ASP.NET MVC + MySQL的成员资格提供,用户无法登录 [英] ASP.NET MVC + MySql Membership Provider, user cannot login
问题描述
我一直在使用MySQL作为成员资格提供了asp.net的MVC窗体身份验证玩耍。我已经得到了正确的事情,据我可以告诉配置,并且我可以通过这两个寄存器操作,asp.net web配置站点上创建用户。然而,当我尝试用用户之一登录,这是行不通的。它返回一个错误,如果我进入了一个错误的密码,或者如果该帐户不存在。
I've been playing around with using MySql as the membership provider for asp.net mvc forms authentication. I've got things configured correctly as far as i can tell, and i can create users via both the register action and asp.net web config site. however, when i try to login with one of the users, it does not work. it returns an error as if i had entered a wrong password, or if the account doesn't exist.
我已经在该帐户确实存在数据库验证。我在这里按照说明,以供参考: HTTP ://blog.tchami.com/post/ASPNET-MVC-2-and-MySQL-Membership-Provider.aspx
i have verified in the database that the account does exist. I've followed the instructions here for reference: http://blog.tchami.com/post/ASPNET-MVC-2-and-MySQL-Membership-Provider.aspx
下面是我的web.config:
here is my web.config:
<?xml version="1.0"?>
<!--
For more information on how to configure your ASP.NET application, please visit
http://go.microsoft.com/fwlink/?LinkId=152368
-->
<configuration>
<connectionStrings>
<add name="MySQLConn" connectionString="Server=localhost;Database=intereditor;Uid=<user>;Pwd=<password>;"/>
</connectionStrings>
<system.web>
<compilation debug="true" targetFramework="4.0">
<assemblies>
<add assembly="System.Web.Abstractions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
<add assembly="System.Web.Routing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
<add assembly="System.Web.Mvc, Version=2.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
</assemblies>
</compilation>
<authentication mode="Forms">
<forms
loginUrl="~/Account/LogOn"
timeout="2880"
name=".ASPXFORM$"
path="/"
requireSSL="false"
slidingExpiration="true"
enableCrossAppRedirects="false"
/>
</authentication>
<membership defaultProvider="MySqlMembershipProvider">
<providers>
<clear/>
<add name="MySqlMembershipProvider"
type="MySql.Web.Security.MySQLMembershipProvider,MySql.Web,Version=6.3.4.0, Culture=neutral,PublicKeyToken=c5687fc88969c44d"
autogenerateschema="true" connectionStringName="MySQLConn"
enablePasswordRetrieval="false" enablePasswordReset="true"
requiresQuestionAndAnswer="false" requiresUniqueEmail="false"
passwordFormat="Hashed" maxInvalidPasswordAttempts="5"
minRequiredPasswordLength="6" minRequiredNonalphanumericCharacters="0"
passwordAttemptWindow="10" passwordStrengthRegularExpression=""
applicationName="/" />
</providers>
</membership>
<profile defaultProvider="MySqlProfileProvider">
<providers>
<clear/>
<add name="MySqlProfileProvider"
type="MySql.Web.Profile.MySQLProfileProvider,MySql.Web,Version=6.3.4.0,Culture=neutral,PublicKeyToken=c5687fc88969c44d"
connectionStringName="MySQLConn" applicationName="/" />
</providers>
</profile>
<roleManager enabled="true" defaultProvider="MySqlRoleProvider">
<providers>
<clear />
<add name="MySqlRoleProvider"
type="MySql.Web.Security.MySQLRoleProvider,MySql.Web,Version=6.3.4.0,Culture=neutral,PublicKeyToken=c5687fc88969c44d"
connectionStringName="MySQLConn" applicationName="/" />
</providers>
</roleManager>
<pages>
<namespaces>
<add namespace="System.Web.Mvc" />
<add namespace="System.Web.Mvc.Ajax" />
<add namespace="System.Web.Mvc.Html" />
<add namespace="System.Web.Routing" />
</namespaces>
</pages>
</system.web>
<system.webServer>
<validation validateIntegratedModeConfiguration="false"/>
<modules runAllManagedModulesForAllRequests="true"/>
</system.webServer>
<runtime>
<assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
<dependentAssembly>
<assemblyIdentity name="System.Web.Mvc" publicKeyToken="31bf3856ad364e35" />
<bindingRedirect oldVersion="1.0.0.0" newVersion="2.0.0.0" />
</dependentAssembly>
</assemblyBinding>
</runtime>
</configuration>
任何人都可以请帮我鉴定什么是错的,使用户可以登录?
Can anyone please help me identify what is wrong so that users can login?
更新
所以在会员提供者本身的code调试登录过程后,我发现有一个在供应商的错误。有被存储在数据库中的密码散列之间的差异,并且具有根据所输入的密码产生的。至于我的问题的解决方法,我改变了密码格式为encrpyted,并增加了机械钥匙我的web.config。
So after debugging the login process in the code of the membership provider itself, i discovered that there is a bug in the provider. There is a discrepancy between the password hash that is stored in the database, and the has that is generated based on the inputted password. As a workaround for my issue, i changed the password format to 'encrpyted' and added a machine key to my web.config.
我在与供应商的散列格式搞清楚这个问题仍然有兴趣,并会花更多的时间调试它,如果我能找出问题,我会放在一起补丁并提交。
I am still interested in figuring out the issue with the hashed format in the provider, and will spend some more time debugging it, and if i can figure out the problem, i will put together a patch and submit it.
推荐答案
在.NET 4中开始,由MySQL连接器使用的哈希算法,SHA1从变更为更复杂的东西(HMACSHA256)。
Starting with .NET 4, the hashing algorithm used by the MySQL connector changed from SHA1 to something more complicated (HMACSHA256).
要克服这一点,你可以改变你的web.config文件:
To overcome this, you can change your web.config file:
<membership
defaultProvider="AspNetMySqlMembershipProvider"
hashAlgorithmType="SHA1">
更多关于可以发现:
<一href=\"http://www.devart.com/forums/viewtopic.php?t=17508&postdays=0&postorder=asc&start=15&sid=ed160634c0e76b0fb1a4a565e8b5e200\" rel=\"nofollow\">http://www.devart.com/forums/viewtopic.php?t=17508&postdays=0&postorder=asc&start=15&sid=ed160634c0e76b0fb1a4a565e8b5e200
这篇关于ASP.NET MVC + MySQL的成员资格提供,用户无法登录的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!