ASP.NET MVC + MySql Membership Provider, user cannot login

Posted by Jason Miesionczek on Stack Overflow See other posts from Stack Overflow or by Jason Miesionczek
Published on 2010-10-04T19:02:36Z Indexed on 2011/01/16 10:53 UTC
Read the original article Hit count: 350

Hello,

I've been playing around with using MySql as the membership provider for asp.net mvc forms authentication. I've got things configured correctly as far as i can tell, and i can create users via both the register action and asp.net web config site. however, when i try to login with one of the users, it does not work. it returns an error as if i had entered a wrong password, or if the account doesn't exist.

i have verified in the database that the account does exist. I've followed the instructions here for reference: http://blog.tchami.com/post/ASPNET-MVC-2-and-MySQL-Membership-Provider.aspx

here is my web.config:

<?xml version="1.0"?>

<!--
  For more information on how to configure your ASP.NET application, please visit
  http://go.microsoft.com/fwlink/?LinkId=152368
  -->

<configuration>
  <connectionStrings>
      <add name="MySQLConn" connectionString="Server=localhost;Database=intereditor;Uid=<user>;Pwd=<password>;"/>
  </connectionStrings>

  <system.web>
    <compilation debug="true" targetFramework="4.0">
      <assemblies>
        <add assembly="System.Web.Abstractions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
        <add assembly="System.Web.Routing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
        <add assembly="System.Web.Mvc, Version=2.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
      </assemblies>
    </compilation>

    <authentication mode="Forms">
      <forms 
        loginUrl="~/Account/LogOn" 
        timeout="2880"
        name=".ASPXFORM$"
        path="/"
        requireSSL="false"
        slidingExpiration="true"
        enableCrossAppRedirects="false"
        />
    </authentication>

    <membership defaultProvider="MySqlMembershipProvider">
      <providers>
        <clear/>
        <add name="MySqlMembershipProvider"
      type="MySql.Web.Security.MySQLMembershipProvider,MySql.Web,Version=6.3.4.0, Culture=neutral,PublicKeyToken=c5687fc88969c44d"
        autogenerateschema="true" connectionStringName="MySQLConn"
        enablePasswordRetrieval="false" enablePasswordReset="true"
        requiresQuestionAndAnswer="false" requiresUniqueEmail="false"
        passwordFormat="Hashed" maxInvalidPasswordAttempts="5"
        minRequiredPasswordLength="6" minRequiredNonalphanumericCharacters="0"
        passwordAttemptWindow="10" passwordStrengthRegularExpression=""
        applicationName="/" />
      </providers>
    </membership>

    <profile defaultProvider="MySqlProfileProvider">
      <providers>
        <clear/>
        <add name="MySqlProfileProvider"
        type="MySql.Web.Profile.MySQLProfileProvider,MySql.Web,Version=6.3.4.0,Culture=neutral,PublicKeyToken=c5687fc88969c44d"
        connectionStringName="MySQLConn" applicationName="/" />
      </providers>
    </profile>

    <roleManager enabled="true" defaultProvider="MySqlRoleProvider">
      <providers>
        <clear />
        <add name="MySqlRoleProvider"
        type="MySql.Web.Security.MySQLRoleProvider,MySql.Web,Version=6.3.4.0,Culture=neutral,PublicKeyToken=c5687fc88969c44d"
        connectionStringName="MySQLConn" applicationName="/" />
      </providers>
    </roleManager>
    <pages>
      <namespaces>
        <add namespace="System.Web.Mvc" />
        <add namespace="System.Web.Mvc.Ajax" />
        <add namespace="System.Web.Mvc.Html" />
        <add namespace="System.Web.Routing" />
      </namespaces>
    </pages>
  </system.web>

  <system.webServer>
    <validation validateIntegratedModeConfiguration="false"/>
    <modules runAllManagedModulesForAllRequests="true"/>
  </system.webServer>

  <runtime>
    <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
      <dependentAssembly>
        <assemblyIdentity name="System.Web.Mvc" publicKeyToken="31bf3856ad364e35" />
        <bindingRedirect oldVersion="1.0.0.0" newVersion="2.0.0.0" />
      </dependentAssembly>
    </assemblyBinding>
  </runtime>
</configuration>

Can anyone please help me identify what is wrong so that users can login?

UPDATE

So after debugging the login process in the code of the membership provider itself, i discovered that there is a bug in the provider. There is a discrepancy between the password hash that is stored in the database, and the has that is generated based on the inputted password. As a workaround for my issue, i changed the password format to 'encrpyted' and added a machine key to my web.config.

I am still interested in figuring out the issue with the hashed format in the provider, and will spend some more time debugging it, and if i can figure out the problem, i will put together a patch and submit it.

© Stack Overflow or respective owner

Related posts about mysql

Related posts about asp.net-mvc-2