获取大量这些消息成员身份凭证验证失败

时间:2014-01-18 19:28:07

标签: c# asp.net-mvc iis-7.5 membership-provider

我在事件查看器中收到了很多这些内容:

Event code: 4006 
Event message: Membership credential verification failed. 
Event time: 1/18/2014 11:33:27 AM 
Event time (UTC): 1/18/2014 5:33:27 PM 
Event ID: dd4b04a795db4e5ab5fafd8243280047 
Event sequence: 1224 
Event occurrence: 28 
Event detail code: 0 

Application information: 
    Application domain: /LM/W3SVC/3/ROOT/SuburbanCustPortal-1-130345141090318852 
    Trust level: Full 
    Application Virtual Path: /SuburbanCustPortal 
    Application Path: C:\inetpub\secure.ssswebportal.com\SuburbanCustPortal\ 
    Machine name: WIN-OB929P97YAR 

Process information: 
    Process ID: 4384 
    Process name: w3wp.exe 
    Account name: NT AUTHORITY\NETWORK SERVICE 

Request information: 
    Request URL: http://myurl.com:443/SuburbanCustPortal/Account/Logon2 
    Request path: /SuburbanCustPortal/Account/Logon2 
    User host address: xxx.xxx.xxx.xxx 
    User:  
    Is authenticated: False 
    Authentication Type:  
    Thread account name: NT AUTHORITY\NETWORK SERVICE 

Name to authenticate: nancyduve 

Custom event details:

似乎总是在Logon2网址上发生。

这是我的Logon2:

 public ActionResult Logon2(LogOnModel model, string returnUrl, string corpid)

{
  var control = Logging.StartLog();
  control.Source = SourceEnum.WebPortal;
  control.SessionId = Session.SessionID;

  try
  {
    Logging.WriteLog("Starting Logon2");
    Logging.WriteLog("returnUrl: " + returnUrl);
    Logging.WriteLog("corpid: " + corpid);
    Logging.WriteLog("model.UserName: " + model.UserName);
    Logging.WriteLog("model.Password: " + model.Password);

    Logging.WriteLog(string.Format("ModelState.IsValid: {0}", ModelState.IsValid));
    if (ModelState.IsValid)
    {
      if (Membership.ValidateUser(model.UserName, model.Password))
      {
        Logging.WriteLog("Validated User");
        Logging.WriteLog(string.Format("model.UserName: {0}", model.UserName));


        FormsAuthentication.SetAuthCookie(model.UserName, true);
        if (Url.IsLocalUrl(returnUrl) && returnUrl.Length > 1
            && returnUrl.StartsWith("/")
            && !returnUrl.StartsWith("//")
            && !returnUrl.StartsWith("/\\"))
        {
          Logging.WriteLog("Redirect(returnUrl)");
          return Redirect(returnUrl);
        }

        Logging.WriteLog("Start _client.RequestCustomersForAccount(model.UserName)");
        var customer = _client.RequestCustomerForAccount(model.UserName);

        // ********** NO ACCOUNTS FOUND ************
        // No customers assigned to this login
        // take them to the add account screen
        if (customer == null)
        {
          // no accounts tied to this logon
          Logging.WriteLog("No accounts found for this login.");
          Logging.WriteLog("RedirectToAction(AddCustomer, Customer)");
          // we need to make sure the branch account number is blank from any prior visits
          Session[SessionEnums.CurrentAccountGuid.ToString()] = string.Empty;
          Session[SessionEnums.CurrentBranchNumber.ToString()] = string.Empty;
          Session[SessionEnums.CurrentAccountNumber.ToString()] = string.Empty;
          return RedirectToAction("AddCustomer", "Customer");
        }

        // the account's tokenid that was used when the account was created 
        // takes presidence over the one being passed in since the account
        // login is specific to the original company that they signed up with
        Guid acctguid;
        if (Guid.TryParse(customer.AccountId, out acctguid))
        {
          var tokenid = _client.GetAccountTokenId(acctguid);
          if (tokenid != Guid.Empty)
          {
            GetCookieInfo.TokenId = tokenid.ToString();
            Session[SessionEnums.TokenId.ToString()] = tokenid.ToString();
          }
        }

        Logging.WriteLog("RedirectToAction(AccountScreen, Customer)");
        model.AccountId = customer.AccountId;

        // save this account info in the cookie and session 
        Session[SessionEnums.CurrentAccountGuid.ToString()] = customer.AccountId;
        Session[SessionEnums.CurrentBranchNumber.ToString()] = customer.Branch;
        Session[SessionEnums.CurrentAccountNumber.ToString()] = customer.AccountNumber;

        Logging.WriteLog(string.Format("customer.AccountId: {0}", customer.AccountId));
        Logging.WriteLog(string.Format("customer.Branch: {0}", customer.Branch));
        Logging.WriteLog(string.Format("customer.AccountNumber: {0}", customer.AccountNumber));
        // only 1 account tied to this logon
        return RedirectToAction("AccountScreen", "Customer");
      }
      else
      {
        var user = Membership.GetUser(model.UserName);
        if (user != null && user.IsLockedOut)
        {
          const string lockedmsg =
            "This account has been locked due to too many login attempts. Please reset your password to unlock this account.";
          Logging.WriteLog(lockedmsg);
          ModelState.AddModelError(string.Empty, lockedmsg);
        }

        if (user != null && !user.IsApproved)
        {
          const string lockedmsg =
            "This account has been registered but the email that was sent was never authenticated. Please check your email account for this email.";
          Logging.WriteLog(lockedmsg);
          ModelState.AddModelError(string.Empty, lockedmsg);
        }
        else
        {
          const string msg = "Invalid username or password.";
          Logging.WriteLog(msg);
          ModelState.AddModelError(string.Empty, msg);
        }
      }
    }

    // If we got this far, something failed, redisplay form
    return View("Logon");
  }
  catch (Exception ex)
  {
    Logging.WriteLog(string.Format("exception: {0}", ex.Message));
    Logging.WriteException(ex);
    return View("Logon");
  }
  finally
  {
    Logging.WriteLog(control, "End Logon2");
  }
}

我在代码中遗漏了什么或这是正常的日志吗?

1 个答案:

答案 0 :(得分:0)

您是否检查过ApplicationName中的Web.Config是否已正确设置?就在那时我最常见到这个错误。

或者你可能有一个被锁定的用户(nancy)并且她一直试图登录,你是否已经启用锁定用户并且可以检查她是否符合这个标准?

相关问题
最新问题