AspSQLProvider - Migrating existing SQL Server membership information - dev.nauck-it.de

Migrating existing SQL Server membership information

I have been tasked with migrating an existing mature ASP.NET 2.0 web site to Mono and postgres. I am somewhat confused as how the membership provider salts the passwords. If I make the switch and use the AspSqlProvider, will the existing users be able to login?

Replies

RE: Migrating existing SQL Server membership information - Added by Daniel Nauck over 1 year ago

Hello,

it strongly depends on your current configuration.

Mashine and Encryption Key¶

Do you have set the <machineKey .. /> element in your web.config with validationKey, decryptionKey, validation and decryption attributes?
if not, .NET auto generates some for you and you're nearly unable to migrate to a new server.

Password encryption type¶

What type of password encryption are you using? Clear, Encrypted or Hashed?
Checkout how AspSQLProvider encrypts passwords:

source:src/NauckIT.PostgreSQLProvider/PgMembershipProvider.cs@d585bf824ea375d1676168a8d84f1cf7df2577a8#L1391

Maybe you can decrypt the old passwords an encrypt them with the new format.
As i'm a Mono contributor i cannot take a look at the original MS implementation fpr the encryption stuff in the MS SQL Server membership provider.

SQL Schema¶

The sql schema differs a lot from the original sql server asp.net membership provider. But you can easily port roles and users(without password?) with some kind of convertion script.
Both, the asp.net sql server membership provider and the postgresql membership provider, uses a GUID as primary key for users.

See source:src/NauckIT.PostgreSQLProvider/DatabaseSchema.sql