Solved

password and verify store procedures - not working -

Posted on 2011-02-28
4
375 Views
Last Modified: 2012-06-27
After I exec and create a new user.
then I try to verify it but it is always returning "Failed"

am I doing it right?

----------

USE [SA02012011]
GO
/****** Object:  StoredProcedure [dbo].[pAddUser]    Script Date: 02/28/2011 10:56:10 ******/
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
ALTER PROCEDURE [dbo].[pAddUser](
      @UserName VARCHAR(20),
      @eMail VARCHAR(20),
      @Algorithm VARCHAR(16),
      @Pass VARCHAR(16)
)
AS
BEGIN
      set nocount on
      
      INSERT INTO PersonID (UserName, eMail, passwordID)
select @UserName, @eMail, hashbytes(@Algorithm,@Pass)
END


USE [SA02012011]
GO
/****** Object:  StoredProcedure [dbo].[pVerifyCredentials]    Script Date: 02/28/2011 10:55:22 ******/
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
ALTER PROCEDURE [dbo].[pVerifyCredentials](
      @UserName VARCHAR(20),
      @Algorithm VARCHAR(16),
      @Pass VARCHAR(16)
)
AS
BEGIN
      set nocount on
      select case num when 1 then 'OK'
                      else 'Failed'
                      end as Result
        from (
      SELECT count(*) as Num
        FROM PersonID
       WHERE UserName = @UserName
         AND passwordID = convert(binary(16),HASHBYTES(@Algorithm, @Pass))
              ) AS X
END
return

0
Comment
Question by:goodk
  • 2
4 Comments
 
LVL 23

Accepted Solution

by:
Rajkumar Gs earned 400 total points
ID: 34998968
I think the Stored Procedure is having issue - Try this modified one
/****** Object:  StoredProcedure [dbo].[pVerifyCredentials]    Script Date: 02/28/2011 10:55:22 ******/
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
ALTER PROCEDURE [dbo].[pVerifyCredentials]
    (
      @UserName VARCHAR(20) ,
      @Algorithm VARCHAR(16) ,
      @Pass VARCHAR(16)
    )
AS 
    BEGIN
        SET nocount ON
        SELECT  CASE num
                  WHEN 1 THEN 'OK'
                  ELSE 'Failed'
                END AS Result
        FROM    ( SELECT    COUNT(*) AS Num
                  FROM      PersonID
                  WHERE     UserName = @UserName
                            AND passwordID = HASHBYTES(@Algorithm, @Pass)
                ) AS X
    END
GO

Open in new window



0
 
LVL 23

Expert Comment

by:Rajkumar Gs
ID: 34998982

You need to compare password in the same way that you saved to database
Changed
passwordID = convert(binary(16),HASHBYTES(@Algorithm, @Pass))
to
passwordID = HASHBYTES(@Algorithm, @Pass)

Raj
0
 
LVL 15

Assisted Solution

by:derekkromm
derekkromm earned 100 total points
ID: 34999016
"AND passwordID = convert(binary(16),HASHBYTES(@Algorithm, @Pass))"

You may be truncating part of the result with "binary(16)"

Try just using "binary" instead.
0
 

Author Closing Comment

by:goodk
ID: 34999383
thanks - it was so timely!

and CORRECT
0

Featured Post

Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Ever needed a SQL 2008 Database replicated/mirrored/log shipped on another server but you can't take the downtime inflicted by initial snapshot or disconnect while T-logs are restored or mirror applied? You can use SQL Server Initialize from Backup…
This article shows gives you an overview on SQL Server 2016 row level security. You will also get to know the usages of row-level-security and how it works
Via a live example, show how to backup a database, simulate a failure backup the tail of the database transaction log and perform the restore.
Viewers will learn how to use the UPDATE and DELETE statements to change or remove existing data from their tables. Make a table: Update a specific column given a specific row using the UPDATE statement: Remove a set of values using the DELETE s…

776 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question