从3.5升级到ASP.net 4.0后登录失败 [英] Login fails after upgrade to ASP.net 4.0 from 3.5
问题描述
我无法登录使用的任何成员的使用.NET 4.0版本的应用程序的帐户。它没有像它是错误的密码,FailedPasswordAttemptCount在my_aspnet_membership表递增。 (我使用的会员有MySQL的成员提供。)
I cannot log in using any of the membership accounts using .net 4.0 version of the app. It fails like it's the wrong password, and FailedPasswordAttemptCount is incremented in my_aspnet_membership table. (I am using membership with mysql membership provider.)
我可以创建新用户。它们出现在数据库中。但我不能登录使用新的用户凭证(是的,IsApproved为1)。
I can create new users. They appear in the database. But I cannot log in using the new user credentials (yes, IsApproved is 1).
一个线索是,在数据库中的散列密码的长度为用户使用asp.net 4.0版本创建的,如3lwRden4e4Cm + cWVY / spa8oC3XGiKyQ2UWs5fxQ5l7g =,和老.NET 3.5的人都像+ JQf1EcttK + 3fZiFpbBANKVa92c = 。
One clue is that the hashed passwords in the database is longer for the users created using the asp.net 4.0 version, e.g 3lwRden4e4Cm+cWVY/spa8oC3XGiKyQ2UWs5fxQ5l7g=, and the old .net 3.5 ones are all like +JQf1EcttK+3fZiFpbBANKVa92c=.
连接到同一个数据库与.NET 3.5版本时,我仍然可以登录,但仅限于旧账,而不是新的.NET 4.0版本创建的。 4.0版本不能在任何帐户登录。
I can still log in when connecting to the same db with the .net 3.5 version, but only to the old accounts, not the new ones created with the .net 4.0 version. The 4.0 version cannot log in to any accounts.
我想丢弃在我的测试系统整个数据库,会员表上的第一次运行则自动创建的,但它仍然是相同的,可以创建用户,但无法登录。
I tried dropping the whole database on my test system, the membership tables are then auto created on first run, but it's still the same, can create users, but can't log in.
推荐答案
请参阅:<一href="http://www.asp.net/%28S%28ywiyuluxr3qb2dfva1z5lgeg%29%29/learn/whitepapers/aspnet4/breaking-changes/#0.1__Toc256770148">HERE
默认的哈希算法已经改变了.NET 4.0。默认散列算法现在HMACSHA256。早期版本的ASP.NET中使用的旧的HMACSHA1算法。
The default hashing algorithm has changed for .net 4.0. Default Hashing Algorithm Is Now HMACSHA256. Earlier versions of ASP.NET used the older HMACSHA1 algorithm.
要配置ASP.NET 4 Web应用程序使用旧HMACSHA1算法,下面的设置添加到Web.config文件的system.web节:
To configure an ASP.NET 4 Web application to use the older HMACSHA1 algorithm, add the following setting to the system.web section of the Web.config file:
<machineKey validation="SHA1"/>
这篇关于从3.5升级到ASP.net 4.0后登录失败的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
