New User Password not being Decrypted Correctly

Jul 12, 2008 at 8:35 PM
Edited Jul 13, 2008 at 4:20 AM
I am created a new User ID nothing fancy something like apple123 password orangex1.

I set admin privilages for this user, I then log out and try to log back in - but I can not. It says Your login attempt was not successful. Please try again.

I can add users all day but none can login.

I have set permissions on all the files and folders. I can write blog entries and create categories but I can not login with the new users, why not
------------------------------------------------------------------------------------------------------------
Im not 100% sure but I think this has something to do With Windows XP SP3 ( which i just upgraded to )

I downloaded the source code and traced it to the CheckPassword function
then the call to 

if

 

(storedPassword == Utils.HashPassword(inputPassword))

 

The call to Utils.HashPassword(inputPassword) comes back still encrypted.

Thanks
Larry
Jul 13, 2008 at 10:15 PM
            Yes! I found the bug:

         XmlMembershipProvider.cs > CreateUser        
>. 

 

MembershipUser user = new MembershipUser(Name, username, username, email, passwordQuestion, password?????, isApproved, false, DateTime.Now, DateTime.Now, DateTime.Now, DateTime.Now, DateTime.MaxValue);

 

change to

 

 

MembershipUser user = new MembershipUser(Name, username, username, email, passwordQuestion, passwordPrep, isApproved, false, DateTime.Now, DateTime.Now, DateTime.Now, DateTime.Now, DateTime.MaxValue);

 

 

 

 

 




lmeadowssc wrote:
I am created a new User ID nothing fancy something like apple123 password orangex1.

I set admin privilages for this user, I then log out and try to log back in - but I can not. It says Your login attempt was not successful. Please try again.

I can add users all day but none can login.

I have set permissions on all the files and folders. I can write blog entries and create categories but I can not login with the new users, why not
------------------------------------------------------------------------------------------------------------
Im not 100% sure but I think this has something to do With Windows XP SP3 ( which i just upgraded to )

I downloaded the source code and traced it to the CheckPassword function
then the call to 

if

 

(storedPassword == Utils.HashPassword(inputPassword))

 

 

The call to Utils.HashPassword(inputPassword) comes back still encrypted.

Thanks
Larry


Coordinator
Jul 14, 2008 at 5:57 PM
this has been fixed after the 1.4 release. It will be in the official 1.4.1 release due in a weeks time