1

I know this looks similar to other questions here but I don't think my case is the same as theirs.

I have a website that uses the AspNetSqlMembershipProvider to validate users. I would like to use the same database from a console application. According to several articles on the web I can use the System.Web.Security.Membership class from outside ASP.NET by copying the appropriate sections from web.config to app.config. That is what I did.

My console appliction can get the user with the requested name and I can confirm that the user is approved and is not locked out but ValidateUser returns false for a correct username and password pair.

I have found articles where people have had trouble with migrating code which may be due to a machine key mismatch but have also found a reference saying that machine key is only used if the passwordFormat property equals encrypted whereas I am using hashed.

Is the issue that the two pieces of code - the website and the console app - are in different assemblies and the assembly name or other property is being used during password hashing? In both cases the application name property is set to /.

Should I continue with this approach or just access the database directly and hash the password myself?

Nick Williamson
  • 205
  • 3
  • 11
  • Here is one troubleshooting tip: Create a new user from the windows app and then try to validate that user credentials. See if that works. – gbs Jan 05 '11 at 18:00
  • I was able to validate a user which I created which caused me to investigate the website code which in turn lead me to the answer so thanks for the tip. – Nick Williamson Jan 07 '11 at 10:03

2 Answers2

0

Have a look at this article:

http://www.theproblemsolver.nl/usingthemembershipproviderinwinforms.htm

Adding the membership configuration settings in your app.config may help.

Hope it helps!

Vaibhav
  • 1,156
  • 2
  • 12
  • 27
  • I have already copied the membership configuration settings from my web.config. I can use Membership.GetUser in my console application to retrieve the user so I know the database connection is working but Membership.ValidateUser is returning false. – Nick Williamson Jan 05 '11 at 10:56
0

It turns out that the original author of the website code - who was not me - converted the entered password to upper case before using it. As I didn't know this and my console application didn't do so ValidateUser was correctly reporting that the passwords did not match.

Nick Williamson
  • 205
  • 3
  • 11