I used membership API to create users and hashed the password in database. Because of the hashed password the Login control cannot authenticate as I'm now unable to set up the login control to convert the user password entered to "Hash" value before referencing the database.
I have tried exploring the Login control "Logging_in" event handler but I seem very confused on how to use it.
I will appreciate any help
Related
1.I am having a web app in which a user can register by providing new user id and password and i am encrypting the password using AES and storing it in my postgres database
For user welcome page I want to use form based authentication using tomcat
But for that i first need the user to login in my login page then i decrpyt the password in my database and check it with the user entering password
But from my understanding so far about tomcat authentication i need to use password="j_password" for password validation
but my database contains only encrypted password so hope you get my question
please help!! Thanks in advance.....
I am a beginner of asp.net. I currently have a login page with forgot password link button on the bottom of the screen. I am also using forms authentication to prevent an unauthorized user from accessing the other pages. The authentication seems to be working fine except for one thing.
How do I retrieve my password from the user list?
You don't want to store or retrieve the original password for security reasons - asp.net should be storing a hash of the original password in your data store. When a user enters their password again, the configured hashing algorithm should hash it to the same value as before and it matches the stored hash on the backend to authenticate.
See also Asp.net MVC - How to hash password for more background.
In SimpleMembershipProvider that comes with ASP.NET Razor it's possible to call GeneratePasswordResetToken, then email generated token to the user's email. Then, when the user clicks on the URL, it takes them to a page to reset password.
What is the equivalent workflow in AspNetSqlMembershipProvider? Is it possible to generate a token that can then be used to reset the password?
Thanks.
I have a problem!
I have a database.have two field username and password.
I use Login Control in VS.
And now i want use login control connect to my database.
how i can do it!
You have to setup a custom membership provider and configure it in the web.config file. Read this: http://www.asp.net/web-forms/videos/how-do-i/how-do-i-create-a-custom-membership-provider
The login control uses the membership provider's ValidateUser method to check whether a user is valid.
OR: override LoggingIn event, override the default behavior to manually lookup the user by user ID and password. This approach does not need a membership provider.
To authanticate users in Asp.net Membership we can call method
FormsAuthentication.Authenticate(username, password)
how can I do the same job (generate session, cookies and all other staff that Authanticate does) without users password?
I'm trying to login user over facebook connect. User's facebook id is stored within the users data. User should be signed in like a normal user.
I think you can use the SetAuthCookie method.
more info here http://msdn.microsoft.com/en-us/library/system.web.security.formsauthentication.setauthcookie.aspx