Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > ASP .Net > ASP .Net Security > Security Application Block

Thread Tools

Security Application Block

John Childress
Posts: n/a
Anyone using the Security Application Block from the Enterprise Library?
I have a rather embarassing situation where I've setup the database and
configured my application to use this block. I have added users to the database
using a web form, but I am unable to login using any of the new users I've

Here is how I'm creating the user:

public bool addNewUser(string username, string password, string firstName,
string lastName, string email)
byte[] encryptedContents;
encryptedContents = SHA1Managed.Create().ComputeHash(ASCIIEncoding.ASC II.GetBytes(password));

// Create an instance of the database object
Database database = DatabaseFactory.CreateDatabase();

// Create the wrapper
DBCommandWrapper addNewUserWrapper = database.GetStoredProcCommandWrapper("AddNewUser") ;

// Setup the parameters
addNewUserWrapper.AddInParameter("@username", DbType.String, username);
addNewUserWrapper.AddInParameter("@password", DbType.Binary, encryptedContents);
addNewUserWrapper.AddInParameter("@firstname", DbType.String, firstName);
addNewUserWrapper.AddInParameter("@lastname", DbType.String, lastName);
addNewUserWrapper.AddInParameter("@email", DbType.String, email);

// Execute the query

return true;

Then in my login page I try to authenticate with the following:
private void btnLogin_Click(object sender, System.EventArgs e)
// Get the provider to authenticate with
IAuthenticationProvider authenticationProvider = AuthenticationFactory.GetAuthenticationProvider("D atabase
// An identity for later use
IIdentity identity;
byte[] passwordBytes;
passwordBytes = ASCIIEncoding.ASCII.GetBytes(txtPassword.Text);
// Create the credentials
NamePasswordCredential credentials = new NamePasswordCredential(txtUsername.Text,

// authenticate
if(authenticationProvider.Authenticate(credentials , out identity))
// log the users access time

// Authorize and redirect the user
System.Web.Security.FormsAuthentication.RedirectFr omLoginPage(identity.Name,
lblError.Visible = true;
lblError.Text = "Login failed.";
lblError.Visible = true;
lblError.Text = "Login failed. Page is not valid.";

I always get "Login failed." for my error...

Any suggestions?



Reply With Quote
Dominic Morin
Posts: n/a
Because the NamePasswordCredential class use
Encoding.Unicode.GetBytes internally to encode, you have to use
Encoding.Unicode.GetBytes and not ASCIIEncoding.ASCII.GetBytes.

POST BY: - Need .NET? Just ask, Please
Reply With Quote

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Question on Security application block ASP .Net 0 12-16-2008 09:57 PM
Fo:Block can you check to see if a block contains any text by using the block id? morrell XML 1 10-10-2006 07:18 PM
Security application block =?Utf-8?B?QVZM?= ASP .Net 2 06-07-2005 07:43 PM
Problem with enterprise application block - data block Showjumper ASP .Net 1 03-19-2005 03:48 PM