Hybrid site login troubles (email / username)

[eswanzey]

RC2, DNN 9.9.2, email address as username, hybrid site

I have a hybrid site that has login issues. When logging in via a DNN login page, specifying email works as expected. When logging in via a Vanjaro login page, email doesn't work ("inavlid email") but username does.

There are often exceptions in the server log such as the following. I believe this is because when logging in via Vanjaro with username method mentioned above, that crashes the page:

Exception information:
Exception type: ProviderException
Exception message: The E-mail supplied is invalid.
at System.Web.Security.SqlMembershipProvider.UpdateUser(MembershipUser user)
at System.Web.Security.MembershipUser.Update()
at DotNetNuke.Security.Membership.AspNetMembershipProvider.UpdateUserMembership(UserInfo user)

Answers to these questions would help me in diagnosing the problem:

1. What would cause a Vanjaro login page to have a "Standard" tab?
2. When logging in via a Vanjaro login tab, email address doesn't work, only username works. Why would that be?
3. If the Vanjaro login page is deleted, and the DNN recycle bin is empty, attempts to create a new page called Login results in the message "Login is an invalid page title." Is there a workaround for this?

[eswanzey]

#2 is resolved and here was the cause. The site was originally setup with username for login, then was switched to using email address for username. The disconnect was due to the fact that aspnet_users.username, aspnet_users.loweredusername, and users.username had the old usernames instead of email address. Once those three fields were updated to match the loweredemailaddress, Vanjaro accepted email for login.

#1 and #3 are still unanswered questions!

[hshimanshusharma]

1. What would cause a Vanjaro login page to have a "Standard" tab?

You have to disable the Default Authentication Extension see the attached file

[hshimanshusharma]

3. If the Vanjaro login page is deleted, and the DNN recycle bin is empty, attempts to create a new page called Login results in the message "Login is an invalid page title." Is there a workaround for this?

The "Login" name internally using in DNN so cannot create a page with the name "Login"

[eswanzey]

There is one remaining oddity that I haven't been able to consistently replicate. Some users try to login and immediately get an additional login from IIS over the top of the page. Both logins fail. The DNN default authentication extension has been disabled, and the login page is a Vanjaro page. The stack trace is below. I've attached a screenshot, notice the URL in the browser bar that includes an error message.

AbsoluteURL:/API/Login/Login/UserLogin

DefaultDataProvider:DotNetNuke.Data.SqlDataProvider, DotNetNuke

ExceptionGUID:5aac349a-f6e8-4206-a531-70ed915065eb

AssemblyVersion:

PortalId:-1

UserId:-1

TabId:-1

RawUrl:

Referrer:

UserAgent:

ExceptionHash:uWZ7iyHDW58ikhcHoKNpj6gh6H4=

Message:The anti-forgery cookie token and form field token do not match.

StackTrace:

at DotNetNuke.Web.Api.ValidateAntiForgeryTokenAttribute.OnActionExecuting(HttpActionContext actionContext)
at System.Web.Http.Filters.ActionFilterAttribute.OnActionExecutingAsync(HttpActionContext actionContext, CancellationToken cancellationToken)
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Web.Http.Tracing.Tracers.ActionFilterAttributeTracer.<>c__DisplayClassd.<b__a>d__f.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Web.Http.Tracing.ITraceWriterExtensions.d__24.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Web.Http.Filters.ActionFilterAttribute.d__0.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Web.Http.Controllers.ActionFilterResult.d__2.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Web.Http.Filters.AuthorizationFilterAttribute.d__2.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Web.Http.Filters.AuthorizationFilterAttribute.d__2.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Web.Http.Filters.AuthorizationFilterAttribute.d__2.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Web.Http.Filters.AuthorizationFilterAttribute.d__2.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Web.Http.Filters.AuthorizationFilterAttribute.d__2.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Web.Http.Filters.AuthorizationFilterAttribute.d__2.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Web.Http.Controllers.ExceptionFilterResult.d__0.MoveNext()

[hshimanshusharma]

Once try with Set Page As option of page extension in VanjaroUX

[eswanzey]

I did what you suggest and the behavior is still occurring. I'm seeing the following in the console.

[eswanzey]

I can finally reproduce this odd behavior on a hybrid site. Here's a screencast showing the behavior whereby Persona Bar gets replaced by Vanjaro Bar on a DNN page - https://www.screencast.com/t/SrxlOa3lQrj

steps to reproduce:

1. login to a DNN page as a superuser on a hybrid site
2. navigate to a Vanjaro page on the same site
3. sign out while on the Vanjaro page
4. return to the DNN page and login again
5. the Persona Bar is replaced with a non-functional Vanjaro Bar

Attached are a before and after cookie for comparison

cookie when all is well.txt
cookie after performing steps.txt