ASP.NET MVC + MySQL的成员资格提供，用户无法登录 [英] ASP.NET MVC + MySql Membership Provider, user cannot login

问题描述

我一直在使用MySQL作为成员资格提供了asp.net的MVC窗体身份验证玩耍。我已经得到了正确的事情，据我可以告诉配置，并且我可以通过这两个寄存器操作，asp.net web配置站点上创建用户。然而，当我尝试用用户之一登录，这是行不通的。它返回一个错误，如果我进入了一个错误的密码，或者如果该帐户不存在。

I've been playing around with using MySql as the membership provider for asp.net mvc forms authentication. I've got things configured correctly as far as i can tell, and i can create users via both the register action and asp.net web config site. however, when i try to login with one of the users, it does not work. it returns an error as if i had entered a wrong password, or if the account doesn't exist.

我已经在该帐户确实存在数据库验证。我在这里按照说明，以供参考： HTTP ：//blog.tchami.com/post/ASPNET-MVC-2-and-MySQL-Membership-Provider.aspx

i have verified in the database that the account does exist. I've followed the instructions here for reference: http://blog.tchami.com/post/ASPNET-MVC-2-and-MySQL-Membership-Provider.aspx

下面是我的web.config：

here is my web.config:

<?xml version="1.0"?>

<!--
  For more information on how to configure your ASP.NET application, please visit
  http://go.microsoft.com/fwlink/?LinkId=152368
  -->

<configuration>
  <connectionStrings>
      <add name="MySQLConn" connectionString="Server=localhost;Database=intereditor;Uid=<user>;Pwd=<password>;"/>
  </connectionStrings>

  <system.web>
    <compilation debug="true" targetFramework="4.0">
      <assemblies>
        <add assembly="System.Web.Abstractions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
        <add assembly="System.Web.Routing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
        <add assembly="System.Web.Mvc, Version=2.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
      </assemblies>
    </compilation>

    <authentication mode="Forms">
      <forms 
        loginUrl="~/Account/LogOn" 
        timeout="2880"
        name=".ASPXFORM$"
        path="/"
        requireSSL="false"
        slidingExpiration="true"
        enableCrossAppRedirects="false"
        />
    </authentication>

    <membership defaultProvider="MySqlMembershipProvider">
      <providers>
        <clear/>
        <add name="MySqlMembershipProvider"
      type="MySql.Web.Security.MySQLMembershipProvider,MySql.Web,Version=6.3.4.0, Culture=neutral,PublicKeyToken=c5687fc88969c44d"
        autogenerateschema="true" connectionStringName="MySQLConn"
        enablePasswordRetrieval="false" enablePasswordReset="true"
        requiresQuestionAndAnswer="false" requiresUniqueEmail="false"
        passwordFormat="Hashed" maxInvalidPasswordAttempts="5"
        minRequiredPasswordLength="6" minRequiredNonalphanumericCharacters="0"
        passwordAttemptWindow="10" passwordStrengthRegularExpression=""
        applicationName="/" />
      </providers>
    </membership>

    <profile defaultProvider="MySqlProfileProvider">
      <providers>
        <clear/>
        <add name="MySqlProfileProvider"
        type="MySql.Web.Profile.MySQLProfileProvider,MySql.Web,Version=6.3.4.0,Culture=neutral,PublicKeyToken=c5687fc88969c44d"
        connectionStringName="MySQLConn" applicationName="/" />
      </providers>
    </profile>

    <roleManager enabled="true" defaultProvider="MySqlRoleProvider">
      <providers>
        <clear />
        <add name="MySqlRoleProvider"
        type="MySql.Web.Security.MySQLRoleProvider,MySql.Web,Version=6.3.4.0,Culture=neutral,PublicKeyToken=c5687fc88969c44d"
        connectionStringName="MySQLConn" applicationName="/" />
      </providers>
    </roleManager>
    <pages>
      <namespaces>
        <add namespace="System.Web.Mvc" />
        <add namespace="System.Web.Mvc.Ajax" />
        <add namespace="System.Web.Mvc.Html" />
        <add namespace="System.Web.Routing" />
      </namespaces>
    </pages>
  </system.web>

  <system.webServer>
    <validation validateIntegratedModeConfiguration="false"/>
    <modules runAllManagedModulesForAllRequests="true"/>
  </system.webServer>

  <runtime>
    <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
      <dependentAssembly>
        <assemblyIdentity name="System.Web.Mvc" publicKeyToken="31bf3856ad364e35" />
        <bindingRedirect oldVersion="1.0.0.0" newVersion="2.0.0.0" />
      </dependentAssembly>
    </assemblyBinding>
  </runtime>
</configuration>

任何人都可以请帮我鉴定什么是错的，使用户可以登录？

Can anyone please help me identify what is wrong so that users can login?

更新

所以在会员提供者本身的code调试登录过程后，我发现有一个在供应商的错误。有被存储在数据库中的密码散列之间的差异，并且具有根据所输入的密码产生的。至于我的问题的解决方法，我改变了密码格式为encrpyted，并增加了机械钥匙我的web.config。

So after debugging the login process in the code of the membership provider itself, i discovered that there is a bug in the provider. There is a discrepancy between the password hash that is stored in the database, and the has that is generated based on the inputted password. As a workaround for my issue, i changed the password format to 'encrpyted' and added a machine key to my web.config.

我在与供应商的散列格式搞清楚这个问题仍然有兴趣，并会花更多的时间调试它，如果我能找出问题，我会放在一起补丁并提交。

I am still interested in figuring out the issue with the hashed format in the provider, and will spend some more time debugging it, and if i can figure out the problem, i will put together a patch and submit it.

推荐答案

在.NET 4中开始，由MySQL连接器使用的哈希算法，SHA1从变更为更复杂的东西（HMACSHA256）。

Starting with .NET 4, the hashing algorithm used by the MySQL connector changed from SHA1 to something more complicated (HMACSHA256).

要克服这一点，你可以改变你的web.config文件：

To overcome this, you can change your web.config file:

<membership 
  defaultProvider="AspNetMySqlMembershipProvider" 
  hashAlgorithmType="SHA1"> 

更多关于可以发现：
<一href=\"http://www.devart.com/forums/viewtopic.php?t=17508&postdays=0&postorder=asc&start=15&sid=ed160634c0e76b0fb1a4a565e8b5e200\" rel=\"nofollow\">http://www.devart.com/forums/viewtopic.php?t=17508&postdays=0&postorder=asc&start=15&sid=ed160634c0e76b0fb1a4a565e8b5e200

这篇关于ASP.NET MVC + MySQL的成员资格提供，用户无法登录的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！