I've created a custom asp.net membership provider that authenticates against a legacy database. The problem I'm running into to is how to handle users that have same username.
I've repeatedly tried convincing my boss that a username should be unique but this has been to no avail.
Update:
It does seem to be fundamental flaw with the authentication system, but how do I convince my boss that he needs to update his Powerbuilder code? I've been trying for nearly 2 years now and he thinks a unique (username,password) is good enough. I also want to store the passwords in a unidirectional hash instead of plaintext.