Couple days ago I got a task to migrate user from an existing website which build based on Jomla CMS to an ASP.NET website user. Both of them use different encryption technique. The plan was that the Jomla based website would be replaced with the .NET website. In sort the scenario was :
Replace PHP website build on top Jomla CMS with .NET
Migrate users from Jomla so they can login into the new .NET website using old password
Migrate some roles
The first thing that come to my mind is to check whether they use the different encryption algorithm or not. And yup…they use different algorithm :( . So I decide to extend the MembershipProvider used by the .NET. In my case, thankfully I just need to override one method on that is ValidateUser. I will not talk the the detail what inside the methods is. The main point is just to validate if user login using existing password created by jomla can be validated by the .NET. To do that I create a simple class called JomlaEncryption to validate if user enter valid Jomla password.