Results 1 to 2 of 2

Thread: Forms Authentication, Encrypted Passwords in SQL DB

  1. Feb 17th, 2003, 07:50 PM #1
    mhermann
    mhermann is offline

    Thread Starter
    New Member
    Join Date
    Feb 2003
    Posts
    4

    Forms Authentication, Encrypted Passwords in SQL DB

    I am trying to connect to a SQL Database and retrieve an encypted password. I have it working without encrypted passwords just using strings thanks to another post that lead me to the MS example artical:

    http://support.microsoft.com/default...b;en-us;308157

    I am not sure what to change to use encryted passwords. Any help would be appreciated.

    Here is what I have so far.

    Code:
    Function ValidateUser(uid As string, passwd As string) As Boolean
   Dim cnn As SqlConnection
   Dim cmd As SqlCommand
   Dim dr As SqlDataReader
   Dim retVal As Boolean = False
   cnn = New SqlConnection("server=localhost;uid=sa;pwd=password;database=Pubs;")
   cmd = New SqlCommand("Select * from users where uname = '" & uid & "'", cnn)
   cnn.Open()
   dr = cmd.ExecuteReader()
   While (dr.Read())
      If Strcomp(dr.Item("Pwd"), passwd, 1) = 0 Then 
         retVal = True
      End If	
   End While
   cnn.Close()
   ValidateUser = retVal
End Function
    Reply With Quote Reply With Quote
  2. Feb 17th, 2003, 10:39 PM #2
    hellswraith
    hellswraith is offline
    PowerPoster hellswraith's Avatar
    Join Date
    Jul 2002
    Location
    Washington St.
    Posts
    2,464
    I got this code from a wrox book that I was reading. It seems like it will at least get you started. I am doing the same thing myself in C#. If you want all the code from the book, you can get it at this link:
    http://web.wrox.com/download/code/pr...63_code_v7.zip

    The book is called ASP.NET Website Programming at www.wrox.com


    VB Code:
    1. Public Shared Function ValidateLogin( _

    2.       ByVal emailAddress As String, _

    3.       ByVal password As String) _

    4.       As SitePrincipal

    5.  
    6.       Dim moduleSettings As Configuration.ModuleSettings = _

    7.         Configuration.ModuleConfig.GetSettings()

    8.       Dim newId As Integer

    9.       Dim cryptPassword As Byte() = EncryptPassword(password)

    10.       Dim dataUser As New Data.User(moduleSettings.ConnectionString)

    11.  
    12.       newId = dataUser.ValidateLogin(emailAddress, cryptPassword)

    13.       If newId > -1 Then

    14.         Return New SitePrincipal(newId)

    15.       Else

    16.         Return Nothing

    17.       End If

    18.  
    19.     End Function

    20.  
    21.  
    22.     Public Shared Function EncryptPassword(ByVal password As String) As Byte()

    23.  
    24.       Dim encoding As New UnicodeEncoding()

    25.       Dim hashBytes As Byte() = encoding.GetBytes(password)

    26.  
    27.       ' Compute the SHA-1 hash

    28.       Dim sha1 As New SHA1CryptoServiceProvider()

    29.       Dim cryptPassword = sha1.ComputeHash(hashBytes)

    30.  
    31.       Return cryptPassword

    32.  
    33.     End Function
    My Site
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules


Click Here to Expand Forum to Full Width