I have enabled ssl for umbraco backend. Issue I am having is that I can no longer login. It seems as though in the umbraco source in umbraco.providers.UsersMemberShipProvider.EncodePassword line 632 onwards
It looks like the encodedPassword that is returned when in SSL mode is different to when in http mode. The original user was added in http mode. If I step through teh code and get the encoded password when in ssl mode then update umbracoUser table then in SSL mode i can login. However I have got a few users so its a bit of a dirty one way method of getting SSL to work. Has anyone else seen this before? Looks more like a .net issue than umbraco issue.
So as a work around I have downloaded the 4.8.1 source and then attached process to asp.net worker process then tried to login. I have put a breakpoint on the line where password is encoded and then taken a copy of the generated encoded password. I then updated the umbracoUsers table then logged in again and it worked. I know have backend access so I will now update all users passwords which should now be saved over ssl so the hashing stuff when doing the login should gave us same hash. Not the best way of doing things but until I can figure out why .net is being weird I'm stuck.
umbraco backend access over SSL
Guys,
I have enabled ssl for umbraco backend. Issue I am having is that I can no longer login. It seems as though in the umbraco source in umbraco.providers.UsersMemberShipProvider.EncodePassword line 632 onwards
HMACSHA1 hash = new HMACSHA1(); hash.Key = Encoding.Unicode.GetBytes(password); encodedPassword = Convert.ToBase64String(hash.ComputeHash(Encoding.Unicode.GetBytes(password)));It looks like the encodedPassword that is returned when in SSL mode is different to when in http mode. The original user was added in http mode. If I step through teh code and get the encoded password when in ssl mode then update umbracoUser table then in SSL mode i can login. However I have got a few users so its a bit of a dirty one way method of getting SSL to work. Has anyone else seen this before? Looks more like a .net issue than umbraco issue.
Regards
Ismail
So as a work around I have downloaded the 4.8.1 source and then attached process to asp.net worker process then tried to login. I have put a breakpoint on the line where password is encoded and then taken a copy of the generated encoded password. I then updated the umbracoUsers table then logged in again and it worked. I know have backend access so I will now update all users passwords which should now be saved over ssl so the hashing stuff when doing the login should gave us same hash. Not the best way of doing things but until I can figure out why .net is being weird I'm stuck.
Regards
Ismail
is working on a reply...