Important Notice from AspDotNetStorefront
It is with dismay that we report that we have been forced, through the action of hackers, to shut off write-access to this forum. We are keen to leave the wealth of material available to you for research. We have opened a new forum from which our community of users can seek help, support and advice from us and from each other. To post a new question to our community, please visit: http://forums.vortx.com
Results 1 to 7 of 7

Thread: Unable to Authenticate with WSI

  1. 04-01-2010, 02:43 PM #1
    steve@groovecommerce.com is offline Junior Member
    Join Date
    Sep 2009
    Posts
    21

    Default Unable to Authenticate with WSI

    We have just installed WSI on a test server and are having some trouble authenticating. In your documentation I found that is says "you must use the SuperAdmin Email and HASHED Password from the master AspDotNetStorefront database".

    How do I retrieve the raw hash from the database? If I copy the hash from the field in MS SQL Management Studio I get a butchered string of characters.
  2. 04-01-2010, 02:48 PM #2
    AspDotNetStorefront Staff - Scott's Avatar
    AspDotNetStorefront Staff - Scott is offline Administrator
    Join Date
    Mar 2007
    Location
    Ashland, OR
    Posts
    2,390

    Default

    That 'butchered string' is what it's looking for. You can either use that, or just disable the WSE3 authentication and enter the password in plain text (not recommended if you're retrieving order or customer info).
    ECommerce Shopping Cart
  3. 04-01-2010, 02:53 PM #3
    steve@groovecommerce.com is offline Junior Member
    Join Date
    Sep 2009
    Posts
    21

    Default

    Sorry, I realize I worded that pretty badly. Afterall a hash is, by definition, a butchered string of characters :-P When I said butchered string, I meant that it doesn't look like a raw hash.

    For example, here is just a small part of it...

    ?????!?Z# t??fL??/?

    I'm not sure what kind of hash you are using but it doesn't look like what I'm used to seeing from MD5 hashes.
    Last edited by steve@groovecommerce.com; 04-01-2010 at 03:03 PM.
  4. 04-01-2010, 03:21 PM #4
    AspDotNetStorefront Staff - Scott's Avatar
    AspDotNetStorefront Staff - Scott is offline Administrator
    Join Date
    Mar 2007
    Location
    Ashland, OR
    Posts
    2,390

    Default

    Yeah that'll happen sometimes unfortunately. You can end up with a password that works perfectly for the standard admin login but just won't work through WSE3. It's something with WSE3 authentication in general.

    There are 2 things to try with that - first, copy the hashed password in to Notepad first and THEN into the password field. There's some kind of hidden characters in there sometimes that doing that strips out. If that doesn't work, you can actually just reset the password and try with the new hashed value. I've had it before that it took several tries to get one that worked.

    I think we're planning on getting away from WSE3 here eventually (Microsoft is), hopefully this'll go away then.
    ECommerce Shopping Cart
  5. 04-01-2010, 03:23 PM #5
    steve@groovecommerce.com is offline Junior Member
    Join Date
    Sep 2009
    Posts
    21

    Default

    Thank you Scott. That is unfortunate We will try this.
  6. 09-05-2012, 07:36 AM #6
    btappan2 is offline Member
    Join Date
    Apr 2012
    Posts
    43

    Default

    I am ready to hang myself over getting this to work with simrun commander, I've reset the password 40 times, I run a query in "query express" to see the hashed the password, I copy/paste it, tried it straight, and using the notepad step mentioned above, and nothing. Any suggestions?

    Somebody suggested, it may be easiest to just throw your encryption key and dbconn line (appSettings) into a new web.config (unless you have made other changes in the web.config).

    How do I do this and would it work with commander?
  7. 09-05-2012, 07:53 AM #7
    btappan2 is offline Member
    Join Date
    Apr 2012
    Posts
    43

    Default

    If trying the reset password method through the admin, not sql, does the web.config file have to be "touched" before trying to connect with commander