Hi
I'm pretty new to this so apologies if I breach etiquette or if I've posted in the wrong forum. I've just installed DNN 4.9.0 last week and after a few bumps and schoolboy errors I managed to get it all up and running, however the 'remember me' on the login didn't seem to be working. I did some digging and found a suggestion to change the timeout value in the authentication/forms element of the web.config as well as adding slidingExpiration="true" so that the time would reset whenever users logged in.
I made these changes and uploaded the web.config however when I went back to the site I found I couldn't login, I was getting "Login Failed" errors with all my logins (I use three different ones, one with host permissions, one with site admin and a general user so I don't accidentally break anything when I just want to post on my site forums).
The obvious thought was that I'd inadvertently changed something else in the web.config so I copied the back-up I'd taken before making the changes back up to the server, but that didn't help. I then tried to register as a new user, that worked fine. Logged out and then back in as the new user, still no problem. Tried again with the original users, nope still not working.
I then tried using the 'retrieve password' but that came back with a "could not retrieve password" error. I then connected to the database directly through MS-SQL dev studio and changed my new user to a super user in the "Users" table, then tried going through the admin interface to change the password on my original users but got the same "unable to retrieve password" error.
I've had a look in the event viewer and I suspect this is the main cause of the problems:-
FileColumnNumber: 0 Method: System.Security.Cryptography.CryptographicException.ThrowCryptogaphicException StackTrace: Message: DotNetNuke.Services.Exceptions.PageLoadException: Bad Data. ---> System.Security.Cryptography.CryptographicException: Bad Data. at System.Security.Cryptography.CryptographicException.ThrowCryptogaphicException(Int32 hr) at System.Security.Cryptography.Utils._DecryptData(SafeKeyHandle hKey, Byte[] data, Int32 ib, Int32 cb, Byte[]& outputBuffer, Int32 outputOffset, PaddingMode PaddingMode, Boolean fDone) at System.Security.Cryptography.CryptoAPITransform.TransformFinalBlock(Byte[] inputBuffer, Int32 inputOffset, Int32 inputCount) at System.Security.Cryptography.CryptoStream.FlushFinalBlock() at System.Web.Configuration.MachineKeySection.EncryptOrDecryptData(Boolean fEncrypt, Byte[] buf, Byte[] modifier, Int32 start, Int32 length, Boolean useValidationSymAlgo) at System.Web.Security.MembershipProvider.DecryptPassword(Byte[] encodedPassword) at System.Web.Security.MembershipProvider.UnEncodePassword(String pass, Int32 passwordformat) at System.Web.Security.SqlMembershipProvider.GetPassword(String username, String passwordAnswer) at System.Web.Security.MembershipUser.GetPassword() at DotNetNuke.Security.Membership.AspNetMembershipProvider.ChangePassword(UserInfo user, String oldPassword, String newPassword) at DotNetNuke.Entities.Users.UserController.ChangePassword(UserInfo user, String oldPassword, String newPassword) at DotNetNuke.Modules.Admin.Users.Password.cmdUpdate_Click(Object sender, EventArgs e) at DotNetNuke.UI.WebControls.CommandButton.RaiseClick(Object sender, EventArgs e) at System.Web.UI.WebControls.LinkButton.OnClick(EventArgs e) at System.Web.UI.WebControls.LinkButton.RaisePostBackEvent(String eventArgument) at System.Web.UI.WebControls.LinkButton.System.Web.UI.IPostBackEventHandler.RaisePostBackEvent(String eventArgument) at System.Web.UI.Page.RaisePostBackEvent(IPostBackEventHandler sourceControl, String eventArgument) at System.Web.UI.Page.RaisePostBackEvent(NameValueCollection postData) at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) --- End of inner exception stack trace --- Source:
Can anyone point me in the right direction? If the worst comes to the worst I've only got a dozen or so registered users so I could delete them and ask them to re-register but given that I don't know what caused the problem in the first place I'm reluctant to do that.
All suggestions will be gratefully received!
-- Mike
|