Currently our website uses .NET Forms Authentication with salted SHA1 password hashes stored in

Question

0

Asked: June 4, 20262026-06-04T21:39:13+00:00 2026-06-04T21:39:13+00:00

Currently our website uses .NET Forms Authentication with salted SHA1 password hashes stored in

0

Currently our website uses .NET Forms Authentication with salted SHA1 password hashes stored in a SQL Server 2005 database. We want to change over to use a CAS Server for authentication, but we don’t want to loose our existing usernames/passwords.

I figure I have two options… I can use the QueryDatabaseAuthenticationHandler and recreate the hashes in T-SQL, or I can use the DefaultPasswordEncoder if I can replicate the exact settings that .NET Forms Authentication uses. Both are documented here.

Has anyone tried to configure CAS to read .NET password hashes? If so, do you have an example using one of the methods above (or a third that I haven’t thought of)?

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-06-04T21:39:15+00:00

Editorial Team

2026-06-04T21:39:15+00:00Added an answer on June 4, 2026 at 9:39 pm

I dont have an example ready unfortunately, but I know for certain that folks have done this by leveraging the functionality in the two classes you pointed out.

If you’re looking for additional info and examples on how this may be done, please post a message to @cas-user mailing list.

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

Currently our website uses .NET Forms Authentication with salted SHA1 password hashes stored in

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply