Company: Link Technologies
Case No: L09612. Project: 10.10: LinkSOFT Version 10.1
Logged By: Alvis (Link Technologies) on 05 Oct 2018 08:24AM
Priority: High
Product: Point of Sale
Group: Software Defect
Time Taken: 3.00 (Weight: 3.00)
Version: 10.155.0117
Assigned To: Sanjay (Link Technologies)
Circulation: Alvis, Development, Rashna, Sanjay
Resolve By: Friday, 05 October 2018 12:00 AM [2020 days since logged date]
Status: Closed
Subject: Unable to login as "Peter" into POS in Demo database
Summary:    

User: Peter is assigned role Cashier.

Login into POS with credentials: 
username: Peter
Password: 12

A message is displayed on the screen "Invalid User"

A detailed message is logged in the log table shown below:

Module: System.Web.ApplicationServices
LogMessage: You must specify a non-autogenerated machine key to store passwords in the encrypted format. Either specify a different passwordFormat, or change the machineKey configuration to use a non-autogenerated decryption key.

LogData: {"ClassName":"System.Configuration.Provider.ProviderException","Message":"You must specify a non-autogenerated machine key to store passwords in the encrypted format. Either specify a different passwordFormat, or change the machineKey configuration to use a non-autogenerated decryption key.","Data":null,"InnerException":null,"HelpURL":null,"StackTraceString":" at System.Web.Security.MembershipProvider.EncryptPassword(Byte[] password, MembershipPasswordCompatibilityMode legacyPasswordCompatibilityMode)\r\n at System.Web.Security.SqlMembershipProvider.EncodePassword(String pass, Int32 passwordFormat, String salt)\r\n at System.Web.Security.SqlMembershipProvider.CheckPassword(String username, String password, Boolean updateLastLoginActivityDate, Boolean failIfNotApproved, String& salt, Int32& passwordFormat)\r\n at System.Web.Security.SqlMembershipProvider.ValidateUser(String username, String password)\r\n at LT.LinkPOS.BLL.POSSecurityBLL.ValidateUser(String username, String password, String moduleName, String connectionString)","RemoteStackTraceString":null,"RemoteStackIndex":0,"ExceptionMethod":"8\nEncryptPassword\nSystem.Web.ApplicationServices, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35\nSystem.Web.Security.MembershipProvider\nByte[] EncryptPassword(Byte[], System.Web.Configuration.MembershipPasswordCompatibilityMode)","HResult":-2146233088,"Source":"System.Web.ApplicationServices","WatsonBuckets":null}

Audit Notes:Edited by sanjay on 05/03/19 10:00. 
05 Oct 201808:24AM Comment 1 by Alvis (Link Technologies) Case 9612 added to project 10.0
05 Oct 201802:17PM Comment 2 by Sanjay (Link Technologies) Assigned To: Development Followup Date: 05-10-2018 02:17 PM Time Taken: 1.00
Development work for this case has been completed.
The change will be available in version: 10 beta7

1. The following changes were made(Include Database object names, Program classes and any other relevant information):|

  1. Changed user "reset password" to force HASHED encryption which is required for login to POS.
  2. In this case, the administrator can reset user "peter" password. This user will then be able to login into POS.

2. The issue was caused by:

  1. User password format was not HASHED.

    3. Next Step

    1. UAT

    05 Oct 201803:40PM Comment 3 by Sanjay (Link Technologies) Assigned To: Rashna (Edge Business Solutions) Followup Date: 05-10-2018 03:40 PM Time Taken: 1.00
    System test completed. Proceed with UAT

    08 Oct 201808:45AM Comment 4 by Rashna (Edge Business Solutions) Assigned To: Sanjay (Link Technologies) Followup Date: 08-10-2018 08:45 AM Time Taken: 1.00
    Hi Sanjay
    QA Results
    Tests carried out according to requirements specified on the case header

    Test Results Summary

    Table 1 - Summarised list of issues
    NoTest DescriptionPass/Fail
    1Reset password for user "Peter". The user should be able to login with the emailed passwordPass
    2Change the password for user "Peter" to 1234567*. The user should be able to login with the password
    		Pass
    3Recover password for user "Peter". The user should be able to login with the emailed password
    		Pass

    Environment Details

    1. OS version: Windows Server 2012
    2. Application version: 10 Beta 7
    3. Setup: Demo
    4. Server : 10.0.0.10
    5. Database: LINKSOFT-DEMO-10-RASHNA

    Steps to reproduce failed scenarios: N/A

    Next Step: for closure


      09 Oct 201810:02AM Comment 5 by Sanjay (Link Technologies) Assigned To: Sanjay (Link Technologies) Followup Date: 09-10-2018 10:02 AM
      Thanks Rashna 

      09 Oct 201908:14AM Comment 6 by Sanjay (Link Technologies) Quality control status: Pass. QC Not required - This case was created before quality check was implemented in version 11 on 30/06/2019
      If you have any queries regarding this support incident, please email admin@linktechnologies.com.au and include the Case No: L09612 in the subject line of all emails regarding this issue.

      Document size: 6.8 KB
      For call complaints, please contact the Managing Director of the company using this form