急需帮忙!网站登录密码加密方式突然发生变化,导致不能登录管理
大家好,我的网站http://www.hz-simtone.com这个网站是去年上线的,到今年9月份一直运行很正常的,最近不知道是什么原因无法登录,注册后无法修改密码,提示旧密码不对,通过查看数据库,发现加密的密码位数改变了,原先是56位,现在变成112位。通过修改Web.config文件的加密方式,又无果。后来连接远程数据库测试本地程序,可正登录注册(密码加密后是56位的),把本地程序重新上传服务器,结果还是无法登录,密码加密还是112位的。查了很多资料,说可能是集群式服务器的MachineKey是动态变化的,Web.config文件设置不当也会引起此类问题;还有说是Cookies或Session也些引起此类问题。经过一翻努力还是无法解决,很是纠结,就来这里请求高手们支援了,希望大家给点建议。本人QQ:48360245(如有高手支援,可联系附程序源码,本地测试正常网站)
谢谢!!!--------------------------------------------------------
程序环境:ASP.NET2.0(C#)+MSSQL2000开发工具:VS2005Web.Config代码:
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<configSections>
<section name="coreConfig" type="NetFocus.Web.Core.ConfigurationSectionHandler, NetFocus.Web.Core"/>
<section name="siteConfig" type="NetFocus.Web.Applications.Forum.ConfigurationSectionHandler, NetFocus.Web.Applications.Forum"/>
</configSections>
<coreConfig registeredDefaultRoles="所有人;注册用户" anonymousDefaultRoles="所有人">
<providers>
<clear/>
<add name="UserProvider" type="NetFocus.Web.Core.Providers.SqlUserProvider, NetFocus.Web.Core" connectionStringName="SiteSqlServer" passwordFormat="Encrypted" />
<add name="RoleProvider" type="NetFocus.Web.Core.Providers.SqlRoleProvider, NetFocus.Web.Core" connectionStringName="SiteSqlServer" />
<add name="DataProvider" type="NetFocus.Web.Core.Providers.SqlDataProvider, NetFocus.Web.Core" connectionStringName="SiteSqlServer" />
</providers>
</coreConfig>
<siteConfig defaultLanguage="zh-CN" siteUrlsFile = "Urls.xml">
<providers>
<clear/>
</providers>
</siteConfig>
<appSettings>
<add key="SiteSqlServer" value="server=****;uid=****;pwd=****;Trusted_Connection=no;database=****"/>
<add key="FCKeditor:BasePath" value="~/Utility/FCKeditor/"/>
<add key="FCKeditor:UserFilesPath" value="~/uploadfiles/image"/>
<add key="FCKeditor:UploadDeniedExtensions" value=".php|.php3|.php5|.phtml|.asp|.aspx|.ascx|.jsp|.cfm|.cfc|.pl|.bat|.exe|.dll|.reg|.cgi|.cs|.vb|.asa|.cer|c.dx|.ascx|.asax|.ashx|.asmx|.java|.jsl"/>
</appSettings>
<system.web>
<globalization requestEncoding="utf-8" responseEncoding="utf-8" />
<machineKey validationKey="3FF1E929BC0534950B0920A7B59FA698BD02DFE8" decryptionKey="280450BB36319B474C996B506A95AEDF9B51211B1D2B7A77" decryption="3DES" validation="SHA1"/>
<httpModules>
<add name="DefaultHttpModule" type="NetFocus.Web.Applications.Forum.HttpModule, NetFocus.Web.Applications.Forum"/>
</httpModules>
<httpHandlers>
<add verb="GET" path="authCode.aspx" type="NetFocus.Web.Applications.Forum.AuthCodeHttpHandler, NetFocus.Web.Applications.Forum" />
<add verb="GET" path="userCheck.aspx" type="NetFocus.Web.Applications.Forum.UserCheckHttpHandler, NetFocus.Web.Applications.Forum" />
</httpHandlers>
<pages validateRequest="false">
<controls>
<add tagPrefix="nwap" namespace="NetFocus.Web.Core" assembly="NetFocus.Web.Core" />
<add tagPrefix="nwap" namespace="NetFocus.Web.Applications.Forum" assembly="NetFocus.Web.Applications.Forum" />
</controls>
</pages>
<authentication mode="Forms">
<forms name=".Forum" protection="All" timeout="60000" loginUrl="login.aspx" slidingExpiration="true"/>
</authentication>
<anonymousIdentification enabled="false" cookieName=".ASPXANONYMOUS" cookieTimeout="100000" cookiePath="/" cookieRequireSSL="false" cookieSlidingExpiration="true" cookieProtection="None" domain=""/>
<httpRuntime maxRequestLength="1000000" executionTimeout="300"/>
</system.web>
</configuration>
大家好,我的网站http://www.hz-simtone.com这个网站是去年上线的,到今年9月份一直运行很正常的,最近不知道是什么原因无法登录,注册后无法修改密码,提示旧密码不对,通过查看数据库,发现加密的密码位数改变了,原先是56位,现在变成112位。通过修改Web.config文件的加密方式,又无果。后来连接远程数据库测试本地程序,可正登录注册(密码加密后是56位的),把本地程序重新上传服务器,结果还是无法登录,密码加密还是112位的。查了很多资料,说可能是集群式服务器的MachineKey是动态变化的,Web.config文件设置不当也会引起此类问题;还有说是Cookies或Session也些引起此类问题。经过一翻努力还是无法解决,很是纠结,就来这里请求高手们支援了,希望大家给点建议。本人QQ:48360245(如有高手支援,可联系附程序源码,本地测试正常网站)
谢谢!!!--------------------------------------------------------
程序环境:ASP.NET2.0(C#)+MSSQL2000开发工具:VS2005Web.Config代码:
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<configSections>
<section name="coreConfig" type="NetFocus.Web.Core.ConfigurationSectionHandler, NetFocus.Web.Core"/>
<section name="siteConfig" type="NetFocus.Web.Applications.Forum.ConfigurationSectionHandler, NetFocus.Web.Applications.Forum"/>
</configSections>
<coreConfig registeredDefaultRoles="所有人;注册用户" anonymousDefaultRoles="所有人">
<providers>
<clear/>
<add name="UserProvider" type="NetFocus.Web.Core.Providers.SqlUserProvider, NetFocus.Web.Core" connectionStringName="SiteSqlServer" passwordFormat="Encrypted" />
<add name="RoleProvider" type="NetFocus.Web.Core.Providers.SqlRoleProvider, NetFocus.Web.Core" connectionStringName="SiteSqlServer" />
<add name="DataProvider" type="NetFocus.Web.Core.Providers.SqlDataProvider, NetFocus.Web.Core" connectionStringName="SiteSqlServer" />
</providers>
</coreConfig>
<siteConfig defaultLanguage="zh-CN" siteUrlsFile = "Urls.xml">
<providers>
<clear/>
</providers>
</siteConfig>
<appSettings>
<add key="SiteSqlServer" value="server=****;uid=****;pwd=****;Trusted_Connection=no;database=****"/>
<add key="FCKeditor:BasePath" value="~/Utility/FCKeditor/"/>
<add key="FCKeditor:UserFilesPath" value="~/uploadfiles/image"/>
<add key="FCKeditor:UploadDeniedExtensions" value=".php|.php3|.php5|.phtml|.asp|.aspx|.ascx|.jsp|.cfm|.cfc|.pl|.bat|.exe|.dll|.reg|.cgi|.cs|.vb|.asa|.cer|c.dx|.ascx|.asax|.ashx|.asmx|.java|.jsl"/>
</appSettings>
<system.web>
<globalization requestEncoding="utf-8" responseEncoding="utf-8" />
<machineKey validationKey="3FF1E929BC0534950B0920A7B59FA698BD02DFE8" decryptionKey="280450BB36319B474C996B506A95AEDF9B51211B1D2B7A77" decryption="3DES" validation="SHA1"/>
<httpModules>
<add name="DefaultHttpModule" type="NetFocus.Web.Applications.Forum.HttpModule, NetFocus.Web.Applications.Forum"/>
</httpModules>
<httpHandlers>
<add verb="GET" path="authCode.aspx" type="NetFocus.Web.Applications.Forum.AuthCodeHttpHandler, NetFocus.Web.Applications.Forum" />
<add verb="GET" path="userCheck.aspx" type="NetFocus.Web.Applications.Forum.UserCheckHttpHandler, NetFocus.Web.Applications.Forum" />
</httpHandlers>
<pages validateRequest="false">
<controls>
<add tagPrefix="nwap" namespace="NetFocus.Web.Core" assembly="NetFocus.Web.Core" />
<add tagPrefix="nwap" namespace="NetFocus.Web.Applications.Forum" assembly="NetFocus.Web.Applications.Forum" />
</controls>
</pages>
<authentication mode="Forms">
<forms name=".Forum" protection="All" timeout="60000" loginUrl="login.aspx" slidingExpiration="true"/>
</authentication>
<anonymousIdentification enabled="false" cookieName=".ASPXANONYMOUS" cookieTimeout="100000" cookiePath="/" cookieRequireSSL="false" cookieSlidingExpiration="true" cookieProtection="None" domain=""/>
<httpRuntime maxRequestLength="1000000" executionTimeout="300"/>
</system.web>
</configuration>
再说,难道没做重置密码的功能吗
密码加密一般都是自己弄咯,与Web.config、MachineKey有啥关系?
只知道MachineKey与Forms身份验证的cookie加密方式有关
但这些与用户密码没有任何关系~