StartsWith("/") 
       && !returnUrl.StartsWith("//") 
       && !returnUrl.StartsWith("/\\")) 
      { 
       sb.AppendLine("Redirect(returnUrl)"); 
       return Redirect(returnUrl); 
      } 

      // need to decide whether to display the CustomerSummary, AccountScreen, or AddCustomer view 
      // AccountScreen if they only have 1 account tied to this logon 
      // AddCustomer if they do not havfe any tied to this logon 
      // CustomerSummary if they have more than 1 tied to this logon 

      var customers = _client.RequestCustomersForAccount(model.UserName); 
      if (!customers.Any()) 
      { 
       // no accounts tied to this logon 
       sb.AppendLine("No accounts found for this login."); 
       sb.AppendLine("RedirectToAction(AddCustomer, Customer)"); 
       return RedirectToAction("AddCustomer", "Customer"); 
      } 

      if (customers.Count() == 1) 
      { 
       sb.AppendLine("1 accounts found for this login."); 
       sb.AppendLine("RedirectToAction(AccountScreen, Customer)"); 
       model.AccountId = customers[0].AccountId; 
       sb.AppendLine(string.Format("customers[0].AccountId: {0}", customers[0].AccountId)); 
       // only 1 account tied to this logon 
       return RedirectToAction("AccountScreen", "Customer", model); 
      } 

      if (customers.Count() > 1) 
      { 
       sb.AppendLine(string.Format("{0} accounts found for this login.", customers.Count())); 
       sb.AppendLine("RedirectToAction(CustomerSummary, Customer)"); 
       // no accounts tied to this logon 
       return RedirectToAction("CustomerSummary", "Customer"); 
      } 

      } 
      else 
      { 
      var msg = "The user name or password provided is incorrect."; 
      sb.AppendLine(msg); 
      ModelState.AddModelError("", msg); 
      } 
     } 

     // If we got this far, something failed, redisplay form 
     return View(model); 

     } 
     catch (Exception ex) 
     { 
     sb.AppendLine(string.Format("An error occured: {0}", ex)); 
     WebPortalLogging.Logging.LogException("The following error occured: ", ex, _asName); 
     return null; 
     } 
     finally 
     { 
     WebPortalLogging.Logging.LogInfo(sb.ToString(), _asName); 
     } 
    } 

Quand je suis à la ligne FormsAuthentication.SetAuthCookie(model.UserName, model.RememberMe); Je reçois cette erreur:

System.InvalidOperationException: The username is not provided. Specify username in ClientCredentials.

Server stack trace: at System.ServiceModel.ClientCredentialsSecurityTokenManager.CreateSecurityTokenProvider(SecurityTokenRequirement tokenRequirement, Boolean disableInfoCard) at System.ServiceModel.Channels.HttpChannelFactory.CreateAndOpenTokenProvider(TimeSpan timeout, AuthenticationSchemes authenticationScheme, EndpointAddress target, Uri via, ChannelParameterCollection channelParameters) at System.ServiceModel.Channels.HttpChannelFactory.CreateAndOpenTokenProvidersCore(EndpointAddress to, Uri via, ChannelParameterCollection channelParameters, TimeSpan timeout, SecurityTokenProviderContainer& tokenProvider, SecurityTokenProviderContainer& proxyTokenProvider) at System.ServiceModel.Channels.HttpChannelFactory.HttpRequestChannel.CreateAndOpenTokenProviders(TimeSpan timeout) at System.ServiceModel.Channels.HttpsChannelFactory.HttpsRequestChannel.OnOpen(TimeSpan timeout) at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannel.OnOpen(TimeSpan timeout)
at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannel.CallOnceManager.CallOnce(TimeSpan timeout, CallOnceManager cascade) at System.ServiceModel.Channels.ServiceChannel.EnsureOpened(TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation) at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)

Exception rethrown at [0]: at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg) at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type) at SuburbanCustPortal.SuburbanService.ISuburbanService.RequestCustomersForAccount(String customerloginname) at SuburbanCustPortal.Controllers.AccountController.LogOn(LogOnModel model, String returnUrl, String corpid) in C:\work2\Doozer Software\Suburban\SuburbanCustPortal\Controllers\AccountController.cs:line 112

Ce code a fonctionné trouver à un moment donné et je suis retourné et comparé à ce que j'avais quand ça a marché et je ne vois rien d'autre que l'enregistrement qui a changé.

Voici l'enregistrement j'ajouté:

Logon HttpPost start 
returnUrl: 
corpid: 
model.UserName: user 
model.Password: password 
ModelState.IsValid: True 
Validated User 
An error occured: System.InvalidOperationException: The username is not provided. Specify username in ClientCredentials. 

Server stack trace: 
    at System.ServiceModel.ClientCredentialsSecurityTokenManager.CreateSecurityTokenProvider(SecurityTokenRequirement tokenRequirement, Boolean disableInfoCard) 
    at System.ServiceModel.Channels.HttpChannelFactory.CreateAndOpenTokenProvider(TimeSpan timeout, AuthenticationSchemes authenticationScheme, EndpointAddress target, Uri via, ChannelParameterCollection channelParameters) 
    at System.ServiceModel.Channels.HttpChannelFactory.CreateAndOpenTokenProvidersCore(EndpointAddress to, Uri via, ChannelParameterCollection channelParameters, TimeSpan timeout, SecurityTokenProviderContainer& tokenProvider, SecurityTokenProviderContainer& proxyTokenProvider) 
    at System.ServiceModel.Channels.HttpChannelFactory.HttpRequestChannel.CreateAndOpenTokenProviders(TimeSpan timeout) 
    at System.ServiceModel.Channels.HttpsChannelFactory.HttpsRequestChannel.OnOpen(TimeSpan timeout) 
    at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout) 
    at System.ServiceModel.Channels.ServiceChannel.OnOpen(TimeSpan timeout) 
    at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout) 
    at System.ServiceModel.Channels.ServiceChannel.CallOnceManager.CallOnce(TimeSpan timeout, CallOnceManager cascade) 
    at System.ServiceModel.Channels.ServiceChannel.EnsureOpened(TimeSpan timeout) 
    at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout) 
    at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation) 
    at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message) 

Exception rethrown at [0]: 
    at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg) 
    at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type) 
    at SuburbanCustPortal.SuburbanService.ISuburbanService.RequestCustomersForAccount(String customerloginname) 
    at SuburbanCustPortal.Controllers.AccountController.LogOn(LogOnModel model, String returnUrl, String corpid) in C:\work2\Doozer Software\Suburban\SuburbanCustPortal\Controllers\AccountController.cs:line 112 

Comme vous pouvez le voir dans les journaux, je suis ouvert une session avec un utilisateur depuis que je passe cette vérification:

if (Membership.ValidateUser(model.UserName, model.Password)) 

De plus, je peux exécutez ce code localement, sur mon ordinateur, et je ne reçois aucune erreur. Tout ceci est dirigé vers la même base de données, localement et publiée.

Quelqu'un voit-il quel est mon problème?

Answer 1

When I get to line FormsAuthentication.SetAuthCookie(model.UserName, model.RememberMe); I am getting this error:

Votre trace de la pile montre que l'exception est levée par la ligne:

var customers = _client.RequestCustomersForAccount(model.UserName); 

On peut supposer que cet appel échoue parce que votre Thread.CurrentPrincipal n'a pas été définie à l'utilisateur authentifié (vous définissez le cookie FormsAuthentication, mais il ne sera pas traité avant la prochaine demande).

Je ne sais pas pourquoi vous essayez de faire un travail supplémentaire après authentification de l'utilisateur, je vous suggère de réacheminer immédiatement, par exemple:

if (Url.IsLocalUrl(returnUrl) && returnUrl.Length > 1 
      && returnUrl.StartsWith("/") 
      && !returnUrl.StartsWith("//") 
      && !returnUrl.StartsWith("/\\")) 
{ 
    sb.AppendLine("Redirect(returnUrl)"); 
    return Redirect(returnUrl); 
} 

Redirect(Request.UrlReferrer.ToString()); // Or wherever you want to redirect to