{"id":1162,"date":"2007-05-18T16:55:00","date_gmt":"2007-05-18T21:55:00","guid":{"rendered":"http:\/\/blogs.devhorizon.com\/reza\/?p=1162"},"modified":"2007-05-18T16:55:00","modified_gmt":"2007-05-18T21:55:00","slug":"forms-based-authentication-headaches-aka-fbah","status":"publish","type":"post","link":"https:\/\/blogs.devhorizon.com\/reza\/2007\/05\/18\/forms-based-authentication-headaches-aka-fbah\/","title":{"rendered":"Forms Based Authentication Headaches a.k.a FBAH:)"},"content":{"rendered":"

Here is the situation:<\/P>
\n

 <\/P>
\n

-You have set up your SharePoint site to use forms based authentication using standard out of the box System.Web.Security.SqlMembershipProvider provider.<\/o:p><\/P>
\n

-You have set up your membership provider to use passwordFormat=”Encrypted” <\/o:p><\/P>
\n

-You are using ASP.NET Web Site Administration Tool to insert your first user <\/o:p><\/P>
\n

-You hit your sharepoint site , you are redirected to the login page , then you enter user name and password you created above and you are very excited to see everything works like a charm……………Boom<\/SPAN>……………. You get this message:)<\/o:p><\/P>
\n


\n

“The server could not sign you in. Make sure your user name and password are correct, and then try again”.<\/B><\/P><\/BLOCKQUOTE>

\n

<\/DIV>
\n

-You are 100% certain that what you entered as username and password is correct,so what the hell is going on and why it is not working?!!! <\/P>
\n

Well, Let me give you couple of simple advices that might be helpful:<\/P>
\n

1) Don’t use this ugly tool. Just drag and drop a “CreateUserWizard” control onto your aspx page and hook it up to your membership provider. Sometimes it is much easier to do things yourself  than relying on this strange creature.<\/o:p><\/P>
\n

2) Most probably, machinekey element in the asp.net application’s web.config is different than the one defined in your SharePoint site’s web.config . Check the keys (validationKey, decryptionKey) and the encryption algorithm to make sure they are identical.<\/P>
\n

<<\/SPAN>machineKey <\/SPAN>validationKey<\/SPAN>=<\/SPAN>21F0F891A36D12A278DB4FD8699C164EDBDA1FF9713A546C133CBE26DB026C5A5A10C884EF312DE5123959C8D96638423F8A6A3AE77F39E2B7A2596749B8C275<\/SPAN>” decryptionKey<\/SPAN>=<\/SPAN>“D868653A8B663BD752B01277E0465C0788D5BB9A5A9A405E<\/SPAN>“ <\/SPAN>validation<\/SPAN>=<\/SPAN>“SHA1<\/SPAN>“\/><\/SPAN><\/SPAN><\/o:p><\/P>
\n

3) It is much easier if you create the first user using “Clear” format using passwordFormat=”Clear” (so you can see the password in database) and when you deploy your provider to the web.config of your SharePoint site you can go ahead and change it to “Encrypted” and re-create the initial user one more time.<\/P>
\n


\n

\n<\/DIV><\/p>\n","protected":false},"excerpt":{"rendered":"

Here is the situation:   -You have set up your SharePoint site to use forms based authentication using standard out of the box System.Web.Security.SqlMembershipProvider provider. -You have set up your membership provider to use passwordFormat=”Encrypted” -You are using ASP.NET Web Site Administration Tool to insert your first user -You hit your sharepoint site , you […]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[],"tags":[],"class_list":["post-1162","post","type-post","status-publish","format-standard","hentry"],"yoast_head":"\nForms Based Authentication Headaches a.k.a FBAH:) - Reza Alirezaei's Blog %<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/blogs.devhorizon.com\/reza\/2007\/05\/18\/forms-based-authentication-headaches-aka-fbah\/\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Reza Alirezaei\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/blogs.devhorizon.com\\\/reza\\\/2007\\\/05\\\/18\\\/forms-based-authentication-headaches-aka-fbah\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/blogs.devhorizon.com\\\/reza\\\/2007\\\/05\\\/18\\\/forms-based-authentication-headaches-aka-fbah\\\/\"},\"author\":{\"name\":\"Reza Alirezaei\",\"@id\":\"https:\\\/\\\/blogs.devhorizon.com\\\/reza\\\/#\\\/schema\\\/person\\\/cdbb24d283697a65951cb4a14e474938\"},\"headline\":\"Forms Based Authentication Headaches a.k.a FBAH:)\",\"datePublished\":\"2007-05-18T21:55:00+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/blogs.devhorizon.com\\\/reza\\\/2007\\\/05\\\/18\\\/forms-based-authentication-headaches-aka-fbah\\\/\"},\"wordCount\":351,\"commentCount\":0,\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/blogs.devhorizon.com\\\/reza\\\/2007\\\/05\\\/18\\\/forms-based-authentication-headaches-aka-fbah\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/blogs.devhorizon.com\\\/reza\\\/2007\\\/05\\\/18\\\/forms-based-authentication-headaches-aka-fbah\\\/\",\"url\":\"https:\\\/\\\/blogs.devhorizon.com\\\/reza\\\/2007\\\/05\\\/18\\\/forms-based-authentication-headaches-aka-fbah\\\/\",\"name\":\"Forms Based Authentication Headaches a.k.a FBAH:) - Reza Alirezaei's Blog %\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/blogs.devhorizon.com\\\/reza\\\/#website\"},\"datePublished\":\"2007-05-18T21:55:00+00:00\",\"author\":{\"@id\":\"https:\\\/\\\/blogs.devhorizon.com\\\/reza\\\/#\\\/schema\\\/person\\\/cdbb24d283697a65951cb4a14e474938\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/blogs.devhorizon.com\\\/reza\\\/2007\\\/05\\\/18\\\/forms-based-authentication-headaches-aka-fbah\\\/\"]}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/blogs.devhorizon.com\\\/reza\\\/#website\",\"url\":\"https:\\\/\\\/blogs.devhorizon.com\\\/reza\\\/\",\"name\":\"Reza Alirezaei's Blog\",\"description\":\"Blogging from the field!\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/blogs.devhorizon.com\\\/reza\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/blogs.devhorizon.com\\\/reza\\\/#\\\/schema\\\/person\\\/cdbb24d283697a65951cb4a14e474938\",\"name\":\"Reza Alirezaei\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/3ba940d84e0ecb909e62e93df4c56daf0395c7e53c914467ab2ee73124a7d7b6?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/3ba940d84e0ecb909e62e93df4c56daf0395c7e53c914467ab2ee73124a7d7b6?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/3ba940d84e0ecb909e62e93df4c56daf0395c7e53c914467ab2ee73124a7d7b6?s=96&d=mm&r=g\",\"caption\":\"Reza Alirezaei\"},\"url\":\"https:\\\/\\\/blogs.devhorizon.com\\\/reza\\\/author\\\/rezaa\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Forms Based Authentication Headaches a.k.a FBAH:) - Reza Alirezaei's Blog %","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/blogs.devhorizon.com\/reza\/2007\/05\/18\/forms-based-authentication-headaches-aka-fbah\/","twitter_misc":{"Written by":"Reza Alirezaei","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/blogs.devhorizon.com\/reza\/2007\/05\/18\/forms-based-authentication-headaches-aka-fbah\/#article","isPartOf":{"@id":"https:\/\/blogs.devhorizon.com\/reza\/2007\/05\/18\/forms-based-authentication-headaches-aka-fbah\/"},"author":{"name":"Reza Alirezaei","@id":"https:\/\/blogs.devhorizon.com\/reza\/#\/schema\/person\/cdbb24d283697a65951cb4a14e474938"},"headline":"Forms Based Authentication Headaches a.k.a FBAH:)","datePublished":"2007-05-18T21:55:00+00:00","mainEntityOfPage":{"@id":"https:\/\/blogs.devhorizon.com\/reza\/2007\/05\/18\/forms-based-authentication-headaches-aka-fbah\/"},"wordCount":351,"commentCount":0,"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/blogs.devhorizon.com\/reza\/2007\/05\/18\/forms-based-authentication-headaches-aka-fbah\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/blogs.devhorizon.com\/reza\/2007\/05\/18\/forms-based-authentication-headaches-aka-fbah\/","url":"https:\/\/blogs.devhorizon.com\/reza\/2007\/05\/18\/forms-based-authentication-headaches-aka-fbah\/","name":"Forms Based Authentication Headaches a.k.a FBAH:) - Reza Alirezaei's Blog %","isPartOf":{"@id":"https:\/\/blogs.devhorizon.com\/reza\/#website"},"datePublished":"2007-05-18T21:55:00+00:00","author":{"@id":"https:\/\/blogs.devhorizon.com\/reza\/#\/schema\/person\/cdbb24d283697a65951cb4a14e474938"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/blogs.devhorizon.com\/reza\/2007\/05\/18\/forms-based-authentication-headaches-aka-fbah\/"]}]},{"@type":"WebSite","@id":"https:\/\/blogs.devhorizon.com\/reza\/#website","url":"https:\/\/blogs.devhorizon.com\/reza\/","name":"Reza Alirezaei's Blog","description":"Blogging from the field!","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/blogs.devhorizon.com\/reza\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/blogs.devhorizon.com\/reza\/#\/schema\/person\/cdbb24d283697a65951cb4a14e474938","name":"Reza Alirezaei","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/3ba940d84e0ecb909e62e93df4c56daf0395c7e53c914467ab2ee73124a7d7b6?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/3ba940d84e0ecb909e62e93df4c56daf0395c7e53c914467ab2ee73124a7d7b6?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/3ba940d84e0ecb909e62e93df4c56daf0395c7e53c914467ab2ee73124a7d7b6?s=96&d=mm&r=g","caption":"Reza Alirezaei"},"url":"https:\/\/blogs.devhorizon.com\/reza\/author\/rezaa\/"}]}},"_links":{"self":[{"href":"https:\/\/blogs.devhorizon.com\/reza\/wp-json\/wp\/v2\/posts\/1162","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blogs.devhorizon.com\/reza\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blogs.devhorizon.com\/reza\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blogs.devhorizon.com\/reza\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/blogs.devhorizon.com\/reza\/wp-json\/wp\/v2\/comments?post=1162"}],"version-history":[{"count":0,"href":"https:\/\/blogs.devhorizon.com\/reza\/wp-json\/wp\/v2\/posts\/1162\/revisions"}],"wp:attachment":[{"href":"https:\/\/blogs.devhorizon.com\/reza\/wp-json\/wp\/v2\/media?parent=1162"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blogs.devhorizon.com\/reza\/wp-json\/wp\/v2\/categories?post=1162"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blogs.devhorizon.com\/reza\/wp-json\/wp\/v2\/tags?post=1162"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}