asp.netasp.net-membershipwebformsasp.net-profilesasp.net-4.5

Login Not Working with Custom Profile

This is a Web Forms Application Project (WAP). I am programmatically creating a user with custom profile properties and can see the user data being persisted in the Users table but not in the aspnet_membership or Memberships tables. After creating a new user with a custom register form, the login fails. Can anyone suggest a troubleshooting checklist?

MembershipCreateStatus status = MembershipCreateStatus.Success;
MembershipUser newUser 
    = Membership.CreateUser(userNameTxt.Text.Trim(), passwordTxt.Text, 
        emailTxt.Text, questionTxt.Text, answerTxt.Text, true, out status);
Roles.AddUserToRole(userNameTxt.Text.Trim(), "Member");

// Gather and save Profile info
CustomProfile profile = CustomProfile.GetProfile(userNameTxt.Text.Trim());
profile.Personal.Email = emailTxt.Text.Trim();
profile.Personal.FirstName = firstNameTxt.Text.Trim();
profile.Personal.LastName = lastNameTxt.Text.Trim();
profile.Save();

Error Message: Your login attempt was not successful. Please try again.

What's happening: CreateUser is returning null

      <providers>
          <remove name="DefaultMembershipProvider"/>
          <add 
              name="DefaultMembershipProvider" 
              type="System.Web.Providers.DefaultMembershipProvider, System.Web.Providers, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35"
              connectionStringName="LocalSqlServer" 
              enablePasswordRetrieval="false" 
              enablePasswordReset="true" 
              requiresQuestionAndAnswer="true" 
              requiresUniqueEmail="false" 
              minRequiredPasswordLength="6" 
              minRequiredNonalphanumericCharacters="0" 
              passwordAttemptWindow="1000" 
              passwordFormat="Hashed"
              applicationName="/" />
      </providers>

<remove name="LocalSqlServer" />
    <add name="LocalSqlServer" 
      connectionString="Initial Catalog=MYDB;Data Source=WIN2K8;Integrated Security=SSPI;"
      providerName="System.Data.SqlClient" />
    <remove name="MYDBConn" />
      <add name="MYDBConn" connectionString="Initial Catalog=MYDB;Data Source=WIN2K8;Integrated Security=SSPI;"
          providerName="System.Data.SqlClient" />
Solution

  • Apparently in .NET 4, the default Hash Algorithm used is HMACSHA256 and not SHA1 as it used to be in previous Framework versions. I found the solution here:

    ASP.NET Membership - User Password storage

    Login fails after upgrade to ASP.net 4.0 from 3.5

    I just tweaked my config file for SHA1 as follows:

    <membership defaultProvider="DefaultMembershipProvider" hashAlgorithmType="SHA1">
    ...
</membership>