Re: problem with custom membership provider

Tech Tip: Click here to run a free scan for Windows Errors and optimize PC performance

---

• From: Peter Bromberg [C# MVP] <pbromberg@xxxxxxxxxxxxxxxxxxxxxxx>
• Date: Tue, 17 Apr 2007 08:52:03 -0700

---

Generally what I do is let the user choose their own password. (After all,
how many passwords do you want to have to remember?). Then, the email has a
link which takes them to a page that makes their account active.
Peter

--
Site: http://www.eggheadcafe.com
UnBlog: http://petesbloggerama.blogspot.com
Short urls & more: http://ittyurl.net




"Ben" wrote:

Peter,

thanks for replying, but i'm not sure how to fix my problem.
i must use a non-autogenerated decryption key, so this is my attempt:,
without understanding what i'm doing ...I found the hex code on the
microsoft site.
I don't know either which validation to choose (SHA1 or MD5 or ...).

This gives the error: "Validation key specified has invalid hex characters"
If you could give me some hints
Further, i couldn't read anywhere that one must use a non-autogenerated
decryption key in this case. Why is it so?

Thanks

<machineKey
validationKey="21F090935F6E49C2C797F69BBAAD8402ABD2EE0B667A8B44EA7DD4374267A75D7AD972A11
9482D15A4127461DB1DC347C1A63AE5F1CCFAACFF1B72A7F0A281B"
decryptionKey="ABAA84D7EC4BB56D75D217CECFFB9628809BDB8BF91CFCD64568A145BE59719F"
validation="SHA1"
decryption="Auto"
/>


"Peter Bromberg [C# MVP]" <pbromberg@xxxxxxxxxxxxxxxxxxxxxxx> schreef in
bericht news:C2C63360-0BAF-40CC-98D6-15EA3DC67DC7@xxxxxxxxxxxxxxxx

Ben,
The exception message is telling you what to do: the machinekey element in
your web.config needs to specify key and not use the autogenerated option.

Here is an article that explains:

http://www.eggheadcafe.com/articles/20030514.asp

Peter

--
Site: http://www.eggheadcafe.com
UnBlog: http://petesbloggerama.blogspot.com
Short urls & more: http://ittyurl.net




"Ben" wrote:

Hi,

i have already posted a more or less similar thread but it's gone
unsolved
with the flow of the other threads ..

When an anonymous user has created an new account (with the
CreateUserWizard
control), i want to let asp.net generate a password and to send it
(AutoGeneratePassword="true") to the address of the email provided by the
new membershipuser in the CreateUserWizard control.

So i defined a custom provider for membership with this code:

web.config:
-----------
<connectionStrings>
<add name="aspnetdb" connectionString="Data
Source=.\SQLEXPRESS;AttachDbFilename=|DataDirectory|\ASPNETDB.MDF;Integrated
Security=True;User Instance=True" providerName="System.Data.SqlClient"/>
</connectionStrings>

<authentication mode="Forms" />

<membership defaultProvider="MyMembershipProvider">
<providers>
<add name="MyMembershipProvider"
type="System.Web.Security.SqlMembershipProvider, System.Web,
Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
connectionStringName="aspnetdb"
enablePasswordRetrieval="true"
enablePasswordReset="true"
passwordFormat="Encrypted"
requiresQuestionAndAnswer="true"
applicationName="/"
/>
</providers>
</membership>

code-behind:
------------
Protected Sub Page_Load(ByVal sender As Object, ByVal e As
System.EventArgs) Handles Me.Load
If User.Identity.IsAuthenticated Then
Dim pw As String
pw = Membership.GetUser.GetPassword.ToString
End If
End Sub

But this generate the error:
"You must specify a non-autogenerated machine key to store passwords in
the
encrypted format. Either specify a different passwordFormat, or change
the
machineKey configuration to use a non-autogenerated decryption key."

at line "pw = Membership.GetUser.GetPassword.ToString"

Changing in "hashed" is not an option because it's not retrievable and
"clear" is not safe.
So if anyone could explain me how to solve this, it would make my day.
Thanks
Ben

.

---

• Follow-Ups:
  • Re: problem with custom membership provider
    • From: Ben

• References:
  • problem with custom membership provider
    • From: Ben
  • RE: problem with custom membership provider
    • From: Peter Bromberg [C# MVP]
  • Re: problem with custom membership provider
    • From: Ben

• Prev by Date: Re: ASP.net 1.1 debugging on IIS with .net 2.0
• Next by Date: Re: Malformed URL by using Page.Request.Url.ToString() - why?
• Previous by thread: Re: problem with custom membership provider
• Next by thread: Re: problem with custom membership provider
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: problem with custom membership provider ... i must use a non-autogenerated decryption key, so this is my attempt:, ... The exception message is telling you what to do: the machinekey element in ... your web.config needs to specify key and not use the autogenerated option. ... So i defined a custom provider for membership with this code: ... (microsoft.public.dotnet.framework.aspnet) Re: problem with custom membership provider ... i must use a non-autogenerated decryption key, so this is my attempt:, ... The exception message is telling you what to do: the machinekey element ... "You must specify a non-autogenerated machine key to store passwords ... (microsoft.public.dotnet.framework.aspnet) RE: problem with custom membership provider ... your web.config needs to specify key and not use the autogenerated option. ... "You must specify a non-autogenerated machine key to store passwords in the ... machineKey configuration to use a non-autogenerated decryption key." ... (microsoft.public.dotnet.framework.aspnet)

---

• Windows
• Science
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint

www.tech-archive.net  > Archive  > DotNet  > microsoft.public.dotnet.framework.aspnet  > 2007-04