My SQL and ASP.NET authentications

Jun 18, 2013 at 11:15 AM
Edited Jun 18, 2013 at 11:18 AM
Has anyone tried this with MySQL and asp.net security provider? I've got the tables created in the database and users set up but need the stored procedure sp_nearforums_authenticateuser to work. How do you compare passwords though?
 select userid, email from my_aspnet_membership where password="password";
does not work for starters. Have also tried PASSWORD("password") also without success. Does the stored procedure password param get passed pre-hashed?
Coordinator
Jun 18, 2013 at 11:17 AM
Hi,
Yes, that is how ASP.NET membership is conceived, hashed before transport.

Kind Regards,
Jorge
Jun 18, 2013 at 11:22 AM
Ok thanks sounds sensible but makes writing the SQL harder to test outside the stored procedure. Don't suppose anyone has an example?
Coordinator
Jun 18, 2013 at 11:27 AM
Edited Jun 18, 2013 at 11:27 AM
Hi,
Usually, for ASP.NET Membership, it is not required to query the database directly. It is an "abstraction" (not a very good one BTW).
If you need to use the same membership provider within another application, you can do it using the same configuration (and the machine key used for hashing).

Best,
Jorge
Jun 21, 2013 at 9:45 AM
Got there in the end.
Many thanks.