Membership.ValidateUser always return false on IIS
Solved! Hope this will save someone's time.
The problem was the application name.
host:port/Service
host/BPM/Service
note:BPM is applicaton name you give it on IIS.
Membership encryption algorithm uses "ApplicatonName". When I setup applicaton I used BPM as application name. on development server the "name" return "/". But its "BPM" on IIS !
All my old passwords was generated with "/" appliacion name. So always provide an application Name. Read this article from Scott-Gu 's blog.
public bool Login(string userName,string password)
{
var provider = Membership.Provider;
string name = provider.ApplicationName;
return Membership.ValidateUser(userName, password);
}
//Wrong one
<membership>
<providers>
<clear/>
<add name="AspNetSqlMembershipProvider"
type="System...bla bla"
connectionStringName="LocalSqlServer"
enablePasswordRetrieval="false"
enablePasswordReset="true"
requiresQuestionAndAnswer="true"
requiresUniqueEmail="false"
passwordFormat="Hashed"
maxInvalidPasswordAttempts="5"
minRequiredPasswordLength="7"
minRequiredNonalphanumericCharacters="1"
passwordAttemptWindow="10"
passwordStrengthRegularExpression=""
applicationName="/" //Wrong
/>
</providers>
</membership>
//Right one
<membership>
<providers>
<clear/>
<add name="AspNetSqlMembershipProvider"
type="System.Web.Security.S.. bla bla"
connectionStringName="LocalSqlServer"
enablePasswordRetrieval="false"
enablePasswordReset="true"
requiresQuestionAndAnswer="true"
requiresUniqueEmail="false"
passwordFormat="Hashed"
maxInvalidPasswordAttempts="5"
minRequiredPasswordLength="7"
minRequiredNonalphanumericCharacters="1"
passwordAttemptWindow="10"
passwordStrengthRegularExpression=""
applicationName="MyAPPNAME" //Well :)
/>
</providers>
</membership>