Membership.ValidateUser always returns false after upgrade to VS 2010 / .NET 4.0

Asked 28/4, 2010 at 13:51 Answered 28/1, 2012 at 9:21

Solved c#asp.net oracle asp.net-membership

Not sure whether this pertains to VS 2010 or to the upgraded framework, but... we are using the Oracle membership provider to authenticate users. Prior to the upgrade everything worked fine, but now Membership.ValidateUser(user, password) returns false despite valid credentials. There is no exception thrown, so it's hard to determine what the problem might be. The website administration tool in VS 2010 is still able to manage users and roles (more or less), so I have no reason to question connectivity. What might the problem be?

Coons answered 28/4, 2010 at 13:51 Comment(0)

The answer (according to this post) is to specify hashAlgorithmType="SHA1" in the Web.config:

<membership defaultProvider="OracleMembershipProvider" hashAlgorithmType="SHA1"/>

This did not solve the problem for existing users, but newly created users can log in now.

Coons answered 28/4, 2010 at 21:28 Comment(3)

I am guessing that for newly created users, adding hashAlgorithmType is a red herring. Try adding and authenticating a new user without it. I suspect that the problem is related to the autogenned machine key. Am writing some tests. will update answer. – Reginareginald 29/4, 2010 at 2:35

The newly created users could be authenticated on another (development) box, so I think the hashAlgorithmType fixed the problem. – Coons 30/4, 2010 at 13:52

@nw - thanks for this answer as i had the same issue and was banging my head against the wall for hours. There doesn't seem to be any documentation on having to do this change when upgrading to .net 4.0. – Tauten 6/8, 2011 at 8:11

Sounds a little bit like the problem I am having..

Adding a machineKey element to web.config instead of hashAlgorithmType="SHA1" fixed the problem.. but I still don't understand why I need to put that there... haven't been able to find any documentation either..

You can check out my question here.. The user name or password provided is incorrect. in MVC 3 Internet Application

Helper answered 28/1, 2012 at 9:21 Comment(0)

You may be experiencing machineKey disparity.

In web.config - the implicit machineKey section uses autogenerated encryption and validation keys that are again keyed against the app Id (AutoGenerate,IsolateApps).

Are you testing with a different application instance or on another machine?

~~Is the Oracle membership provider 2.0 or 4.0?~~

And this is just a stab in the dark, maybe this will lead you to a solution.

From .NET Framework 4 Migration Issues

Membership types

Some types (for example, System.Web.Security.MembershipProvider) that are used in ASP.NET membership have been moved from System.Web.dll to the System.Web.ApplicationServices.dll assembly. The types were moved in order to resolve architectural layering dependencies between types in the client and in extended .NET Framework SKUs.

Class libraries that have been upgraded from earlier versions of ASP.NET and that use membership types that have been moved might fail to compile when used in an ASP.NET 4 project. If so, add a reference in the class library project to System.Web.ApplicationServices.dll

Reginareginald answered 28/4, 2010 at 19:2 Comment(1)

We have no problem compiling, and the problem occurs with both Oracle membership providers 2.0 and 4.0. – Coons 28/4, 2010 at 19:13

Recommended topics

Hot tags