473,395 Members | 1,680 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > asp.net > questions > problem with custom membership provider

Join Bytes to post your question to a community of 473,395 software developers and data experts.

problem with custom membership provider

Ben
Hi,

i have already posted a more or less similar thread but it's gone unsolved
with the flow of the other threads ..

When an anonymous user has created an new account (with the CreateUserWizard
control), i want to let asp.net generate a password and to send it
(AutoGeneratePassword="true") to the address of the email provided by the
new membershipuser in the CreateUserWizard control.

So i defined a custom provider for membership with this code:

web.config:
-----------
<connectionStrings>
<add name="aspnetdb" connectionString="Data
Source=.\SQLEXPRESS;AttachDbFilename=|DataDirector y|\ASPNETDB.MDF;Integrated
Security=True;User Instance=True" providerName="System.Data.SqlClient"/>
</connectionStrings>

<authentication mode="Forms" />

<membership defaultProvider="MyMembershipProvider">
<providers>
<add name="MyMembershipProvider"
type="System.Web.Security.SqlMembershipProvider, System.Web,
Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
connectionStringName="aspnetdb"
enablePasswordRetrieval="true"
enablePasswordReset="true"
passwordFormat="Encrypted"
requiresQuestionAndAnswer="true"
applicationName="/"
/>
</providers>
</membership>

code-behind:
------------
Protected Sub Page_Load(ByVal sender As Object, ByVal e As
System.EventArgs) Handles Me.Load
If User.Identity.IsAuthenticated Then
Dim pw As String
pw = Membership.GetUser.GetPassword.ToString
End If
End Sub

But this generate the error:
"You must specify a non-autogenerated machine key to store passwords in the
encrypted format. Either specify a different passwordFormat, or change the
machineKey configuration to use a non-autogenerated decryption key."

at line "pw = Membership.GetUser.GetPassword.ToString"

Changing in "hashed" is not an option because it's not retrievable and
"clear" is not safe.
So if anyone could explain me how to solve this, it would make my day.
Thanks
Ben
Apr 16 '07 #1
4 8920
Ben,
The exception message is telling you what to do: the machinekey element in
your web.config needs to specify key and not use the autogenerated option.

Here is an article that explains:

http://www.eggheadcafe.com/articles/20030514.asp

Peter

--
Site: http://www.eggheadcafe.com
UnBlog: http://petesbloggerama.blogspot.com
Short urls & more: http://ittyurl.net


"Ben" wrote:
Hi,

i have already posted a more or less similar thread but it's gone unsolved
with the flow of the other threads ..

When an anonymous user has created an new account (with the CreateUserWizard
control), i want to let asp.net generate a password and to send it
(AutoGeneratePassword="true") to the address of the email provided by the
new membershipuser in the CreateUserWizard control.

So i defined a custom provider for membership with this code:

web.config:
-----------
<connectionStrings>
<add name="aspnetdb" connectionString="Data
Source=.\SQLEXPRESS;AttachDbFilename=|DataDirector y|\ASPNETDB.MDF;Integrated
Security=True;User Instance=True" providerName="System.Data.SqlClient"/>
</connectionStrings>

<authentication mode="Forms" />

<membership defaultProvider="MyMembershipProvider">
<providers>
<add name="MyMembershipProvider"
type="System.Web.Security.SqlMembershipProvider, System.Web,
Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
connectionStringName="aspnetdb"
enablePasswordRetrieval="true"
enablePasswordReset="true"
passwordFormat="Encrypted"
requiresQuestionAndAnswer="true"
applicationName="/"
/>
</providers>
</membership>

code-behind:
------------
Protected Sub Page_Load(ByVal sender As Object, ByVal e As
System.EventArgs) Handles Me.Load
If User.Identity.IsAuthenticated Then
Dim pw As String
pw = Membership.GetUser.GetPassword.ToString
End If
End Sub

But this generate the error:
"You must specify a non-autogenerated machine key to store passwords in the
encrypted format. Either specify a different passwordFormat, or change the
machineKey configuration to use a non-autogenerated decryption key."

at line "pw = Membership.GetUser.GetPassword.ToString"

Changing in "hashed" is not an option because it's not retrievable and
"clear" is not safe.
So if anyone could explain me how to solve this, it would make my day.
Thanks
Ben
Apr 16 '07 #2
Ben
Peter,

thanks for replying, but i'm not sure how to fix my problem.
i must use a non-autogenerated decryption key, so this is my attempt:,
without understanding what i'm doing ...I found the hex code on the
microsoft site.
I don't know either which validation to choose (SHA1 or MD5 or ...).

This gives the error: "Validation key specified has invalid hex characters"
If you could give me some hints
Further, i couldn't read anywhere that one must use a non-autogenerated
decryption key in this case. Why is it so?

Thanks

<machineKey
validationKey="21F090935F6E49C2C797F69BBAAD8402ABD 2EE0B667A8B44EA7DD4374267A75D7AD972A11
9482D15A4127461DB1DC347C1A63AE5F1CCFAACFF1B72A7F0A 281B"
decryptionKey="ABAA84D7EC4BB56D75D217CECFFB9628809 BDB8BF91CFCD64568A145BE59719F"
validation="SHA1"
decryption="Auto"
/>
"Peter Bromberg [C# MVP]" <pb*******@yahoo.yabbadabbadoo.comschreef in
bericht news:C2**********************************@microsof t.com...
Ben,
The exception message is telling you what to do: the machinekey element in
your web.config needs to specify key and not use the autogenerated option.

Here is an article that explains:

http://www.eggheadcafe.com/articles/20030514.asp

Peter

--
Site: http://www.eggheadcafe.com
UnBlog: http://petesbloggerama.blogspot.com
Short urls & more: http://ittyurl.net


"Ben" wrote:
>Hi,

i have already posted a more or less similar thread but it's gone
unsolved
with the flow of the other threads ..

When an anonymous user has created an new account (with the
CreateUserWizard
control), i want to let asp.net generate a password and to send it
(AutoGeneratePassword="true") to the address of the email provided by the
new membershipuser in the CreateUserWizard control.

So i defined a custom provider for membership with this code:

web.config:
-----------
<connectionStrings>
<add name="aspnetdb" connectionString="Data
Source=.\SQLEXPRESS;AttachDbFilename=|DataDirecto ry|\ASPNETDB.MDF;Integrated
Security=True;User Instance=True" providerName="System.Data.SqlClient"/>
</connectionStrings>

<authentication mode="Forms" />

<membership defaultProvider="MyMembershipProvider">
<providers>
<add name="MyMembershipProvider"
type="System.Web.Security.SqlMembershipProvider, System.Web,
Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
connectionStringName="aspnetdb"
enablePasswordRetrieval="true"
enablePasswordReset="true"
passwordFormat="Encrypted"
requiresQuestionAndAnswer="true"
applicationName="/"
/>
</providers>
</membership>

code-behind:
------------
Protected Sub Page_Load(ByVal sender As Object, ByVal e As
System.EventArgs) Handles Me.Load
If User.Identity.IsAuthenticated Then
Dim pw As String
pw = Membership.GetUser.GetPassword.ToString
End If
End Sub

But this generate the error:
"You must specify a non-autogenerated machine key to store passwords in
the
encrypted format. Either specify a different passwordFormat, or change
the
machineKey configuration to use a non-autogenerated decryption key."

at line "pw = Membership.GetUser.GetPassword.ToString"

Changing in "hashed" is not an option because it's not retrievable and
"clear" is not safe.
So if anyone could explain me how to solve this, it would make my day.
Thanks
Ben

Apr 17 '07 #3
Generally what I do is let the user choose their own password. (After all,
how many passwords do you want to have to remember?). Then, the email has a
link which takes them to a page that makes their account active.
Peter

--
Site: http://www.eggheadcafe.com
UnBlog: http://petesbloggerama.blogspot.com
Short urls & more: http://ittyurl.net


"Ben" wrote:
Peter,

thanks for replying, but i'm not sure how to fix my problem.
i must use a non-autogenerated decryption key, so this is my attempt:,
without understanding what i'm doing ...I found the hex code on the
microsoft site.
I don't know either which validation to choose (SHA1 or MD5 or ...).

This gives the error: "Validation key specified has invalid hex characters"
If you could give me some hints
Further, i couldn't read anywhere that one must use a non-autogenerated
decryption key in this case. Why is it so?

Thanks

<machineKey
validationKey="21F090935F6E49C2C797F69BBAAD8402ABD 2EE0B667A8B44EA7DD4374267A75D7AD972A11
9482D15A4127461DB1DC347C1A63AE5F1CCFAACFF1B72A7F0A 281B"
decryptionKey="ABAA84D7EC4BB56D75D217CECFFB9628809 BDB8BF91CFCD64568A145BE59719F"
validation="SHA1"
decryption="Auto"
/>
"Peter Bromberg [C# MVP]" <pb*******@yahoo.yabbadabbadoo.comschreef in
bericht news:C2**********************************@microsof t.com...
Ben,
The exception message is telling you what to do: the machinekey element in
your web.config needs to specify key and not use the autogenerated option.

Here is an article that explains:

http://www.eggheadcafe.com/articles/20030514.asp

Peter

--
Site: http://www.eggheadcafe.com
UnBlog: http://petesbloggerama.blogspot.com
Short urls & more: http://ittyurl.net


"Ben" wrote:
Hi,

i have already posted a more or less similar thread but it's gone
unsolved
with the flow of the other threads ..

When an anonymous user has created an new account (with the
CreateUserWizard
control), i want to let asp.net generate a password and to send it
(AutoGeneratePassword="true") to the address of the email provided by the
new membershipuser in the CreateUserWizard control.

So i defined a custom provider for membership with this code:

web.config:
-----------
<connectionStrings>
<add name="aspnetdb" connectionString="Data
Source=.\SQLEXPRESS;AttachDbFilename=|DataDirector y|\ASPNETDB.MDF;Integrated
Security=True;User Instance=True" providerName="System.Data.SqlClient"/>
</connectionStrings>

<authentication mode="Forms" />

<membership defaultProvider="MyMembershipProvider">
<providers>
<add name="MyMembershipProvider"
type="System.Web.Security.SqlMembershipProvider, System.Web,
Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
connectionStringName="aspnetdb"
enablePasswordRetrieval="true"
enablePasswordReset="true"
passwordFormat="Encrypted"
requiresQuestionAndAnswer="true"
applicationName="/"
/>
</providers>
</membership>

code-behind:
------------
Protected Sub Page_Load(ByVal sender As Object, ByVal e As
System.EventArgs) Handles Me.Load
If User.Identity.IsAuthenticated Then
Dim pw As String
pw = Membership.GetUser.GetPassword.ToString
End If
End Sub

But this generate the error:
"You must specify a non-autogenerated machine key to store passwords in
the
encrypted format. Either specify a different passwordFormat, or change
the
machineKey configuration to use a non-autogenerated decryption key."

at line "pw = Membership.GetUser.GetPassword.ToString"

Changing in "hashed" is not an option because it's not retrievable and
"clear" is not safe.
So if anyone could explain me how to solve this, it would make my day.
Thanks
Ben


Apr 17 '07 #4
Ben
This is a possibility, of course, but not an answer to my problem.
Ben

"Peter Bromberg [C# MVP]" <pb*******@yahoo.yabbadabbadoo.comschreef in
bericht news:DC**********************************@microsof t.com...
Generally what I do is let the user choose their own password. (After all,
how many passwords do you want to have to remember?). Then, the email has
a
link which takes them to a page that makes their account active.
Peter

--
Site: http://www.eggheadcafe.com
UnBlog: http://petesbloggerama.blogspot.com
Short urls & more: http://ittyurl.net


"Ben" wrote:
>Peter,

thanks for replying, but i'm not sure how to fix my problem.
i must use a non-autogenerated decryption key, so this is my attempt:,
without understanding what i'm doing ...I found the hex code on the
microsoft site.
I don't know either which validation to choose (SHA1 or MD5 or ...).

This gives the error: "Validation key specified has invalid hex
characters"
If you could give me some hints
Further, i couldn't read anywhere that one must use a non-autogenerated
decryption key in this case. Why is it so?

Thanks

<machineKey
validationKey="21F090935F6E49C2C797F69BBAAD8402AB D2EE0B667A8B44EA7DD4374267A75D7AD972A11
9482D15A4127461DB1DC347C1A63AE5F1CCFAACFF1B72A7F0 A281B"
decryptionKey="ABAA84D7EC4BB56D75D217CECFFB962880 9BDB8BF91CFCD64568A145BE59719F"
validation="SHA1"
decryption="Auto"
/>
"Peter Bromberg [C# MVP]" <pb*******@yahoo.yabbadabbadoo.comschreef in
bericht news:C2**********************************@microsof t.com...
Ben,
The exception message is telling you what to do: the machinekey element
in
your web.config needs to specify key and not use the autogenerated
option.

Here is an article that explains:

http://www.eggheadcafe.com/articles/20030514.asp

Peter

--
Site: http://www.eggheadcafe.com
UnBlog: http://petesbloggerama.blogspot.com
Short urls & more: http://ittyurl.net


"Ben" wrote:

Hi,

i have already posted a more or less similar thread but it's gone
unsolved
with the flow of the other threads ..

When an anonymous user has created an new account (with the
CreateUserWizard
control), i want to let asp.net generate a password and to send it
(AutoGeneratePassword="true") to the address of the email provided by
the
new membershipuser in the CreateUserWizard control.

So i defined a custom provider for membership with this code:

web.config:
-----------
<connectionStrings>
<add name="aspnetdb" connectionString="Data
Source=.\SQLEXPRESS;AttachDbFilename=|DataDirecto ry|\ASPNETDB.MDF;Integrated
Security=True;User Instance=True"
providerName="System.Data.SqlClient"/>
</connectionStrings>

<authentication mode="Forms" />

<membership defaultProvider="MyMembershipProvider">
<providers>
<add name="MyMembershipProvider"
type="System.Web.Security.SqlMembershipProvider, System.Web,
Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
connectionStringName="aspnetdb"
enablePasswordRetrieval="true"
enablePasswordReset="true"
passwordFormat="Encrypted"
requiresQuestionAndAnswer="true"
applicationName="/"
/>
</providers>
</membership>

code-behind:
------------
Protected Sub Page_Load(ByVal sender As Object, ByVal e As
System.EventArgs) Handles Me.Load
If User.Identity.IsAuthenticated Then
Dim pw As String
pw = Membership.GetUser.GetPassword.ToString
End If
End Sub

But this generate the error:
"You must specify a non-autogenerated machine key to store passwords
in
the
encrypted format. Either specify a different passwordFormat, or change
the
machineKey configuration to use a non-autogenerated decryption key."

at line "pw = Membership.GetUser.GetPassword.ToString"

Changing in "hashed" is not an option because it's not retrievable and
"clear" is not safe.
So if anyone could explain me how to solve this, it would make my day.
Thanks
Ben



Apr 17 '07 #5
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

2
Custom Membership Provider: aspnet_CheckSchemaVersion?
by: WB | last post by:
Hi, I am revamping my company's website with ASP.Net 2.0. In order to use our existing user data in our SQL 2000, I have written a custom membership provider. However, when I try to logon with...
.NET Framework
2
Custom memebrship provider problem
by: John | last post by:
Hi I am trying to setup a customised membership provider and I am getting the following error when trying to run the app; The entry 'AspNetSqlMembershipProvider' has already been added. The...
ASP.NET
2
Custom membership provider problem
by: John | last post by:
Hi I was working fine with create user wizard and the default membership provider. I have now customised the membership provider as per attached web.config. The create user wizard picks up the...
ASP.NET
1
custom membership provider
by: Axford | last post by:
Hello, I am trying to implement my own custom provider for memberships, basically only id/pwd (no roles). I use the new login web control (I am using asp.net 2.0 and VS2005). In web.config I...
ASP.NET
0
Want to create a custom membership provider, but use SQLMembershipProvider functionality
by: Mwob | last post by:
Hi all, I'm about to start creating a custom membership provider. Its for a website that already has a table of users in a single table, so I need to create a custom MP to talk to the data in...
ASP.NET
4
I feel it makes sense NOT to use custom membership & role providers
by: alexandis | last post by:
We have tables of logins (users), that differs much from standard microsoft structure - we don't use control question/answer, date fields, etc. But instead we have several additional fields. I...
ASP.NET
3
using custom database for membership and rolls ?
by: Sunfire | last post by:
I need to use a custom database for all of the user membership and rolls. How do you do this?
ASP.NET
6
Implementing a Custom Membership Provider
by: Jonathan Wood | last post by:
Although this will be a challenge at my level of ASP.NET knowledge, I'm thinking I should implement my own membership provider class. Looking over the methods I must implement, a number of...
ASP.NET
1
Small problem with custom membership provider hopefully!
by: Erik | last post by:
Hi Everyone, Hopefully this is an easy one. I've googled around for the answer but cant find it. I have simple login page that authenticates via a web service. I am using a custom membership...
ASP.NET
0
How to turn on java script in a villaon keypad mobile phone
by: Charles Arthur | last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
Java
0
Batch import of multiple excel files into the database
by: ryjfgjl | last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
Data Management
0
BarryA
Navigating the Data Structures and Algorithms (DSA)
by: BarryA | last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
Algorithms / Advanced Math
1
Looking to do Android software development, any suggestions? Is flutter better?
by: nemocccc | last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
General
1
Is that possible of reading the .csv file in column wise and the column have different lengths ?
by: Sonnysonu | last post by:
This is the data of csv file 1 2 3 1 2 3 1 2 3 1 2 3 2 3 2 3 3 the lengths should be different i have to store the data by column-wise with in the specific length. suppose the i have to...
C / C++
0
How to build RAID in BIOS?
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
Computer Hardware
0
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
Windows Server
0
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
C / C++
0
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
Online Marketing

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!