Best IT Recipes

Is ASP.NET MVC 5 incompatible with WebMatrix SimpleMembershipProvider?

We have an existing application that was created on ASP.NET MVC 4 and the web API. The administrative parts of the site use Simple Membership. I am interested in upgrading the application to MVC 5 / Web API 2 to take advantage of some of the new features added. But it looks like they may be incompatible.

In particular, after installing RC packages from NuGet to one of the projects in my solution and updating the web.config information , the application starts dying during startup on the line that calls WebSecurity.InitializeDatabaseConnection() , with this exception:

 [MethodAccessException: Attempt by security transparent method 'WebMatrix.WebData.PreApplicationStartCode.OnConnectionOpened(System.Object, WebMatrix.Data.ConnectionEventArgs)' to access security critical method 'System.Web.WebPages.HttpContextExtensions.RegisterForDispose(System.Web.HttpContextBase, System.IDisposable)' failed.] WebMatrix.WebData.PreApplicationStartCode.OnConnectionOpened(Object sender, ConnectionEventArgs e) +70 WebMatrix.Data.Database.OnConnectionOpened() +70 WebMatrix.Data.Database.EnsureConnectionOpen() +51 WebMatrix.Data.Database.QueryValue(String commandText, Object[] args) +63 WebMatrix.WebData.DatabaseWrapper.QueryValue(String commandText, Object[] parameters) +13 WebMatrix.WebData.SimpleMembershipProvider.GetUserId(IDatabase db, String userTableName, String userNameColumn, String userIdColumn, String userName) +206 WebMatrix.WebData.SimpleMembershipProvider.ValidateUserTable() +87

Other projects in one solution using Simple Membership that I have not updated continue to work fine.

For more information, Google displays many hits for this exception, of course, but nothing special for WebMatrix.

FWIW: I know that Microsoft has implemented (another) solution for membership and identification , but if there is no way to use it from existing Simple Membership tables or a seamless migration path for all our existing user data, which is not really an option for us.

UPDATE (October 11th)

I just tried it again with a fresh check of the current trunk of our application. I use Visual Studio 2012, but otherwise I followed instructions from MS to update an existing project. After upgrading to MVC 5 / Web API 2 / EF 6, the application launched the "simple" mode.

In web.config there were no explicit trust requirements for deletion. I added the code from this question to Global.asax.cs , and it reports that the application works with full trust (in IIS Express, only F5-ed from VS).

Re-adding the same call to InitializeDatabaseConnection() , it starts to die with the same exception.

DECISION (October 28)

Having tried the solution in updating @Kevin from Friday, I found that it works. It was very strange to me that adding this obviously unrelated package would solve these security problems, and even more strange after I removed the package from my solution and continued to work.

After carefully examining what was happening, I realized that the reason for this fix is โ€‹โ€‹quite simple: the Microsoft.AspNet.WebHelpers package has two dependencies that were added to my solution: Microsoft.AspNet.WebPages.Data and Microsoft.AspNet.WebPages.WebData . Microsoft has moved WebMatrix classes to new packages.

So, the added package of helpers fixed the problem, not because of anything, but since it caused updated versions of broken assemblies to add to my solution. So the solution to the initial incompatibility is to install these new packages while updating everything else from NuGet:

 Install-Package Microsoft.AspNet.WebPages.WebData

UPDATE (May 13, 2015)

It has been suggested that you might also need to manually install a second new package:

 Install-Package Microsoft.AspNet.WebPages.Data

This is not necessary because this package is an explicit dependency on the former, and NuGet must be smart enough to install both. But if you get an error while creating it or donโ€™t see NuGet add dependency, this may help you.

+67
c # asp.net-mvc asp.net-mvc-5 asp.net-identity simplemembership
Oct 03
source share
5 answers

WebMatrix is โ€‹โ€‹compatible with MVC 5.

What I did was take an empty MVC 5 project and include WebMatrix SimpleMembershipProvider with SimpleSecurity , an open source project that separates SimpleMembership from your MVC application . While I can create a database, sow it and enter and exit. I plan to add other features to this help application, such as email confirmation and various tests. When I'm done, I will send the source code to the SimpleSecurity Project

If I had to guess, your problem might be related to the update process. What process have you taken to upgrade your MVC 4 project to MVC 5? Have you followed this process ? What version of WebMatrix assembly are you using? What version of Visual Studio are you using? I am using version 2.0.0.0 for WebMatrix and Visual Studio 2013 RC.



Update (10/25/2013)

I continued my experiment with the addition of SimpleMembership to the MVC 5 project and somewhere along the line it broke, and I got the same results as @Sixten Otto. I did not test in phases when I added, but I suspect that this could happen when I installed the Web API assemblies. They are not installed by default when creating a new MVC 5 project.

I did some research on the error and stumbled upon this QA called " Trying a transparent security method" WebMatrix.WebData.PreApplicationStartCode.Start () " . This is an old QA, and initially someone got the same error when updating an MVC 3 application to MVC 4. But lately people have been adding answers regarding the transition to MVC 5, and one of the answers worked for me.The solution for me was to install the Microsoft.AspNet.WebHelpers NuGet package. After installing this package everything worked fine.

A note on my study of migrating to new ASP.NET identity information is that they do not use the same password hash, which precludes the possibility of migrating old members to the database used by ASP.NET Identity. ASP.NET authentication seems to be in real thread right now, so maybe they will come up with a solution for this.



Update (2/16/14)

I mistakenly reported that the hash algorithm for passwords is different from SimpleMembership and ASP.NET Identity. I suggested that this is based on a visual check of the hashed passwords, assuming that it is only the hashed password that was in the fields. After further research, I found that SimpleMembership uses the System.Web.Helpers.Crypto class to hash the password and what is stored in the password field is actually a 256-bit unit and salt. With this information, I conducted several tests to verify that the ASP.NET identifier can verify the passwords generated by SimpleMembership, and it passed. I was trying to figure out which SimpleMembership hash algorithm is used so that I can connect the password hacker in ASP.NET Identity, which would allow me to transfer data from the SimpleMembership website to the one that used the ASP.NET identifier. It turns out that this is not necessary. I talk about the password hash and how to transfer data from SimpleMembership to ASP.NET Identity in more detail in this article .

+36
Oct 09 '13 at
source share

If you get an error message

The transparent security method 'WebMatrix.WebData.PreApplicationStartCode.Start () attempted to access the security critical method' System.Web.WebPages.Razor.WebPageRazorHost.AddGlobalImport (System.String) failed.

To fix this package, install it using the NuGet package manager.

 Install-Package Microsoft.AspNet.WebHelpers

After that, you might get another error

Unable to load WebMatrix.Data assembly version 3.0.0.0

to fix this installation package using the NuGet package manager.

 Install-Package Microsoft.AspNet.WebPages.Data
+30
Mar 23 '14 at 5:52
source share

We are currently working on porting the doc to move from Simple Membership to Identity ASP.NET. Please stay tuned for several weeks until we click this migration document. For now, you need to map the Simple Membership schema to Identity and change the application code to use OWIN for Signin / SIgnOut

+3
Oct 10 '13 at 17:59
source share

The above answers only worked until the last web pages 3.2.3. A new question has appeared for me. The current fix for me was by upgrading to .Net 4.5.3. I realized this because of disappointment. This problem does not affect only MVC 5, but the main projects of Webmatrix, and also after updating to web pages 3.2.3. I think this is a skeleton issue that will be fixed with the new Microsoft Identity. The current fix for me is below: Note. Use the property page wizard in visual studio to change the target structure to .Net Framework 4.5.3. It will update your web.config

 <compilation debug="true" targetFramework="4.5.3"> <assemblies> <add assembly="System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/> </assemblies> </compilation>

Step 1: Install the Microsoft.AspNet.WebHelpers Package

Step 2: Install the Microsoft.AspNet.WebPages.Data package p>

Step 3: [Optional] Install-Package Owin

Step 4: Change targetFramework to .Net 4.5.3 through the Page Properties dialog box

enter image description here

[Optional] Your Web.Config should look like this

  <?xml version="1.0"?> <configuration> <appSettings/> <connectionStrings> <add connectionString="Server=XTREMEGOSPEL;Database=portfolioDB;Trusted_Connection=True" name="portDB" providerName="System.Data.SqlClient"/> </connectionStrings> <!-- For a description of web.config changes see http://go.microsoft.com/fwlink/?LinkId=235367. The following attributes can be set on the <httpRuntime> tag. <system.Web> <httpRuntime targetFramework="4.5" /> </system.Web> --> <system.web> <compilation debug="true" targetFramework="4.5.3"> <assemblies> <add assembly="System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/> </assemblies> </compilation> <httpRuntime targetFramework="4.5" maxRequestLength="2097151"/> <authentication mode="Forms"> <forms timeout="1440"/> </authentication> <sessionState timeout="1440"/> <pages controlRenderingCompatibilityVersion="3.5" clientIDMode="AutoID"/> </system.web> <system.webServer> <security> <requestFiltering> <requestLimits maxAllowedContentLength="4294967295"/> </requestFiltering> </security> </system.webServer> <runtime> <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1"> <dependentAssembly> <assemblyIdentity name="System.Web.Helpers" publicKeyToken="31bf3856ad364e35"/> <bindingRedirect oldVersion="1.0.0.0-3.0.0.0" newVersion="3.0.0.0"/> </dependentAssembly> <dependentAssembly> <assemblyIdentity name="System.Web.WebPages" publicKeyToken="31bf3856ad364e35"/> <bindingRedirect oldVersion="1.0.0.0-3.0.0.0" newVersion="3.0.0.0"/> </dependentAssembly> </assemblyBinding> </runtime> </configuration>
+3
Apr 20 '15 at 10:56
source share

I have the same problem, but not on my local computer, but this site had a site.

I removed the below line from the web configuration and now works.

 <dependentAssembly> <assemblyIdentity name="System.Web.WebPages.Razor" publicKeyToken="31bf3856ad364e35" /> <bindingRedirect oldVersion="0.0.0.0-3.0.0.0" newVersion="3.0.0.0" /> </dependentAssembly>
+1
May 27 '16 at 15:08
source share


More articles:


All Articles