Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > ASP .Net > ASP .Net Security > Security Application Block

Reply
Thread Tools

Security Application Block

 
 
John Childress
Guest
Posts: n/a
 
      03-21-2005
Anyone using the Security Application Block from the Enterprise Library?
I have a rather embarassing situation where I've setup the database and
configured my application to use this block. I have added users to the database
using a web form, but I am unable to login using any of the new users I've
created.

Here is how I'm creating the user:

public bool addNewUser(string username, string password, string firstName,
string lastName, string email)
{
byte[] encryptedContents;
encryptedContents = SHA1Managed.Create().ComputeHash(ASCIIEncoding.ASC II.GetBytes(password));

// Create an instance of the database object
Database database = DatabaseFactory.CreateDatabase();

// Create the wrapper
DBCommandWrapper addNewUserWrapper = database.GetStoredProcCommandWrapper("AddNewUser") ;

// Setup the parameters
addNewUserWrapper.AddInParameter("@username", DbType.String, username);
addNewUserWrapper.AddInParameter("@password", DbType.Binary, encryptedContents);
addNewUserWrapper.AddInParameter("@firstname", DbType.String, firstName);
addNewUserWrapper.AddInParameter("@lastname", DbType.String, lastName);
addNewUserWrapper.AddInParameter("@email", DbType.String, email);

// Execute the query
database.ExecuteNonQuery(addNewUserWrapper);

return true;
}

Then in my login page I try to authenticate with the following:
private void btnLogin_Click(object sender, System.EventArgs e)
{
if(Page.IsValid)
{
// Get the provider to authenticate with
IAuthenticationProvider authenticationProvider = AuthenticationFactory.GetAuthenticationProvider("D atabase
Provider");
// An identity for later use
IIdentity identity;
byte[] passwordBytes;
passwordBytes = ASCIIEncoding.ASCII.GetBytes(txtPassword.Text);
// Create the credentials
NamePasswordCredential credentials = new NamePasswordCredential(txtUsername.Text,
passwordBytes);

// authenticate
if(authenticationProvider.Authenticate(credentials , out identity))
{
// log the users access time
logUserAccessTime(txtUsername.Text);

// Authorize and redirect the user
System.Web.Security.FormsAuthentication.RedirectFr omLoginPage(identity.Name,
false);
}
else
{
lblError.Visible = true;
lblError.Text = "Login failed.";
}
}
else
{
lblError.Visible = true;
lblError.Text = "Login failed. Page is not valid.";
}
}

I always get "Login failed." for my error...

Any suggestions?

thanks,

John



 
Reply With Quote
 
 
 
 
Dominic Morin
Guest
Posts: n/a
 
      03-25-2005
Because the NamePasswordCredential class use
Encoding.Unicode.GetBytes internally to encode, you have to use
Encoding.Unicode.GetBytes and not ASCIIEncoding.ASCII.GetBytes.

Dominic
--
POST BY: http://www.dotNET.us - Need .NET? Just ask, Please dotNET.us
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Question on Security application block siddharthkhare@hotmail.com ASP .Net 0 12-16-2008 09:57 PM
Fo:Block can you check to see if a block contains any text by using the block id? morrell XML 1 10-10-2006 07:18 PM
Security application block =?Utf-8?B?QVZM?= ASP .Net 2 06-07-2005 07:43 PM
Problem with enterprise application block - data block Showjumper ASP .Net 1 03-19-2005 03:48 PM



Advertisments