为什么当用户被批准,并且不锁定可能Membership.ValidateUser返回false? [英] Why might Membership.ValidateUser return false when the user is approved and is not locked out?
问题描述
我知道这看起来类似于其他问题在这里,但我不认为我的情况是一样的他们。
I know this looks similar to other questions here but I don't think my case is the same as theirs.
我有一个使用AspNetSqlMembershipProvider来验证用户的网站。我想从一个控制台应用程序使用同一个数据库。根据网络我可以通过从web.config中的app.config复制相应的部分使用来自外部的ASP.NET类System.Web.Security.Membership上几篇文章。这就是我所做的。
I have a website that uses the AspNetSqlMembershipProvider to validate users. I would like to use the same database from a console application. According to several articles on the web I can use the System.Web.Security.Membership class from outside ASP.NET by copying the appropriate sections from web.config to app.config. That is what I did.
我的控制台机应用可以请求名获得用户,我可以确认用户是否被批准,并没有被锁定,但的ValidateUser返回正确的用户名和密码对假的。
My console appliction can get the user with the requested name and I can confirm that the user is approved and is not locked out but ValidateUser returns false for a correct username and password pair.
我找到的文章,人们有麻烦迁移code这可能是由于计算机密钥不匹配,但也发现了一个基准说如果了passwordFormat属性等于加密的,而我用这台机器密钥只使用散列。
I have found articles where people have had trouble with migrating code which may be due to a machine key mismatch but have also found a reference saying that machine key is only used if the passwordFormat property equals encrypted whereas I am using hashed.
是的问题,code的两块 - 网站和控制台应用程序 - 在不同的组件和密码哈希过程中正在使用的程序集名称或其他财产?在两种情况下,应用程序的名称属性设置为/.
Is the issue that the two pieces of code - the website and the console app - are in different assemblies and the assembly name or other property is being used during password hashing? In both cases the application name property is set to /.
我应该继续使用这种方法,或直接访问数据库和散列密码自己?
Should I continue with this approach or just access the database directly and hash the password myself?
推荐答案
原来,该网站code的原作者 - 谁是不是我 - 转换输入的密码为大写使用它之前。因为我不知道这一点,我的控制台应用程序并没有这样做的ValidateUser正确报告该密码不匹配。
It turns out that the original author of the website code - who was not me - converted the entered password to upper case before using it. As I didn't know this and my console application didn't do so ValidateUser was correctly reporting that the passwords did not match.
这篇关于为什么当用户被批准,并且不锁定可能Membership.ValidateUser返回false?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
