I know that this is similar to the other questions here, but I donβt think my business is the same as theirs.
I have a website that uses AspNetSqlMembershipProvider to validate users. I would like to use the same database from a console application. According to several articles on the Internet, I can use the System.Web.Security.Membership class from outside ASP.NET by copying the appropriate sections from web.config to app.config. This is what I did.
My console application can get the user with the requested name, and I can confirm that the user is approved and not blocked, but ValidateUser returns false for the correct pair of username and password.
I found articles in which people had problems migrating code that might be caused by a machine key mismatch, but also found a link that says the machine key is only used if the passwordFormat property is encrypted, whereas I use hashed.
The problem is that the two parts of the code - the website and the console application - are in different assemblies, and the assembly name or another property is used during password hashing? In both cases, the application name property is set to /.
Should I continue this approach or just directly access the database and the hash password itself?
source share