I am setting up a new project using 7.2 and hoped to connect an old project on 7.1.7 so I cna copy some objects accross. I have useLegacyEncoding set to false for the membership providers on both sites and the same machineKey defined inthe web.config.
When I try to connect I get the below error abaout not being able to authenticate the user.
In the courier,config I have tried <user>0</user> as well as enterign the login details but have the same error.Looking inthe database, the hashed passwords look very different, so I assume the hashing algorythm has changed dramatically.
Am I missing something? I thought entering the username/password in clear thext in the courier.config should work.
System.Web.Services.Protocols.SoapException: System.Web.Services.Protocols.SoapException: Server was unable to process request. ---> Umbraco.Courier.Core.Exceptions.UnauthorizedClientException: User: testuser could not be authenticated at Umbraco.Courier.RepositoryProviders.WebserviceProvider.Security.SecurityHelper.ValidateUser(String login, String password) at Umbraco.Courier.RepositoryProviders.WebserviceProvider.Security.Authentication.AuthorizeClient(String login, String password, Boolean cacheAuthResult) at Umbraco.Courier.RepositoryProviders.Webservices.Repository.GetAvailableRevisions(String username, String password) --- End of inner exception stack trace --- at System.Web.Services.Protocols.SoapHttpClientProtocol.ReadResponse(SoapClientMessage message, WebResponse response, Stream responseStream, Boolean asyncCall) at System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String methodName, Object[] parameters) at Umbraco.Courier.RepositoryProviders.WebServiceProvider.RepositoryWebservice.GetAvailableRevisions(String username, String password) at Umbraco.Courier.RepositoryProviders.CourierWebserviceRepositoryProvider.GetAvailableRevisions() at Umbraco.Courier.UI.Pages.editRepository.OnInit(EventArgs e) at System.Web.UI.Control.InitRecursive(Control namingContainer) at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
I have got courier working using 7.1.7 on both sites and with useLegacyEncoding = false. I think the trick with this is to have the machineKey entry in the web.config identical. Try http://www.developerfusion.com/tools/generatemachinekey/ to create one. Also, these sites have the same salted password in each database and I use 0 in courier.config.
Curiously, I have copied over the salted password from these working sites to the 7.2 site and I can still login to the 7.2 site, so the encryption seems to be working the same. I am going to give it another try today to see what I can find any differences between the two setups.
It started working after I recycled both app pools, so I cannot say exactly what fixed it. It was either copying over the hashed password so it was identical in both databases or copying over the courier.config so they were identical.
I suspect it was the hashed password as I am using "<user>0</user>" in the courier.config file.
I must admit I was looking it the wrong database yesterday which is why it got confuising for me.
For sure its related to the (better) password handling with the newer membership providers. Courier uses the older methods that essentially do a string compare on the hashed password...which is different on each instance by default now.
I think the best approach if for us to update the installation documents to highlight this key configuration.
I agree, it may seem clunky copying the hashed password from one database to another, but this seems preferable to putting the login details in plain text in the courier.config. As the passwords are one way hashed, I dont see any other way of doing this.
In order for Courier Auth to work in 6.2+ and 7.1+ you'll need to make sure useLegacyEncoding = true as it is by default. If you decide to update this setting you should update courier.config to use a specifies username and password.
The recommended workaround is: Set useLegacyEncoding = true and reset the Courier user(s) password. Note: you will need to rest all user passwords if they were created with useLegacyEncoding = false initially.
error authenticating between 7.1.7 and 7.2 RC
I am setting up a new project using 7.2 and hoped to connect an old project on 7.1.7 so I cna copy some objects accross. I have useLegacyEncoding set to false for the membership providers on both sites and the same machineKey defined inthe web.config.
When I try to connect I get the below error abaout not being able to authenticate the user.
In the courier,config I have tried <user>0</user> as well as enterign the login details but have the same error.Looking inthe database, the hashed passwords look very different, so I assume the hashing algorythm has changed dramatically.
Am I missing something? I thought entering the username/password in clear thext in the courier.config should work.
System.Web.Services.Protocols.SoapException: System.Web.Services.Protocols.SoapException: Server was unable to process request. ---> Umbraco.Courier.Core.Exceptions.UnauthorizedClientException: User: testuser could not be authenticated
at Umbraco.Courier.RepositoryProviders.WebserviceProvider.Security.SecurityHelper.ValidateUser(String login, String password)
at Umbraco.Courier.RepositoryProviders.WebserviceProvider.Security.Authentication.AuthorizeClient(String login, String password, Boolean cacheAuthResult)
at Umbraco.Courier.RepositoryProviders.Webservices.Repository.GetAvailableRevisions(String username, String password)
--- End of inner exception stack trace ---
at System.Web.Services.Protocols.SoapHttpClientProtocol.ReadResponse(SoapClientMessage message, WebResponse response, Stream responseStream, Boolean asyncCall)
at System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String methodName, Object[] parameters)
at Umbraco.Courier.RepositoryProviders.WebServiceProvider.RepositoryWebservice.GetAvailableRevisions(String username, String password)
at Umbraco.Courier.RepositoryProviders.CourierWebserviceRepositoryProvider.GetAvailableRevisions()
at Umbraco.Courier.UI.Pages.editRepository.OnInit(EventArgs e)
at System.Web.UI.Control.InitRecursive(Control namingContainer)
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
@Patrick -
I came across that as well and will addres shortly http://issues.umbraco.org/issue/COU-104
Feel free to add any additional insight or specifics you have.
-Paul
@Paul
I have got courier working using 7.1.7 on both sites and with useLegacyEncoding = false. I think the trick with this is to have the machineKey entry in the web.config identical. Try http://www.developerfusion.com/tools/generatemachinekey/ to create one. Also, these sites have the same salted password in each database and I use 0 in courier.config.
Curiously, I have copied over the salted password from these working sites to the 7.2 site and I can still login to the 7.2 site, so the encryption seems to be working the same. I am going to give it another try today to see what I can find any differences between the two setups.
Good news, I've just managed to get it working.
It started working after I recycled both app pools, so I cannot say exactly what fixed it. It was either copying over the hashed password so it was identical in both databases or copying over the courier.config so they were identical.
I suspect it was the hashed password as I am using "<user>0</user>" in the courier.config file.
I must admit I was looking it the wrong database yesterday which is why it got confuising for me.
@patrick
For sure its related to the (better) password handling with the newer membership providers. Courier uses the older methods that essentially do a string compare on the hashed password...which is different on each instance by default now.
I think the best approach if for us to update the installation documents to highlight this key configuration.
Thanks for the input.
I agree, it may seem clunky copying the hashed password from one database to another, but this seems preferable to putting the login details in plain text in the courier.config. As the passwords are one way hashed, I dont see any other way of doing this.
@All
In order for Courier Auth to work in 6.2+ and 7.1+ you'll need to make sure useLegacyEncoding = true as it is by default. If you decide to update this setting you should update courier.config to use a specifies username and password.
The recommended workaround is:
Set useLegacyEncoding = true and reset the Courier user(s) password. Note: you will need to rest all user passwords if they were created with useLegacyEncoding = false initially.
is working on a reply...