I had an interesting issue last night. I deployed my local Azure emulated MVC 3 role and worker role to my Windows Azure instance. All worked perfectly locally and in particular the logon page I built allows me to log onto the secure area of my MVC 3 site using System.WebProviders (ASP.Membership).
I found an issue when I tried to log onto my remote Azure site using my deployed logon view.
The logon on the server failed and told me my user name or password was wrong.
Ok, so I then pointed my local instance ASP.NET configuration (the built in membership, role etc.. tool for setting up members and roles) at my Azure SQL database and tried to manage my members from there and it worked.
Even when I changed my local connection string to point to my Azure SQL database and tried logging on, it worked. WEIRD!!! (ie.. local browser, remote Azure database).
So then today I fould this blog:
and then this one:
The part of the post in particular that caught my attention was this:
I tracked it down, thanks to some info in this article by David Hoerster. The problem is that the default password hashing algorithm on Azure is different from the .NET 4.0 defaults. It is set to SHA1 on Azure, and HMACSHA256 is the new standard setting on 4.0.
The rest of the post is here:
This can be fixed by specifying the hash type explicitly in web.config. If you decide to use a method like HMACSHA256, make sure you also specify a machine key – otherwise you will run into similar problems as the autogenerated machine key will differ from server to server.
The configuration element you need to change is under :
I will go home tonight and try this and update this post in the morning…….time passes…….ok, so went home last night and tried a few things. My password hashing algorithm was different between my local and azure. I just used the Azure machine config setting on my local and it all works fine now. Good times!!!