This time the customer was using the “Web Site Administrator Tool” wizard to create the authentication mechanism (based on SqlExpress membership) for his site. As usual everything was working fine on his development machine, but after deploying the application on the live web server users were no longer able to authenticate, and they got the message “You login attempt was not successful. Please try again.“, and in the event log we found a few messages like the following:
Event code: 4006
Event message: Membership credential verification failed.
Event time: 13/04/2006 13:23:30
Event time (UTC): 13/04/2006 12:23:30
Event ID: 89ff87b6e2d8490c9b873730e50af976
Event sequence: 3
Event occurrence: 1
Event detail code: 0Application information:
Application domain: /LM/W3SVC/1/Root/myapp-1-127894037524081250
Trust level: Full
Application Virtual Path: /myapp
Application Path: d:\inetpub\wwwroot\myapp\
Machine name: WEBSERVERProcess information:
Process ID: 5540
Process name: w3wp.exe
Account name: NT AUTHORITY\NETWORK SERVICERequest information:
Request URL: http://<web server ip>/myapp/login.aspx?ReturnUrl=/myapp/search.aspx
Request path: /myapp/login.aspx
User host address: <web server ip>
User:
Is authenticated: False
Authentication Type:
Thread account name: NT AUTHORITY\NETWORK SERVICEName to authenticate: administrator
The problem is that this error message is misleading; we found out that the problem was actually due to the Internet user missing permissions on the .mdf and .ldf files. SQLEXPRESS.EXE runs in the context of the ASP.NET user account and it of course need to access the .mdf file; the access type must the read/write because of course we must be able to update the database content.
Carlo
One Comment
Pingback: