I eventually want to use this example: How to do Active Directory authentication in Razor (cshtml) to put authentication in place - however first I need my application to just use forms authentication.
I used the Starter Site form WebMatrix as an example and I think I am stuck on the hashing of the password.
In my table in the DB the column for the password is just filled with the text "pIg1et!" because I only care that the username is in the list - the actual authentication of the password will be done against the Active Directory.
create table webpages_Membership (
UserID int,
CreateDate datetime default NULL,
ConfirmationTokin varchar(128) default NULL,
IsConfirmed int default 0,
LastPasswordFailureDate datetime default null,
PasswordFailuresSinceLastSuccess int default 0,
[Password] varchar(128),
PasswordChangeDate datetime default null,
PasswordSalt varchar(128) default null,
PasswordVerificationToken varchar(128) default null,
PasswordVerificationTokenExpirationDate datetime default null
);
go
delete from webpages_Membership;
insert into webpages_Membership select distinct teacherid, getdate(), null, 1, null, 0, 'pIg1et!', null, null, null, null from IC_ADO;
On the Server - in this file:
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\Config\machine.config
I have the following:
<system.web>
<membership>
<providers>
<add name="AspNetSqlMembershipProvider" type="System.Web.Security.SqlMembershipProvider, System.Web, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" connectionStringName="STUDENT" enablePasswordRetrieval="false" enablePasswordReset="false" requiresQuestionAndAnswer="false" applicationName="/" requiresUniqueEmail="false" passwordFormat="Clear" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="7" minRequiredNonalphanumericCharacters="1" passwordAttemptWindow="10" passwordStrengthRegularExpression=""/>
</providers>
</membership>
originally the passwordFormat was set to "Hashed".
after an iisreeset I was hoping that I would not get this error when I go to login:
Line 14: if(IsPost && !Request["myusername"].IsEmpty() ){
Line 15:
Line 16: if (WebSecurity.Login(myusername, "pIg1et!", true))
Line 17: {
Line 18: Response.Redirect("~/Academic");
[FormatException: The input is not a valid Base-64 string as it contains a non-base 64 character, more than two padding characters, or a non-white space character among the padding characters. ]
System.Convert.FromBase64String(String s) +0
System.Web.Helpers.Crypto.VerifyHashedPassword(String hashedPassword, String password) +55
WebMatrix.WebData.SimpleMembershipProvider.CheckPassword(IDatabase db, Int32 userId, String password) +48
WebMatrix.WebData.SimpleMembershipProvider.ValidateUser(String username, String password) +202
WebMatrix.WebData.WebSecurity.Login(String userName, String password, Boolean persistCookie) +83
ASP._Page_Account_Login_cshtml.Execute() in c:\inetpub\wwwroot\Academic\Account\Login.cshtml:16
System.Web.WebPages.WebPageBase.ExecutePageHierarchy() +280
System.Web.WebPages.WebPage.ExecutePageHierarchy() +339
System.Web.WebPages.StartPage.ExecutePageHierarchy() +143
System.Web.WebPages.WebPageBase.ExecutePageHierarchy(WebPageContext pageContext, TextWriter writer, WebPageRenderingBase startPage) +181
System.Web.WebPages.WebPageHttpHandler.ProcessRequestInternal(HttpContextBase httpContext) +207
I was hoping that by putting the passwordFormat to "Clear" that the string I put in my WebSecurity.Login( ___ , "pIg1et!", true) would work fine against my password column in my DB which also has values of "pIg1et!"
what is going on here?
Thanks! Molly
