1 2009-09-22 Sebastien Pouliot <sebastien@ximian.com>
3 * MembershipProvider.cs: Ensure password decryption is always
7 2009-07-09 Gonzalo Paniagua Javier <gonzalo@novell.com>
9 * SqliteMembershipProvider.cs:
10 * UrlAuthorizationModule.cs: use GetSection instead of
11 OpenWebConfiguration+GetSection.
13 2009-05-28 Marek Habersack <mhabersack@novell.com>
15 * FormsAuthenticationModule.cs: if forms authentication login URL
16 is not rooted, make it relative to the application root, so that
17 MapPath maps it correctly.
18 Use String.Compare for checking whether requested URL matches the
19 login URL - be case-insensitive when running on Windows or with
22 2009-03-10 Marek Habersack <mhabersack@novell.com>
24 * UrlAuthorizationModule.cs: OnAuthorizeRequest must use the
25 configuration from <location> elements in the config. Fixes bug
28 2009-02-28 Gonzalo Paniagua Javier <gonzalo@novell.com>
30 * FormsAuthentication.cs: use GetWebApplication instead of GetSection
31 for application level configuration.
33 2009-01-12 Marek Habersack <mhabersack@novell.com>
35 * MembershipUserCollection.cs: CopyTo overloads use store.Values
36 as the copy source. Fixes bug #464783. Patch from Christian
37 Prochnow <cproch@seculogix.de>
39 2008-12-25 Gonzalo Paniagua Javier <gonzalo@novell.com>
42 * SqlMembershipProvider.cs: use IndexOf (char) instead of
45 2008-08-20 Marek Habersack <mhabersack@novell.com>
47 * Membership.cs: implemented the HashAlgorithmType property. Fixes
50 2008-06-30 Marek Habersack <mhabersack@novell.com>
52 * SqliteMembershipProvider.cs, SqliteRoleProvider.cs: remove
55 * SqlRoleProvider.cs, AspNetDBSchemaChecker.cs: hush the warnings
57 2008-05-30 Marek Habersack <mhabersack@novell.com>
59 * AnonymousIdentificationModule.cs, FormsAuthenticationModule.cs,
60 DefaultAuthenticationModule.cs, MembershipProvider.cs,
61 WindowsAuthenticationModule.cs, PassportAuthenticationModule.cs,
62 RoleManagerModule.cs: do not use synthetized event accessors (to
65 2008-05-07 Marek Habersack <mhabersack@novell.com>
67 * RolePrincipal.cs: fix:
68 - Reloading the roles cache from the provider when expired
69 - Update issue & expiry date for expired tickets
70 - Incrementing the cookie expiry date
71 - Obey Roles.MaxCachedResults
72 Fixes bug #385877. Patch from Ivan Hamilton
73 <ivan@chimerical.com.au>, thanks!
75 2008-03-10 Marek Habersack <mhabersack@novell.com>
77 * RoleManagerModule.cs: initialize _config before adding event
78 handlers and account for the fact that _config might still be null
79 in the methods that use it.
81 2007-12-30 Vladimir Krasnov <vladimirk@mainsoft.com>
83 * SqliteMembershipProvider.cs, SqlRoleProvider.cs: added chema checking
84 * added AspNetDBSchemaChecker.cs: schema checker helper class
86 2007-12-11 Vladimir Krasnov <vladimirk@mainsoft.com>
88 * Roles.cs: fixed Providers property to be thread safe
90 2007-12-08 Marek Habersack <mhabersack@novell.com>
92 * SqliteRoleProvider.cs: added - a Role Provider for
93 Sqlite, based on PostgreSQL Role Provider code from Daniel
94 Nauck <dna@informatik.uni-kiel.de>
96 * SqliteMembershipProvider.cs: added - a Membership Provider for
97 Sqlite, based on PostgreSQL Membership Provider code from Daniel
98 Nauck <dna@informatik.uni-kiel.de>
100 2007-11-28 Marek Habersack <mhabersack@novell.com>
102 * SqlMembershipProvider.cs: handle situation when there is no
103 connection string configured for the SQL Membership Provider.
105 2007-11-01 Marek Habersack <mhabersack@novell.com>
107 * RolePrincipal.cs, MembershipProvider.cs: use the new
108 MachineKeySectionUtils class wherever necessary.
110 * FormsAuthentication.cs: use the new MachineKeySectionUtils class
112 GetHexString is a private method again.
114 2007-10-31 Marek Habersack <mhabersack@novell.com>
116 * FormsAuthentication.cs: made GetHexString an internal method -
117 it is used in the AssemblyResourceLoader.cs
119 2007-08-14 Marek Habersack <mhabersack@novell.com>
121 * Roles.cs: remove unused field.
123 * SqlMembershipProvider.cs: remove unused variable.
125 2007-08-13 Vladimir Krasnov <vladimirk@mainsoft.com>
127 * SqlRoleProvider.cs: fixed ApplicationName initialization
129 2007-06-24 Vladimir Krasnov <vladimirk@mainsoft.com>
131 * FormsAuthentication.cs: improved performance of GetHexString()
133 2007-05-17 Vladimir Krasnov <vladimirk@mainsoft.com>
135 * SqlMembershipProvider.cs: fixed DeleteUser, fixed parameter name
137 2007-05-14 Igor Zelmanovich <igorz@mainsoft.com>
139 * SqlMembershipProvider.cs: Fix parameter binding to stored procedures.
141 2007-05-09 Igor Zelmanovich <igorz@mainsoft.com>
143 * PassportIdentity.cs:
144 added MonoNotSupported attribute.
146 2007-05-02 Marek Habersack <mhabersack@novell.com>
148 * FormsAuthentication.cs: user names are stored in lowercase in
149 the credentials database.
151 2007-04-29 Igor Zelmanovich <igorz@mainsoft.com>
153 * FormsAuthenticationModule.cs:
154 Redirect to login page doesn't cause thread abort.
156 2007-04-19 Igor Zelmanovich <igorz@mainsoft.com>
158 * SqlMembershipProvider.cs:
159 ChangePassword throws exception if new password has invalid format.
161 2007-04-17 Igor Zelmanovich <igorz@mainsoft.com>
165 if default provider was not found ConfigurationErrorsException is thrown.
167 2007-04-12 Marek Habersack <mhabersack@novell.com>
169 * RoleManagerModule.cs: do not try to decrypt encryption tickets
170 from cookies with empty values.
172 2007-04-04 Juraj Skripsky <js@hotfeet.ch>
174 * FormsAuthenticationModule.cs: Move initialization of _config out
175 of Init() as app.Context is null in that method when a session is
176 about to be terminated.
178 2007-03-21 Vladimir Krasnov <vladimirk@mainsoft.com>
180 * AnonymousIdentificationModule.cs: optimized Config property
182 2007-03-21 Vladimir Krasnov <vladimirk@mainsoft.com>
184 * AnonymousIdentificationModule.cs: added configuration section caching
185 to AppDomain for TARGET_JVM
186 * RoleManagerModule.cs:
187 * UrlAuthorizationModule.cs:
188 * FormsAuthenticationModule.cs: refactored configuration section to be
191 2007-03-20 Marek Habersack <mhabersack@novell.com>
193 * FormsAuthentication.cs, Roles.cs: remove roles cookie on sign
194 out. Fixes bug #81195. Patch from Mike Morano <mmorano@mikeandwan.us>.
196 2007-03-12 Marek Habersack <mhabersack@novell.com>
198 * RolePrincipal.cs: decrypt the roles ticket properly. Makes role
199 caching in cookies work. Fixes bug #81117. Patch from Mike Morano
200 <mmorano@mikeandwan.us>
202 2007-03-02 Marek Habersack <mhabersack@novell.com>
204 * SqlMembershipProvider.cs: cast PasswordFormat to int, so that
205 the parameter code can infer the sql type. Makes user creation,
206 password reset etc. work.
208 2007-02-28 Andreia Gaita <avidigal@novell.com>
210 * SqlRoleProvider.cs: Fix parameter binding to stored procedures.
211 * SqlMembershipProvider.cs: Fix parameter binding to stored procedures.
212 CreateUser() doesn't use transactions in MS asp.net, so removed the
215 2007-02-19 Vladimir Krasnov <vladimirk@mainsoft.com>
217 * RoleManagerModule.cs: fixed role chaching in OnEndRequest and
218 OnPostAuthenticateRequest
219 * RolePrincipal.cs: implemented ToEncryptedTicket, implemented caching
221 * Roles.cs: implemented DeleteCookie, fixed CookieProtectionValue to
222 get it's value from configuration
224 2007-02-08 Marek Habersack <grendello@gmail.com>
226 * FormsAuthenticationModule.cs: Expire auth tickets properly.
228 * MembershipProvider.cs: Do not clear the password before
231 2007-01-20 Miguel de Icaza <miguel@novell.com>
233 * SqlRoleProvider.cs: comment out unused code.
235 * SqlMembershipProvider.cs: Removed unused variables.
236 Remove unused variable.
238 * AnonymousIdentificationModule.cs (ClearAnonymousIdentifier):
239 remove unused variable. This might be a real bug.
241 2007-01-16 Vladimir Krasnov <vladimirk@mainsoft.com>
243 * RoleManagerModule.cs: fixed OnPostAuthenticateRequest,
244 CacheRolesInCookie not supported yet
245 * Roles.cs: fixed DeleteCookie, CacheRolesInCookie not supported yet
247 2007-01-11 Adar Wesley <adarw@mainsoft.com>
249 * MembershipProvider.cs: fixed EncryptPassword to use password buffer length
251 2007-01-04 Vladimir Krasnov <vladimirk@mainsoft.com>
253 * AnonymousIdentificationModule.cs: fixed OnEnter, fixed failure on
254 incorrect cookie value that browser may hold
256 2006-12-27 Vladimir Krasnov <vladimirk@mainsoft.com>
258 * FormsAuthentication.cs: added internal ReturnUrl property,
259 GetRedirectUrl added usage of ReturnUrl
261 2006-12-12 Vladimir Krasnov <vladimirk@mainsoft.com>
263 * FormsAuthentication.cs: TARGET_J2EE define for static members
265 2006-12-06 Vladimir Krasnov <vladimirk@mainsoft.com>
267 * FormsAuthenticationModule.cs: fixed OnAuthenticateRequest, suppress
268 exception on wrong ticket
270 2006-12-03 Igor Zelmanovich <igorz@mainsoft.com>
272 * FormsAuthenticationModule.cs:
273 set SkipAuthorization=true for WebResource.axd
275 2006-11-27 Vladimir Krasnov <vladimirk@mainsoft.com>
277 * SqlMembershipProvider.cs: typo bug
279 2006-11-21 Vladimir Krasnov <vladimirk@mainsoft.com>
281 * SqlMembershipProvider.cs: fixed fixed exception type in GetPassword
284 2006-11-20 Igor Zelmanovich <igorz@mainsoft.com>
286 * SqlMembershipProvider.cs: fixed: UpdateUser works properly.
288 2006-11-15 Igor Zelmanovich <igorz@mainsoft.com>
290 * SqlMembershipProvider.cs: fixed: name is used for ReturnValue parameter.
292 2006-11-05 Vladimir Krasnov <vladimirk@mainsoft.com>
294 * AnonymousIdentificationModule.cs: fixed anonymous id cookie
296 2006-11-05 Vladimir Krasnov <vladimirk@mainsoft.com>
298 * MembershipProvider.cs, SqlMembershipProvider.cs:
299 refactoring of DecryptPassword and EncryptPassword methods according
302 2006-09-10 Konstantin Triger <kostat@mainsoft.com>
304 * SqlRoleProvider.cs: throw on empty connection string.
306 2006-09-26 Vladimir Krasnov <vladimirk@mainsoft.com>
308 * Membership.cs: fixed GetAllUsers, typo bug
309 * SqlRoleProvider.cs, SqlMembershipProvider.cs: refactored to use
310 aspnetdb built in stored procedures,
311 fixed application name and membership relation,
312 improved exception handling
314 2006-09-03 Igor Zelmanovich <igorz@mainsoft.com>
316 * RolePrincipal.cs: refactoring: instance can be serialized.
318 2006-09-03 Igor Zelmanovich <igorz@mainsoft.com>
320 * SqlMembershipProvider.cs: fixed GetUser,
321 when username is String.Empty methods returns null.
323 2006-08-31 Konstantin Triger <kostat@mainsoft.com>
325 * SqlRoleProvider.cs: fixed initialization.
327 2006-08-31 Igor Zelmanovich <igorz@mainsoft.com>
329 * SqlMembershipProvider.cs: fixed CreateUser,
330 password is checked, properties MinRequiredPasswordLength and
331 MinRequiredNonAlphanumericCharacters are considered.
333 2006-08-29 Konstantin Triger <kostat@mainsoft.com>
335 * SqlMembershipProvider.cs: fix dispose order of reader vs connection.
337 2006-08-28 Igor Zelmanovich <igorz@mainsoft.com>
339 * SqlMembershipProvider.cs: fixed CreateUser, parameter isApproved is
342 2006-08-28 Konstantin Triger <kostat@mainsoft.com>
344 * SqlMembershipProvider.cs: ensure GetUser() returns null if it cannot
345 retrieve user information.
347 2006-08-28 Konstantin Triger <kostat@mainsoft.com>
349 * SqlRoleProvider.cs, SqlMembershipProvider.cs:
350 "use SqlClientFactory in case the ProviderName is not specified.
352 2006-08-27 Konstantin Triger <kostat@mainsoft.com>
354 * SqlRoleProvider.cs: enable concurrent usage, refactoring.
356 2006-08-27 Konstantin Triger <kostat@mainsoft.com>
358 * SqlMembershipProvider.cs: enable concurrent usage, refactoring.
360 2006-08-27 Vladimir Krasnov <vladimirk@mainsoft.com>
362 * SqlMembershipProvider.cs: fixed ValidateUser, bug when user
365 2006-08-14 Gonzalo Paniagua Javier <gonzalo@ximian.com>
367 * FormsAuthentication.cs: set the Secure attribute of the authentication
368 cookie when required.
370 2006-07-06 Konstantin Triger <kostat@mainsoft.com>
372 * FormsAuthentication.cs: Ensure initialized, fix url mapping.
374 2006-05-03 Chris Toshok <toshok@ximian.com>
376 * SqlMembershipProvider.cs (GetAlg): move this here for the time
377 being, as it's the only class that uses it.
378 (HashAndBase64Encode): nuke.
379 (EncryptAndBase64Encode): nuke.
380 (Base64DecodeAndDecrypt): nuke.
381 (DecryptPassword): new function.
382 (EncryptPassword): new function.
383 (ChangePassword): replace the switch with a call to
385 (ChangePasswordQuestionAndAnswer): same.
387 (ResetPassword): same.
388 (ValidateUsingPassword): same.
389 (ValidateUsingPasswordAnswer): same.
390 (GetPassword): same, and throw MembershipPasswordException if the
391 password answer is incorrect.
393 * MembershipProvider.cs (InitVector): nuke this. it's actually
394 the salt from the database (for the sql provider, anyway).
395 (EncodePassword): based on the password format, password, and
396 salt, encode it. Makes use of EncryptPassword.
397 (DecodePassword): likewise for decoding, makes use of
399 (DecryptPassword): revert this to throwing
400 NotImplementedException, as the sql provideroverrides it to
401 perform the actual decryption.
402 (EncryptPassword): same.
404 2006-05-02 Chris Toshok <toshok@ximian.com>
406 * SqlMembershipProvider.cs: 85% complete, maybe more. The major
407 functionality should work. Password retrieval (and encrypted
408 passwords in general) is untested.
410 2006-05-01 Chris Toshok <toshok@ximian.com>
412 * Membership.cs (GeneratePassword): don't include quotes (',",`)
413 in the set of characters in the generated passwords.
415 2006-05-01 Chris Toshok <toshok@ximian.com>
417 * MembershipProvider.cs (GetAlg): switch from Exception to
418 ProviderException to match MS behavior (and fix the unit test.)
420 * Membership.cs (GeneratePassword): implement.
422 2006-05-01 Chris Toshok <toshok@ximian.com>
424 * SqlMembershipProvider.cs: lots more work. checking this in in
425 its present state because I don't want to lose it. It still needs
428 * Membership.cs (.cctor): remove the fallback.
429 (ValidatingPassword): remove the MonoTODO.
431 * MembershipProvider.cs (DecryptPassword): implement.
432 (EncryptPassword): implement.
433 (GetAlg): helper function for Decrypt/EncryptPassword.
436 2006-04-27 Chris Toshok <toshok@ximian.com>
438 * SqlMembershipProvider.cs (GeneratePassword): call
439 Membership.GeneratePassword with the configured minimum strength
442 2006-04-27 Chris Toshok <toshok@ximian.com>
444 * SqlMembershipProvider.cs (UnlockUser): fix sql query, and move
445 the CheckPararm call to the top of the method.
447 2006-04-12 Chris Toshok <toshok@ximian.com>
449 * SqlMembershipProvider.cs: commit initial pass at
450 SqlMembershipProvider work. lots of stuff untested in here.
452 2006-04-11 Chris Toshok <toshok@ximian.com>
454 * MembershipUser.cs (.ctor): per Shackow's book, all DateTime's
455 are converted using ToUniversalTime when passed into this class.
456 (UpdateSelf): update ourselves from the passed in MembershipUser,
457 swallowing NotSupportedExceptions.
458 (UpdateUser): fetch a new MembershipUser from the db and call
460 (ChangePassword): call UpdateUser after changing the password.
461 (ChangePasswordQuestionAndAnswer): same.
462 (ResetPassword): same.
463 (UnlockUser): same. Also, don't explicitly set isLockedOut.
464 It'll be updated in UpdateSelf.
465 (CreationDate): getter calls ToLocalTime, setter calls
467 (LastActivityDate): same.
468 (LastLoginDate): same.
469 (LastPasswordChangedDate): same.
470 (LastLockoutDate): same.
472 * Membership.cs (.cctor): use
473 ProvidersHelper.InstantitateProviders, and remove some unnecessary
476 2006-03-29 Chris Toshok <toshok@ximian.com>
478 * SqlRoleProvider.cs: do the LOWER's in SQL, not in C#.
480 2006-03-23 Chris Toshok <toshok@ximian.com>
482 * Roles.cs: make this 2.0 configuration aware.
484 * SqlRoleProvider.cs: flesh out all the operations. the only
485 things that need dealing with are the Initialize method's handling
486 of a few parameters, and the ApplicationName property.
488 2006-03-23 Chris Toshok <toshok@ximian.com>
490 * DefaultAuthenticationModule.cs (OnDefaultAuthentication): always
491 set Thread.CurrentPrincipal, not just if we set it to the
494 2006-03-22 Chris Toshok <toshok@ximian.com>
496 * RoleManagerModule.cs: implement using info in Shackow's book.
498 * RolePrincipal.cs: flesh this out a bit more.
500 * DefaultAuthenticationModule.cs (OnDefaultAuthentication):
501 according to Shackow's book, this sets Thread.CurrentPrincipal as
502 well as HttpContext.Current.User.
504 2006-02-28 Chris Toshok <toshok@ximian.com>
506 * FormsAuthentication.cs: corcompare work.
508 * MembershipCreateUserException.cs: same.
510 * MembershipPasswordException.cs: same.
512 * AnonymousIdentificationModule.cs: same.
514 2006-02-01 Chris Toshok <toshok@ximian.com>
516 * FormsAuthentication.cs, Membership.cs,
517 FormsAuthenticationModule.cs, UrlAuthorizationModule.cs: oops,
518 replace GetWebApplicationSection with GetSection.
520 2006-02-01 Chris Toshok <toshok@ximian.com>
522 * FormsAuthentication.cs: CONFIGURATION_2_0 => NET_2_0.
523 simplifies the ifdef mess quite a bit.
525 * Membership.cs: same.
527 * FormsAuthenticationModule.cs: same.
529 * UrlAuthorizationModule.cs: same.
531 2006-01-04 Chris Toshok <toshok@ximian.com>
533 * FormsAuthentication.cs (Authenticate): add CONFIGURATION_2_0
540 2006-01-04 Chris Toshok <toshok@ximian.com>
542 * Membership.cs (.cctor): enable the code here under
545 2006-01-03 Chris Toshok <toshok@ximian.com>
547 * UrlAuthorizationModule.cs (OnAuthorizeRequest): add
548 CONFIGURATION_2_0 code here.
550 2005-12-22 Gonzalo Paniagua Javier <gonzalo@ximian.com>
552 * FormsAuthentication.cs: don't end the request in
553 RedirectFromLoginPage.
555 2005-12-22 Gonzalo Paniagua Javier <gonzalo@ximian.com>
557 * FormsAuthenticationModule.cs: expire the cookie. Fixes bug #77043.
558 Patch by Cyrille Colin.
560 2005-12-13 Gonzalo Paniagua Javier <gonzalo@ximian.com>
562 * FormsAuthenticationModule.cs: ignore any exception thrown when mapping
563 the provided virtual path to the physical one. Patch by Cyrille Colin.
565 2005-11-28 Chris Toshok <toshok@ximian.com>
567 * FormsAuthenticationModule.cs (OnAuthenticateRequest):
568 CONFIGURATION_2_0 work.
569 (OnEndRequest): same.
571 2005-09-09 Sebastien Pouliot <sebastien@ximian.com>
573 * DefaultAuthenticationEventArgs.cs: Added LinkDemand for Minimal.
574 * DefaultAuthenticationModule.cs: Added LinkDemand for Minimal. Added
575 Demand for UnmanagedCode on constructor.
576 * FileAuthorizationModule.cs: Added LinkDemand for Minimal. Added
577 Demand for UnmanagedCode on constructor.
578 * FormsAuthentication.cs: Added LinkDemand for Minimal.
579 * FormsAuthenticationEventArgs.cs: Added LinkDemand for Minimal.
580 * FormsAuthenticationModule.cs: Added LinkDemand for Minimal. Added
581 Demand for UnmanagedCode on constructor.
582 * FormsAuthenticationTicket.cs: Added LinkDemand for Minimal.
583 * FormsIdentity.cs: Added LinkDemand for Minimal.
584 * PassportAuthenticationEventArgs.cs: Added LinkDemand for Minimal.
585 * PassportAuthenticationModule.cs: Added LinkDemand for Minimal. Added
586 Demand for UnmanagedCode on constructor.
587 * PassportIdentity.cs: Added LinkDemand for Minimal. Added Demand for
588 UnmanagedCode on constructor.
589 * UrlAuthorizationModule.cs: Added LinkDemand for Minimal. Added
590 Demand for UnmanagedCode on constructor.
591 * WindowsAuthenticationEventArgs.cs: Added LinkDemand for Minimal.
592 * WindowsAuthenticationModule.cs: Added LinkDemand for Minimal. Added
593 Demand for UnmanagedCode on constructor.
595 2005-09-01 Sebastien Pouliot <sebastien@ximian.com>
597 * FormsAuthenticationEventArgs.cs: Ensure the setter for User is
598 protected by a demand for ControlPrincipal.
599 * PassportAuthenticationEventArgs.cs: Ensure the setter for User is
600 protected by a demand for ControlPrincipal.
601 * WindowsAuthenticationEventArgs.cs: Ensure the setter for User is
602 protected by a demand for ControlPrincipal.
604 2005-08-25 Sebastien Pouliot <sebastien@ximian.com>
606 * FormsAuthentication.cs: With 2.0 we can get the default properties
607 and call Initialize without a NRE.
609 2005-08-25 Sebastien Pouliot <sebastien@ximian.com>
611 * ActiveDirectoryConnectionProtection.cs: New (2.0) enum.
612 * ActiveDirectoryMembershipProvider.cs: Fixed 2.0 API.
613 * AnonymousIdentificationEventArgs.cs: Fixed AnonymousID property case.
614 * AnonymousIdentificationModule.cs: Fixed 2.0 API.
615 * FileAuthorizationModule.cs: Added static CheckFileAccessForUser in
617 * FormsAuthentication.cs: Added missing 2.0 properties with their
619 * MembershipCreateStatus.cs: Fixed enum values/names.
620 * MembershipProvider.cs: Added stub for [Decrypt|Encrypt]Password. Both
621 methods don't seems to work without an active provider.
622 * PassportIdentity.cs: Added IDispose for 2.0 profile.
623 * Roles.cs: Added missing beta2 bits and default values (which are the
624 only things working without a role provider (web.config).
625 * RolePrincipal.cs: Fixed 2.0 API. Implemented a few bits.
626 * SqlRoleProvider.cs: Fixed 2.0 API.
627 * UrlAuthorizationModule.cs: Added static CheckUrlAccessForPrincipal in
630 2005-08-24 Sebastien Pouliot <sebastien@ximian.com>
632 * MembershipUserCollection.cs: Fix exceptions.
634 2005-08-22 Sebastien Pouliot <sebastien@ximian.com>
636 * FormsAuthentication.cs: Add some 2.0 stuff required for Login*
639 2005-08-18 Sebastien Pouliot <sebastien@ximian.com>
641 * Membership.cs: Commented unworking parts of the .cctor to allow
642 testing the Login control.
643 * MembershipProviderCollection.cs: Fixed exception handling.
644 * SqlMembershipProvider.cs: Don't throw NotImplementedException
645 everywhere so Membership's .cctor (somewhat) works. Removed
646 Description property (not in beta2).
648 2005-07-28 Gonzalo Paniagua Javier <gonzalo@ximian.com>
650 * FormsAuthentication.cs: allow hardware acceleration support if
651 available. Sebastien dixit.
653 2005-07-26 Gonzalo Paniagua Javier <gonzalo@ximian.com>
655 * FormsAuthentication.cs: the init_vector must be the same accross
656 restarts, otherwise the cookie does not work even when a decryption
657 key is provided. Initialize it to the bytes of the cookie name. Fixes
660 2005-07-25 Eyal Alaluf <eyala@mainsoft.com>
662 * FormsAuthenticationModule.cs: Check for null config
664 2005-07-25 Miguel de Icaza <miguel@novell.com>
666 * FormsAuthentication.cs (SignOut): Force the cookie to have it
669 2005-07-25 Gonzalo Paniagua Javier <gonzalo@ximian.com>
671 * FormsAuthentication.cs: my previous patch missed a "small" detail: it
672 didn't include the verification key when computing/checking the
673 validation hash. Now this is really a MAC or HMAC or...
675 2005-07-25 Gonzalo Paniagua Javier <gonzalo@ximian.com>
677 * FormsAuthentication.cs:
678 * FormsAuthenticationTicket.cs: added support for validation and
679 encryption of the auth. cookie and improved serialization of the ticket.
681 2005-07-01 Lluis Sanchez Gual <lluis@novell.com>
683 * Membership.cs: Read provider info from the config file.
685 2005-06-10 Lluis Sanchez Gual <lluis@novell.com>
687 * MembershipUserCollection.cs:
688 * MembershipPasswordException.cs:
689 * RoleProviderCollection.cs:
690 * ActiveDirectoryMembershipProvider.cs:
691 * SqlMembershipProvider.cs:
692 * MembershipProvider.cs:
693 * SqlRoleProvider.cs:
696 * MembershipProviderCollection.cs:
698 * RoleProvider.cs: Track api changes in ASP.NET 2.0. Implemented
699 some missing methods.
701 * AccessRoleProvider.cs:
702 * AccessMembershipProvider.cs: Removed.
704 * MembershipCreateUserException.cs:
705 * MembershipValidatePasswordEventHandler.cs:
706 * ValidatePasswordEventArgs.cs: Implemented.
708 2005-05-21 Sebastien Pouliot <sebastien@ximian.com>
710 * FormsAuthentication.cs: Hash the UTF8 representation of the password
711 strings (to be compatible with Microsoft implementation).
713 2005-04-20 Gonzalo Paniagua Javier <gonzalo@ximian.com>
715 * FormsAuthentication.cs:
716 * PassportAuthenticationModule.cs:
717 * WindowsAuthenticationModule.cs: removed warnings.
719 2005-03-11 Gonzalo Paniagua Javier <gonzalo@ximian.com>
721 * FormsAuthenticationModule.cs: fix for bug 73545, which caused
722 authentication not to work when the cookie was not persistent.
723 Patch by Ilya Kharmatsky (Mainsoft).
725 2005-02-23 Gonzalo Paniagua Javier <gonzalo@ximian.com>
727 * FormsAuthentication.cs: make the string to be stored in a config.
728 file uppercase... See bug #72557.
730 2005-02-06 Gonzalo Paniagua Javier <gonzalo@ximian.com>
732 * FormsAuthentication.cs: fixed typo when getting the hash for the
733 password in SHA1 and MD5. Thanks to Tadas Dailyda.
734 Lock on a static object instead of typeof(FormsAuthentication).
736 2004-11-18 Lluis Sanchez Gual <lluis@novell.com>
738 * RoleProvider.cs, Roles.cs, SqlRoleProvider.cs, RoleProviderCollection.cs,
739 AccessRoleProvider.cs: IRoleProvider has been renamed to ProviderBase.
740 * IMembershipProvider.cs: Deleted.
741 * MembershipProvider.cs, AccessMembershipProvider.cs, MembershipUser.cs,
742 Membership.cs, ADMembershipProvider.cs, SqlMembershipProvider.cs
743 MembershipProviderCollection.cs: MembershipProvider has been deleted
744 and replaced by the abstract class MembershipProvider.
745 * MembershipProviderCollection.cs: Minor fixes.
746 * ADMembershipProvider.cs: Renamed to ActiveDirectoryMembershipProvider.cs.
748 2004-11-15 Lluis Sanchez Gual <lluis@novell.com>
750 * RoleProviderCollection.cs, MembershipProviderCollection.cs:
753 2004-08-23 Gonzalo Paniagua Javier <gonzalo@ximian.com>
755 * FormsAuthentication.cs: patch by Jim Pease to fix the date on renewal.
757 2004-08-22 Gonzalo Paniagua Javier <gonzalo@ximian.com>
759 * FormsAuthenticationModule.cs: don't renew expired cookies. Only renew
760 the cookie if SlidingExpiration is set. Thanks to Jim Pease.
762 2004-08-03 Sanjay Gupta <gsanjay@novell.com>
764 * MembershipSortOptions.cs:
765 * MembershipPasswordFormat.cs:
766 * MembershipOnlineStatus.cs:
767 * MembershipCreateStatus.cs:
768 * CookieProtection.cs: minor modifications.
770 2004-06-12 Pedro Martnez Juli <yoros@wanadoo.es>
772 * FormsAuthentication.cs: Undo last change.
774 2004-06-12 Pedro Martnez Juli <yoros@wanadoo.es>
776 * FormsAuthentication.cs: go to loginUrl from web.config settings
777 before try with the default ones.
779 2004-06-11 Gonzalo Paniagua Javier <gonzalo@ximian.com>
781 * DefaultAuthenticationModule.cs: set the IPrincipal for this thread
782 once we have a user. Fixes bug #59683.
784 2004-04-21 Gonzalo Paniagua Javier <gonzalo@ximian.com>
786 * FormsAuthenticationModule.cs: re-read configuration files if needed
787 when determining if forms auth. is used.
789 2004-01-23 Gonzalo Paniagua Javier <gonzalo@ximian.com>
791 * FormsAuthentication.cs: added RequireSSL and SlidingExpiration.
793 2004-01-11 Andreas Nahr <ClassDevelopment@A-SoftTech.com>
795 * PassportIdentity.cs: Added v 1.1 members
797 2003-11-25 Ben Maurer <bmaurer@users.sourceforge.net>
799 * AccessMembershipProvider.cs: New v2 file
800 * AccessRoleProvider.cs: New v2 file
801 * ADMembershipProvider.cs: New v2 file
802 * AnonymousIdentificationEventArgs.cs: New v2 file
803 * AnonymousIdentificationEventHandler.cs: New v2 file
804 * AnonymousIdentificationModule.cs: New v2 file
805 * CookieProtection.cs: New v2 file
806 * IMembershipProvider.cs: New v2 file
807 * IRoleProvider.cs: New v2 file
808 * Membership.cs: New v2 file
809 * MembershipCreateStatus.cs: New v2 file
810 * MembershipCreateUserException.cs: New v2 file
811 * MembershipOnlineStatus.cs: New v2 file
812 * MembershipPasswordException.cs: New v2 file
813 * MembershipPasswordFormat.cs: New v2 file
814 * MembershipProviderCollection.cs: New v2 file
815 * MembershipSortOptions.cs: New v2 file
816 * MembershipUser.cs: New v2 file
817 * MembershipUserCollection.cs: New v2 file
818 * RoleManagerEventArgs.cs: New v2 file
819 * RoleManagerEventHandler.cs: New v2 file
820 * RoleManagerModule.cs: New v2 file
821 * RolePrincipal.cs: New v2 file
822 * RoleProviderCollection.cs: New v2 file
823 * Roles.cs: New v2 file
824 * SqlMembershipProvider.cs: New v2 file
825 * SqlRoleProvider.cs: New v2 file
827 2003-11-05 Gonzalo Paniagua Javier <gonzalo@ximian.com>
829 * FormsAuthentication.cs: encoding updates.
831 2003-10-04 Gonzalo Paniagua Javier <gonzalo@ximian.com>
833 * FormsAuthenticationModule.cs: fixed for applications other than /.
835 2003-08-27 Gonzalo Paniagua Javier <gonzalo@ximian.com>
837 * UrlAuthorizationModule.cs: fixed description for status code.
839 2003-07-31 Gonzalo Paniagua Javier <gonzalo@ximian.com>
841 * FormsAuthenticationModule.cs: really renew the ticket. Thanks to
842 Jens Thiel <Jens@Thiel.DE>.
844 2003-02-13 Gonzalo Paniagua Javier <gonzalo@ximian.com>
846 * UrlAuthorizationModule.cs: tell the application not to run any other
847 step apart from EndRequest.
849 2003-02-12 Gonzalo Paniagua Javier <gonzalo@ximian.com>
851 * FormsAuthentication.cs: implemented RedirectFromLoginPage and
854 * FormsAuthenticationModule.cs: redirect to the login page when a 401
857 * UrlAuthorizationModule.cs: check for valid user or render error page.
859 2003-01-04 Gonzalo Paniagua Javier <gonzalo@ximian.com>
861 * DefaultAuthenticationModule.cs: implemented. It just create a default
862 unauthenticated user when no one else provided one.
864 * FormsAuthenticationModule.cs: removed debug output.
866 2002-12-20 Gonzalo Paniagua Javier <gonzalo@ximian.com>
868 * FormsAuthenticationModule.cs: remove debug lines.
870 2002-12-19 Gonzalo Paniagua Javier <gonzalo@ximian.com>
872 * FormsAuthentication.cs: return a null ticket when an exception is
873 thrown creating it. Implemented RenewTicketIfOld.
875 * FormsAuthenticationModule.cs: implemented event handlers for
876 AuthenticateRequest and EndRequest.
878 * FormsAuthenticationTicket.cs: implemented SetDates and Clone methods.
880 2002-12-18 Gonzalo Paniagua Javier <gonzalo@ximian.com>
882 * FormsAuthentication.cs: implemented GetAuthCookie, SetAuthCookie,
883 SignOut, FormsCookieName and FormsCookiePath.
885 2002-12-17 Gonzalo Paniagua Javier <gonzalo@ximian.com>
887 * FormsAuthentication.cs: implemented Authenticate, unencrypted Encrypt
888 and Decrypt, HashPasswordForStoringInConfigFile and Initialize.
890 * FormsAuthenticationTicket.cs: set cookiePath to the default when no
893 2002-08-26 Gonzalo Paniagua Javier <gonzalo@ximian.com>
895 * DefaultAuthenticationEventHandler.cs:
896 * DefaultAuthenticationModule.cs:
897 * FileAuthorizationModule.cs:
898 * FormsAuthentication.cs:
899 * FormsAuthenticationEventArgs.cs:
900 * FormsAuthenticationEventHandler.cs:
901 * FormsAuthenticationModule.cs:
902 * FormsAuthenticationTicket.cs:
904 * PassportAuthenticationEventArgs.cs:
905 * PassportAuthenticationEventHandler.cs:
906 * PassportAuthenticationModule.cs:
907 * PassportIdentity.cs:
908 * UrlAuthorizationModule.cs:
909 * WindowsAuthenticationEventArgs.cs:
910 * WindowsAuthenticationEventHandler.cs:
911 * WindowsAuthenticationModule.cs: new files. Some of them implemented,
912 some others stubbed out.
914 2002-06-03 Gonzalo Paniagua Javier <gonzalo@ximian.com>
916 * DefaultAuthenticationEventArgs.cs: added file.