Login Not Complete

Feb 10, 2009 at 8:56 PM
I installed the app correctly and it comes up and I go to login and it seems to logon successfully, but goes back to default page and "login" link still shows and no admin menu exists.  I did every way possible to make sure App_Data is r/w.  I have tried to go from xml to sql and with sql I get a stored proc not found error.  So, I am fine with blog being in sql and logons in xml.  I just cannot seem to get it to really logon

Hosted on discountasp.net
using version 1.4.5
Feb 10, 2009 at 9:27 PM
What happens if you put the wrong password in ... do you get a "your login attempt was not successful" message?

You could give another browser a quick try to see if it makes any difference.  If you're using IE, you could try putting your blog's domain name in IE's trusted site list to see if that makes a difference.  I suggest this because if you're security settings in IE are high, they could be not allowing the BE login cookie to be saved.
Feb 11, 2009 at 1:09 AM
I have pointed it to the database and it updates user last logon date, but when going back to default.aspx, the login still shows and nothing showing I logged on.
Feb 11, 2009 at 1:35 AM
It's good you checked that.  It sounds like BE authenticates you and sends a cookie to your browser.  You can search the past Discussions here for others who have had this problem, but a couple of reasons they had this problem in recent discussions turned out to be ...

1. Browser isn't accepting cookies.  This is either because cookies are disabled in the browser or the browser's security settings are set too high.  Trying to log in with a different browser will pretty quickly determine if this is the problem.

2. Domain forwarding/masking.  If you have domain masking setup at GoDaddy or at your registrar, this can cause this problem because the cookie is being set for the wrong domain.
Feb 11, 2009 at 1:42 AM
Hello, I did notice when I run it on localhost, it creates two cookies, but on hosted site, it only creates one.  BLOGENGINEROLES is missing.....
Feb 11, 2009 at 1:55 AM
That's the problem then, since that cookie is needed.  In this discussion, Tony had the same problem which you can read about.  Not sure if it's the same situation as yours.

Are you using the web.config file that comes with BE, or have you made any modifications to it?  Is BE installed in a subfolder?  If so, it might be inheriting some other authentication settings from the parent folder.

You could try setting 'cacheRolesInCookie' in your web.config file to 'false' as a suggestion made in that other thread.
Feb 11, 2009 at 2:13 AM
no luck, I am may just try another tool.
Feb 11, 2009 at 3:24 AM
Edited Feb 11, 2009 at 4:01 AM
OK, I got to get this working
it's in a hosted site and in a folder with installed app.
it works great locally

<?xml version="1.0"?>
    <sectionGroup name="BlogEngine">
      <section name="blogProvider" requirePermission="false" type="BlogEngine.Core.Providers.BlogProviderSection, BlogEngine.Core" allowDefinition="MachineToApplication" restartOnExternalChanges="true"/>
    <blogProvider defaultProvider="DbBlogProvider">
        <add name="XmlBlogProvider" type="BlogEngine.Core.Providers.XmlBlogProvider, BlogEngine.Core"/>
        <add name="DbBlogProvider" type="BlogEngine.Core.Providers.DbBlogProvider, BlogEngine.Core" connectionStringName="BlogEngine" />
  <!-- configSource is not implemented in Mono.
    <connectionStrings configSource="sql.config" />
    <add name="LocalSqlServer" connectionString="dummy"/>
    <!-- Mono complains if LocalSqlServer isn't specified -->
    <add name="BlogEngine" connectionString="XX"

    <add key="BlogEngine.FileExtension" value=".aspx"/>
    <!-- You can e.g. use "~/blog/" if BlogEngine.NET is not located in the root of the application -->
    <add key="BlogEngine.VirtualPath" value="~/"/>
    <!-- The regex used to identify mobile devices so a different theme can be shown -->
    <add key="BlogEngine.MobileDevices" value="(nokia|sonyericsson|blackberry|samsung|sec\-|windows ce|motorola|mot\-|up.b|midp\-)"/>
    <!-- The name of the role with administrator permissions -->
    <add key="BlogEngine.AdminRole" value="Administrators"/>
    <!--This value is to provide an alterantive location for storing data.-->
    <add key="StorageLocation" value="~/App_Data/"/>
    <!--A comma separated list of script names to hard minify. It's case-sensitive. -->
    <add key="BlogEngine.HardMinify" value="blog.js,widget.js,WebResource.axd"/>

    <compilation debug="true">
        <add assembly="System.Management, Version=, Culture=neutral, PublicKeyToken=B03F5F7F11D50A3A"/>
        <add assembly="System.Configuration, Version=, Culture=neutral, PublicKeyToken=B03F5F7F11D50A3A"/>
        <add assembly="System.Data, Version=, Culture=neutral, PublicKeyToken=B77A5C561934E089"/>
        <add assembly="System, Version=, Culture=neutral, PublicKeyToken=B77A5C561934E089"/>
        <add assembly="System.Drawing, Version=, Culture=neutral, PublicKeyToken=B03F5F7F11D50A3A"/>
        <add assembly="System.Web, Version=, Culture=neutral, PublicKeyToken=B03F5F7F11D50A3A"/>
        <add assembly="System.Xml, Version=, Culture=neutral, PublicKeyToken=B77A5C561934E089"/>

    <globalization requestEncoding="utf-8" responseEncoding="utf-8" culture="auto" uiCulture="auto"/>
    <httpRuntime enableVersionHeader="false" useFullyQualifiedRedirectUrl="true" maxRequestLength="16384" executionTimeout="3600" requestLengthDiskThreshold="16384"/>
    <machineKey validationKey="D9F7287EFDE8DF4CAFF79011D5308643D8F62AE10CDF30DAB640B7399BF6C57B0269D60A23FBCCC736FC2487ED695512BA95044DE4C58DC02C2BA0C4A266454C" decryptionKey="BDAAF7E00B69BA47B37EEAC328929A06A6647D4C89FED3A7D5C52B12B23680F4" validation="SHA1" decryption="AES"/>

    <authentication mode="Forms">
      <forms timeout="129600" name=".AUXBLOGENGINE" protection="All" slidingExpiration="true" loginUrl="~/login.aspx" cookieless="UseCookies"/>

    <pages enableSessionState="false" enableViewStateMac="true" enableEventValidation="true">
        <add namespace="Controls" tagPrefix="blog"/>

    <customErrors mode="Off">


    <membership defaultProvider="DbMembershipProvider">
        <add name="XmlMembershipProvider" type="BlogEngine.Core.Providers.XmlMembershipProvider, BlogEngine.Core" description="XML membership provider" passwordFormat="Hashed"/>
        <add name="SqlMembershipProvider" type="System.Web.Security.SqlMembershipProvider" connectionStringName="BlogEngine" applicationName="BlogEngine"/>
        <add name="DbMembershipProvider" type="BlogEngine.Core.Providers.DbMembershipProvider, BlogEngine.Core" passwordFormat="Hashed" connectionStringName="BlogEngine"/>

    <roleManager defaultProvider="DbRoleProvider" enabled="true" cacheRolesInCookie="true" cookieName=".BLOGENGINEROLES">
        <add name="XmlRoleProvider" type="BlogEngine.Core.Providers.XmlRoleProvider, BlogEngine.Core" description="XML role provider"/>
        <add name="SqlRoleProvider" type="System.Web.Security.SqlRoleProvider" connectionStringName="BlogEngine" applicationName="BlogEngine"/>
        <add name="DbRoleProvider" type="BlogEngine.Core.Providers.DbRoleProvider, BlogEngine.Core" connectionStringName="BlogEngine"/>

    <siteMap defaultProvider="PageSiteMap" enabled="true">
        <add name="PageSiteMap" description="The site map provider that reads in the .sitemap XML files." type="BlogEngine.Core.Web.Controls.PageSiteMap, BlogEngine.Core"/>
        <add name="SecuritySiteMap" description="Used for authenticated users." type="System.Web.XmlSiteMapProvider, System.Web, Version=, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" securityTrimmingEnabled="true" siteMapFile="Web.sitemap"/>

      <add name="WwwSubDomainModule" type="BlogEngine.Core.Web.HttpModules.WwwSubDomainModule, BlogEngine.Core"/>
      <add name="UrlRewrite" type="BlogEngine.Core.Web.HttpModules.UrlRewrite, BlogEngine.Core"/>
      <add name="CompressionModule" type="BlogEngine.Core.Web.HttpModules.CompressionModule, BlogEngine.Core"/>
      <add name="ReferrerModule" type="BlogEngine.Core.Web.HttpModules.ReferrerModule, BlogEngine.Core"/>
      <!--Remove the default ASP.NET modules we don't need-->
      <remove name="PassportAuthentication"/>
      <remove name="Profile"/>
      <remove name="AnonymousIdentification"/>

      <add verb="*" path="file.axd" type="BlogEngine.Core.Web.HttpHandlers.FileHandler, BlogEngine.Core" validate="false"/>
      <add verb="*" path="image.axd" type="BlogEngine.Core.Web.HttpHandlers.ImageHandler, BlogEngine.Core" validate="false"/>
      <add verb="*" path="syndication.axd" type="BlogEngine.Core.Web.HttpHandlers.SyndicationHandler, BlogEngine.Core" validate="false"/>
      <add verb="*" path="sitemap.axd" type="BlogEngine.Core.Web.HttpHandlers.SiteMap, BlogEngine.Core" validate="false"/>
      <add verb="*" path="trackback.axd" type="BlogEngine.Core.Web.HttpHandlers.TrackbackHandler, BlogEngine.Core" validate="false"/>
      <add verb="*" path="pingback.axd" type="BlogEngine.Core.Web.HttpHandlers.PingbackHandler, BlogEngine.Core" validate="false"/>
      <add verb="*" path="opensearch.axd" type="BlogEngine.Core.Web.HttpHandlers.OpenSearchHandler, BlogEngine.Core" validate="false"/>
      <add verb="*" path="metaweblog.axd" type="BlogEngine.Core.API.MetaWeblog.MetaWeblogHandler, BlogEngine.Core" validate="false"/>
      <add verb="*" path="rsd.axd" type="BlogEngine.Core.Web.HttpHandlers.RsdHandler, BlogEngine.Core" validate="false"/>
      <add verb="*" path="css.axd" type="BlogEngine.Core.Web.HttpHandlers.CssHandler, BlogEngine.Core" validate="false"/>
      <add verb="*" path="js.axd" type="BlogEngine.Core.Web.HttpHandlers.JavaScriptHandler, BlogEngine.Core" validate="false"/>
      <add verb="*" path="rating.axd" type="BlogEngine.Core.Web.HttpHandlers.RatingHandler, BlogEngine.Core" validate="false"/>
      <add verb="*" path="opml.axd" type="BlogEngine.Core.Web.HttpHandlers.OpmlHandler, BlogEngine.Core" validate="false"/>
      <add verb="*" path="blogml.axd" type="BlogEngine.Core.Web.HttpHandlers.BlogMLExportHandler, BlogEngine.Core" validate="false"/>
      <add verb="*" path="sioc.axd" type="BlogEngine.Core.Web.HttpHandlers.Sioc, BlogEngine.Core" validate="false"/>
      <add verb="*" path="apml.axd" type="BlogEngine.Core.Web.HttpHandlers.Apml, BlogEngine.Core" validate="false"/>
      <add verb="*" path="foaf*.axd" type="BlogEngine.Core.Web.HttpHandlers.Foaf, BlogEngine.Core" validate="false"/>

Feb 11, 2009 at 3:49 AM
Thanks for the url to your blog, it helped.  I just tried logging in using the default admin credentials and I think I found the problem (or at least one problem).  The ".AUXBLOGENGINE" cookie is coming back from your blog with a path of "Admin".  This means the cookie is only recognized when you're in the Admin folder.  The path should instead be either / or /blog.  I'm not sure where "Admin" is coming from.  Maybe from a web.config file you have in your root folder?  Either way, you can try manually setting the path to /blog.  Change the <forms> element in your web.config file to include an explicit path:

<forms timeout="129600" name=".AUXBLOGENGINE" protection="All" slidingExpiration="true" loginUrl="~/login.aspx" cookieless="UseCookies" path="/blog" />

I still don't see the BLOGENGINEROLES cookie, but you can try changing it so the roles aren't stored in a cookie (if you haven't already tried).  Changing the 'cacheRolesInCookie' value from 'true' to 'false' should accomplish this:

<roleManager defaultProvider="DbRoleProvider" enabled="true" cacheRolesInCookie="false" cookieName=".BLOGENGINEROLES">
Feb 11, 2009 at 3:59 AM
your the Best!!!!!!!!!!  That was my problem.  I needed to add the folder for forms/cookie