Reputation: 783
i have create a WCF service to handle ASP.NET membership. It's running ok using clear type password, but when i change password type into hashed, my service always return false when validating user,
oh, i have another winforms app that using the same database for it's membership provider and it's running well using clear or hashed password
and when i call reset password from both apps (using hashed password), they change the data in my database with different lenght of value. WCF 44 character while WinForms app only 28 Chars.
so i'm really confused with what happened and wonder what have i done wrong
Upvotes: 1
Views: 309
Reputation: 783
i've resolve this.
thanks to http://www.codeproject.com/KB/aspnet/LoginControlError.aspx
it's seem that i need to explicitly set HashAlgorithmType to "SHA1" in my app.config
another thing to mention here is that i'm using mysql as my backend database. so maybe this case will not happen using MS SQL Server.
Upvotes: 1
Reputation: 5367
Hi if you have already stored password in database you are not able to change password type. The already stored passwords aren't hashed and the validate user function will always return false.
For using multiple application on one database you have to make sure that all app's are using the same manner of hashing.
Upvotes: 1
Reputation: 117220
You cant just change it midway through. Decide on the scheme, and set up users afterwards.
Upvotes: 1