security - How to manually verify a user against the ASP.NET memberhip database? -

I would like to know that I am an existing ASP.N. How can I verify the user's credentials against membership membership databases. The short story is that we want to provide access to a single entry

If you have tried to run a SQL query to connect directly and aspnet_Membership table from the subscription database went by me :.

  private bool CanLogin (string username, string password) {// Get the DB check the credentials right try {see string passwordHash = FormsAuthentication.HashPasswordForStoringInConfigFile (password, "SHA1"); String sql = String.Format ( "Select an inner a.UserId = 1 to aspnet_Users b.UserId and a.applicationid = b.applicationid where a.username = '{0}' and aspnet_Membership b b.password = ' join {1} ', Ugnemnam. Talvr Inveriynt (), password hash) using; (SqlConnection sqlConn = new SqlConnection (ConfigurationManager.ConnectionStrings [ "LocalSqlServer"] ConnectionString).) using (SqlCommand sqlcmd = new SqlCommand (SQL, sqlConn)) {sqlConn.Open (); Int count = sqlCmd.ExecuteNonQuery (); == calculate return 1;}} catch (exception ex) {return false;}}  

The problem is the value of the password, is that Minister has washed even know how password?

If you have two on the same IIS server Asp.net applications, you can do SSO in this way. I asked this question and answered myself.

Both apps by you have your web config

  & lt is pointing to your asp_membership database by keeping the following in the system.web section; Authentication mode = "form" / & gt; & Lt; Membership & gt; & Lt; Providers & gt; & Lt; Clear /> & Lt; Add name = "aspNetSqlMembershipProvider" type = "System.Web.Security.SqlMembershipProvider, System.Web, version = 2.0.0.0, culture = neutral, publicKeyToken = b03f5f7f11d50a3a" connectionStringName = "membership" applicationName = "/" /> & Lt; / Providers & gt; & Lt; / Subscription & gt; & Lt; RoleManager enabled = "true" />  

Ensure that both the same ApplicationName property is set up.

I was using IIS 6 so I configured to autogenerate a machine key for both applications. Since both of these applications live on the same machine, the key will be identical, this is the important part of the SSO work. After the establishment of IIS my web Config

  & lt; The following was added for machine decryption. KI = "Auto Generate" Validation = "SHA1" Validation = "AutoAugerator" />  

All this was there once it was done that I can enter AP1 and then browse on AP2 and keep my security credentials.