asp.net - Changing SqlMembershipProvider to use MD5, Joomla-style passwords -


i'm trying migrate users joomla database custom 1 using default asp.net tables , providers. theoretically can change hash type default (sha) md5 changing web.config, however, when logging in reports invalid password (or username, doubt it's that). examining aspnet_membership table , joomla_users table can see both have same password , salt values per user (joomla 1.7 stores password:salt that's easy split 2 fields). both appear in base64 format, , adding user through asp default log in control results in similar pair of fields new user (though salt randomized think, can't compare same known password).

here's extract web.config:

<system.web>   <machinekey validation="md5"/>   ... <membership hashalgorithmtype="md5">   <providers>     <clear />     <add name="aspnetsqlmembershipprovider"          type="system.web.security.sqlmembershipprovider"          connectionstringname="userauth"          enablepasswordretrieval="false"          enablepasswordreset="true"          requiresquestionandanswer="false"          requiresuniqueemail="false"          maxinvalidpasswordattempts="5"          minrequiredpasswordlength="6"          minrequirednonalphanumericcharacters="0"          passwordattemptwindow="10"          passwordformat="hashed"          applicationname="/" />   </providers> </membership> </system.web>

one thing i'm not sure on whether it's md5, md5, or md5 (i've seen both latter in code samples while googling). however, can write nonsense instead , application doesn't appear bat eyelid.

i don't particularly wish write custom membership provider unless there no other way.

here's php compares joomla hashed password 1 supplied parameter function:

                $user_id = mysql_result($result, 0, 'id');                 $db_password = mysql_result($result, 0, 'password');                 $joomla = &new jconfig;                 list($md5pass, $saltpass) = split(":", $db_password);                 $md5_password = md5($user_password.$saltpass);                 if (strcmp($md5_password, $suppliedpass) == 0)                 {                     return $user_id;                 }

either asp version ignoring md5 request, or somehow it's storing in other way, or i'm not telling use md5 correctly, or...? don't want tell 4000 users reset passwords, though i'm aware md5 not recommended these days.

i think worked out. in joomla, php code, md5 applied pass+salt. in sqlmembershipprovider.cs it's applied salt+pass.

the sqlmembershipprovider.cs found via sqlmembershipprovider - source code - maybe not true source see no reason why should different true source in particular aspect.


Comments

Post a Comment

Popular posts from this blog

SPSS keyboard combination alters encoding -

my question not have programming practical issue on spss. accident keyword combination cannot remember because did not intend press changed encoding in spss , text in data in different language english shown small boxes. nevertheless, when kind of analysis performed different language text shown in output. does know reason? tried change encoding did not produce result. first, @ edit > options , see whether setting unicode or locale. might fix it. if have text in multiple languages, want unicode. otherwise, may have specific locale set wrong. can change set locale, need know locale want use.
Read more

Add new record to the table by click on the button in Microsoft Access -

in ms access form want implement separate button, adds new record table. in order added button , attached button event: private sub btnaddrec_click() refresh codecontextobject on error resume next docmd.gotorecord , , acnewrec if err.number <> 0 btnaddrec.enabled = false end if end end sub everything ok when open window , click btnaddrec button, problem when first of perform navigation through existed records , after click on button. got runtime error: 2105: «you can't go specified record. may @ end of recordset» . how solve issue, need have ability add new record on click on specific button, no matter, have walked or not walked through records before. thanks. i created simple form field call description (and autonumber) , created button code follows click event. filled number of records , navigated through them, clicked addnewrec button. form navigated new record without issues. able click addnewrec button directly after
Read more

javascript - jQuery .height() return 0 when visible but non-0 when hidden -

i have problem here right opposite others: in jquery cannot height of element when it's visible, when hidden. have html code: <div id="filtering-filter-holder"> <div id="filtering-filter-holder-inner"></div> </div> basic css it: #filtering-filter-holder { display: none; position: absolute; width: 420px; min-height: 100px; padding: 5px 5px 5px 5px; background-color: #ffffff; border: 1px solid #164372; } and finally, js in document.ready(): $('div.filtering-filter-headline').mouseenter(function() { var el = $(this).parent().find('div.filtering-filter-content'); if ($('div#filtering-filter-holder').is(':visible')) { $('div#filtering-filter-holder-inner').stop(true, true).fadeout(300, function() { $('div#filtering-filter-holder-inner').html($(el).html()); var height = $('div#filtering-filter-holder-inner&#
Read more