1 2009-05-28 Marek Habersack <mhabersack@novell.com>
3 * FormsAuthenticationModule.cs: if forms authentication login URL
4 is not rooted, make it relative to the application root, so that
5 MapPath maps it correctly.
6 Use String.Compare for checking whether requested URL matches the
7 login URL - be case-insensitive when running on Windows or with
10 2009-03-10 Marek Habersack <mhabersack@novell.com>
12 * UrlAuthorizationModule.cs: OnAuthorizeRequest must use the
13 configuration from <location> elements in the config. Fixes bug
16 2009-02-28 Gonzalo Paniagua Javier <gonzalo@novell.com>
18 * FormsAuthentication.cs: use GetWebApplication instead of GetSection
19 for application level configuration.
21 2009-01-12 Marek Habersack <mhabersack@novell.com>
23 * MembershipUserCollection.cs: CopyTo overloads use store.Values
24 as the copy source. Fixes bug #464783. Patch from Christian
25 Prochnow <cproch@seculogix.de>
27 2008-12-25 Gonzalo Paniagua Javier <gonzalo@novell.com>
30 * SqlMembershipProvider.cs: use IndexOf (char) instead of
33 2008-08-20 Marek Habersack <mhabersack@novell.com>
35 * Membership.cs: implemented the HashAlgorithmType property. Fixes
38 2008-06-30 Marek Habersack <mhabersack@novell.com>
40 * SqliteMembershipProvider.cs, SqliteRoleProvider.cs: remove
43 * SqlRoleProvider.cs, AspNetDBSchemaChecker.cs: hush the warnings
45 2008-05-30 Marek Habersack <mhabersack@novell.com>
47 * AnonymousIdentificationModule.cs, FormsAuthenticationModule.cs,
48 DefaultAuthenticationModule.cs, MembershipProvider.cs,
49 WindowsAuthenticationModule.cs, PassportAuthenticationModule.cs,
50 RoleManagerModule.cs: do not use synthetized event accessors (to
53 2008-05-07 Marek Habersack <mhabersack@novell.com>
55 * RolePrincipal.cs: fix:
56 - Reloading the roles cache from the provider when expired
57 - Update issue & expiry date for expired tickets
58 - Incrementing the cookie expiry date
59 - Obey Roles.MaxCachedResults
60 Fixes bug #385877. Patch from Ivan Hamilton
61 <ivan@chimerical.com.au>, thanks!
63 2008-03-10 Marek Habersack <mhabersack@novell.com>
65 * RoleManagerModule.cs: initialize _config before adding event
66 handlers and account for the fact that _config might still be null
67 in the methods that use it.
69 2007-12-30 Vladimir Krasnov <vladimirk@mainsoft.com>
71 * SqliteMembershipProvider.cs, SqlRoleProvider.cs: added chema checking
72 * added AspNetDBSchemaChecker.cs: schema checker helper class
74 2007-12-11 Vladimir Krasnov <vladimirk@mainsoft.com>
76 * Roles.cs: fixed Providers property to be thread safe
78 2007-12-08 Marek Habersack <mhabersack@novell.com>
80 * SqliteRoleProvider.cs: added - a Role Provider for
81 Sqlite, based on PostgreSQL Role Provider code from Daniel
82 Nauck <dna@informatik.uni-kiel.de>
84 * SqliteMembershipProvider.cs: added - a Membership Provider for
85 Sqlite, based on PostgreSQL Membership Provider code from Daniel
86 Nauck <dna@informatik.uni-kiel.de>
88 2007-11-28 Marek Habersack <mhabersack@novell.com>
90 * SqlMembershipProvider.cs: handle situation when there is no
91 connection string configured for the SQL Membership Provider.
93 2007-11-01 Marek Habersack <mhabersack@novell.com>
95 * RolePrincipal.cs, MembershipProvider.cs: use the new
96 MachineKeySectionUtils class wherever necessary.
98 * FormsAuthentication.cs: use the new MachineKeySectionUtils class
100 GetHexString is a private method again.
102 2007-10-31 Marek Habersack <mhabersack@novell.com>
104 * FormsAuthentication.cs: made GetHexString an internal method -
105 it is used in the AssemblyResourceLoader.cs
107 2007-08-14 Marek Habersack <mhabersack@novell.com>
109 * Roles.cs: remove unused field.
111 * SqlMembershipProvider.cs: remove unused variable.
113 2007-08-13 Vladimir Krasnov <vladimirk@mainsoft.com>
115 * SqlRoleProvider.cs: fixed ApplicationName initialization
117 2007-06-24 Vladimir Krasnov <vladimirk@mainsoft.com>
119 * FormsAuthentication.cs: improved performance of GetHexString()
121 2007-05-17 Vladimir Krasnov <vladimirk@mainsoft.com>
123 * SqlMembershipProvider.cs: fixed DeleteUser, fixed parameter name
125 2007-05-14 Igor Zelmanovich <igorz@mainsoft.com>
127 * SqlMembershipProvider.cs: Fix parameter binding to stored procedures.
129 2007-05-09 Igor Zelmanovich <igorz@mainsoft.com>
131 * PassportIdentity.cs:
132 added MonoNotSupported attribute.
134 2007-05-02 Marek Habersack <mhabersack@novell.com>
136 * FormsAuthentication.cs: user names are stored in lowercase in
137 the credentials database.
139 2007-04-29 Igor Zelmanovich <igorz@mainsoft.com>
141 * FormsAuthenticationModule.cs:
142 Redirect to login page doesn't cause thread abort.
144 2007-04-19 Igor Zelmanovich <igorz@mainsoft.com>
146 * SqlMembershipProvider.cs:
147 ChangePassword throws exception if new password has invalid format.
149 2007-04-17 Igor Zelmanovich <igorz@mainsoft.com>
153 if default provider was not found ConfigurationErrorsException is thrown.
155 2007-04-12 Marek Habersack <mhabersack@novell.com>
157 * RoleManagerModule.cs: do not try to decrypt encryption tickets
158 from cookies with empty values.
160 2007-04-04 Juraj Skripsky <js@hotfeet.ch>
162 * FormsAuthenticationModule.cs: Move initialization of _config out
163 of Init() as app.Context is null in that method when a session is
164 about to be terminated.
166 2007-03-21 Vladimir Krasnov <vladimirk@mainsoft.com>
168 * AnonymousIdentificationModule.cs: optimized Config property
170 2007-03-21 Vladimir Krasnov <vladimirk@mainsoft.com>
172 * AnonymousIdentificationModule.cs: added configuration section caching
173 to AppDomain for TARGET_JVM
174 * RoleManagerModule.cs:
175 * UrlAuthorizationModule.cs:
176 * FormsAuthenticationModule.cs: refactored configuration section to be
179 2007-03-20 Marek Habersack <mhabersack@novell.com>
181 * FormsAuthentication.cs, Roles.cs: remove roles cookie on sign
182 out. Fixes bug #81195. Patch from Mike Morano <mmorano@mikeandwan.us>.
184 2007-03-12 Marek Habersack <mhabersack@novell.com>
186 * RolePrincipal.cs: decrypt the roles ticket properly. Makes role
187 caching in cookies work. Fixes bug #81117. Patch from Mike Morano
188 <mmorano@mikeandwan.us>
190 2007-03-02 Marek Habersack <mhabersack@novell.com>
192 * SqlMembershipProvider.cs: cast PasswordFormat to int, so that
193 the parameter code can infer the sql type. Makes user creation,
194 password reset etc. work.
196 2007-02-28 Andreia Gaita <avidigal@novell.com>
198 * SqlRoleProvider.cs: Fix parameter binding to stored procedures.
199 * SqlMembershipProvider.cs: Fix parameter binding to stored procedures.
200 CreateUser() doesn't use transactions in MS asp.net, so removed the
203 2007-02-19 Vladimir Krasnov <vladimirk@mainsoft.com>
205 * RoleManagerModule.cs: fixed role chaching in OnEndRequest and
206 OnPostAuthenticateRequest
207 * RolePrincipal.cs: implemented ToEncryptedTicket, implemented caching
209 * Roles.cs: implemented DeleteCookie, fixed CookieProtectionValue to
210 get it's value from configuration
212 2007-02-08 Marek Habersack <grendello@gmail.com>
214 * FormsAuthenticationModule.cs: Expire auth tickets properly.
216 * MembershipProvider.cs: Do not clear the password before
219 2007-01-20 Miguel de Icaza <miguel@novell.com>
221 * SqlRoleProvider.cs: comment out unused code.
223 * SqlMembershipProvider.cs: Removed unused variables.
224 Remove unused variable.
226 * AnonymousIdentificationModule.cs (ClearAnonymousIdentifier):
227 remove unused variable. This might be a real bug.
229 2007-01-16 Vladimir Krasnov <vladimirk@mainsoft.com>
231 * RoleManagerModule.cs: fixed OnPostAuthenticateRequest,
232 CacheRolesInCookie not supported yet
233 * Roles.cs: fixed DeleteCookie, CacheRolesInCookie not supported yet
235 2007-01-11 Adar Wesley <adarw@mainsoft.com>
237 * MembershipProvider.cs: fixed EncryptPassword to use password buffer length
239 2007-01-04 Vladimir Krasnov <vladimirk@mainsoft.com>
241 * AnonymousIdentificationModule.cs: fixed OnEnter, fixed failure on
242 incorrect cookie value that browser may hold
244 2006-12-27 Vladimir Krasnov <vladimirk@mainsoft.com>
246 * FormsAuthentication.cs: added internal ReturnUrl property,
247 GetRedirectUrl added usage of ReturnUrl
249 2006-12-12 Vladimir Krasnov <vladimirk@mainsoft.com>
251 * FormsAuthentication.cs: TARGET_J2EE define for static members
253 2006-12-06 Vladimir Krasnov <vladimirk@mainsoft.com>
255 * FormsAuthenticationModule.cs: fixed OnAuthenticateRequest, suppress
256 exception on wrong ticket
258 2006-12-03 Igor Zelmanovich <igorz@mainsoft.com>
260 * FormsAuthenticationModule.cs:
261 set SkipAuthorization=true for WebResource.axd
263 2006-11-27 Vladimir Krasnov <vladimirk@mainsoft.com>
265 * SqlMembershipProvider.cs: typo bug
267 2006-11-21 Vladimir Krasnov <vladimirk@mainsoft.com>
269 * SqlMembershipProvider.cs: fixed fixed exception type in GetPassword
272 2006-11-20 Igor Zelmanovich <igorz@mainsoft.com>
274 * SqlMembershipProvider.cs: fixed: UpdateUser works properly.
276 2006-11-15 Igor Zelmanovich <igorz@mainsoft.com>
278 * SqlMembershipProvider.cs: fixed: name is used for ReturnValue parameter.
280 2006-11-05 Vladimir Krasnov <vladimirk@mainsoft.com>
282 * AnonymousIdentificationModule.cs: fixed anonymous id cookie
284 2006-11-05 Vladimir Krasnov <vladimirk@mainsoft.com>
286 * MembershipProvider.cs, SqlMembershipProvider.cs:
287 refactoring of DecryptPassword and EncryptPassword methods according
290 2006-09-10 Konstantin Triger <kostat@mainsoft.com>
292 * SqlRoleProvider.cs: throw on empty connection string.
294 2006-09-26 Vladimir Krasnov <vladimirk@mainsoft.com>
296 * Membership.cs: fixed GetAllUsers, typo bug
297 * SqlRoleProvider.cs, SqlMembershipProvider.cs: refactored to use
298 aspnetdb built in stored procedures,
299 fixed application name and membership relation,
300 improved exception handling
302 2006-09-03 Igor Zelmanovich <igorz@mainsoft.com>
304 * RolePrincipal.cs: refactoring: instance can be serialized.
306 2006-09-03 Igor Zelmanovich <igorz@mainsoft.com>
308 * SqlMembershipProvider.cs: fixed GetUser,
309 when username is String.Empty methods returns null.
311 2006-08-31 Konstantin Triger <kostat@mainsoft.com>
313 * SqlRoleProvider.cs: fixed initialization.
315 2006-08-31 Igor Zelmanovich <igorz@mainsoft.com>
317 * SqlMembershipProvider.cs: fixed CreateUser,
318 password is checked, properties MinRequiredPasswordLength and
319 MinRequiredNonAlphanumericCharacters are considered.
321 2006-08-29 Konstantin Triger <kostat@mainsoft.com>
323 * SqlMembershipProvider.cs: fix dispose order of reader vs connection.
325 2006-08-28 Igor Zelmanovich <igorz@mainsoft.com>
327 * SqlMembershipProvider.cs: fixed CreateUser, parameter isApproved is
330 2006-08-28 Konstantin Triger <kostat@mainsoft.com>
332 * SqlMembershipProvider.cs: ensure GetUser() returns null if it cannot
333 retrieve user information.
335 2006-08-28 Konstantin Triger <kostat@mainsoft.com>
337 * SqlRoleProvider.cs, SqlMembershipProvider.cs:
338 "use SqlClientFactory in case the ProviderName is not specified.
340 2006-08-27 Konstantin Triger <kostat@mainsoft.com>
342 * SqlRoleProvider.cs: enable concurrent usage, refactoring.
344 2006-08-27 Konstantin Triger <kostat@mainsoft.com>
346 * SqlMembershipProvider.cs: enable concurrent usage, refactoring.
348 2006-08-27 Vladimir Krasnov <vladimirk@mainsoft.com>
350 * SqlMembershipProvider.cs: fixed ValidateUser, bug when user
353 2006-08-14 Gonzalo Paniagua Javier <gonzalo@ximian.com>
355 * FormsAuthentication.cs: set the Secure attribute of the authentication
356 cookie when required.
358 2006-07-06 Konstantin Triger <kostat@mainsoft.com>
360 * FormsAuthentication.cs: Ensure initialized, fix url mapping.
362 2006-05-03 Chris Toshok <toshok@ximian.com>
364 * SqlMembershipProvider.cs (GetAlg): move this here for the time
365 being, as it's the only class that uses it.
366 (HashAndBase64Encode): nuke.
367 (EncryptAndBase64Encode): nuke.
368 (Base64DecodeAndDecrypt): nuke.
369 (DecryptPassword): new function.
370 (EncryptPassword): new function.
371 (ChangePassword): replace the switch with a call to
373 (ChangePasswordQuestionAndAnswer): same.
375 (ResetPassword): same.
376 (ValidateUsingPassword): same.
377 (ValidateUsingPasswordAnswer): same.
378 (GetPassword): same, and throw MembershipPasswordException if the
379 password answer is incorrect.
381 * MembershipProvider.cs (InitVector): nuke this. it's actually
382 the salt from the database (for the sql provider, anyway).
383 (EncodePassword): based on the password format, password, and
384 salt, encode it. Makes use of EncryptPassword.
385 (DecodePassword): likewise for decoding, makes use of
387 (DecryptPassword): revert this to throwing
388 NotImplementedException, as the sql provideroverrides it to
389 perform the actual decryption.
390 (EncryptPassword): same.
392 2006-05-02 Chris Toshok <toshok@ximian.com>
394 * SqlMembershipProvider.cs: 85% complete, maybe more. The major
395 functionality should work. Password retrieval (and encrypted
396 passwords in general) is untested.
398 2006-05-01 Chris Toshok <toshok@ximian.com>
400 * Membership.cs (GeneratePassword): don't include quotes (',",`)
401 in the set of characters in the generated passwords.
403 2006-05-01 Chris Toshok <toshok@ximian.com>
405 * MembershipProvider.cs (GetAlg): switch from Exception to
406 ProviderException to match MS behavior (and fix the unit test.)
408 * Membership.cs (GeneratePassword): implement.
410 2006-05-01 Chris Toshok <toshok@ximian.com>
412 * SqlMembershipProvider.cs: lots more work. checking this in in
413 its present state because I don't want to lose it. It still needs
416 * Membership.cs (.cctor): remove the fallback.
417 (ValidatingPassword): remove the MonoTODO.
419 * MembershipProvider.cs (DecryptPassword): implement.
420 (EncryptPassword): implement.
421 (GetAlg): helper function for Decrypt/EncryptPassword.
424 2006-04-27 Chris Toshok <toshok@ximian.com>
426 * SqlMembershipProvider.cs (GeneratePassword): call
427 Membership.GeneratePassword with the configured minimum strength
430 2006-04-27 Chris Toshok <toshok@ximian.com>
432 * SqlMembershipProvider.cs (UnlockUser): fix sql query, and move
433 the CheckPararm call to the top of the method.
435 2006-04-12 Chris Toshok <toshok@ximian.com>
437 * SqlMembershipProvider.cs: commit initial pass at
438 SqlMembershipProvider work. lots of stuff untested in here.
440 2006-04-11 Chris Toshok <toshok@ximian.com>
442 * MembershipUser.cs (.ctor): per Shackow's book, all DateTime's
443 are converted using ToUniversalTime when passed into this class.
444 (UpdateSelf): update ourselves from the passed in MembershipUser,
445 swallowing NotSupportedExceptions.
446 (UpdateUser): fetch a new MembershipUser from the db and call
448 (ChangePassword): call UpdateUser after changing the password.
449 (ChangePasswordQuestionAndAnswer): same.
450 (ResetPassword): same.
451 (UnlockUser): same. Also, don't explicitly set isLockedOut.
452 It'll be updated in UpdateSelf.
453 (CreationDate): getter calls ToLocalTime, setter calls
455 (LastActivityDate): same.
456 (LastLoginDate): same.
457 (LastPasswordChangedDate): same.
458 (LastLockoutDate): same.
460 * Membership.cs (.cctor): use
461 ProvidersHelper.InstantitateProviders, and remove some unnecessary
464 2006-03-29 Chris Toshok <toshok@ximian.com>
466 * SqlRoleProvider.cs: do the LOWER's in SQL, not in C#.
468 2006-03-23 Chris Toshok <toshok@ximian.com>
470 * Roles.cs: make this 2.0 configuration aware.
472 * SqlRoleProvider.cs: flesh out all the operations. the only
473 things that need dealing with are the Initialize method's handling
474 of a few parameters, and the ApplicationName property.
476 2006-03-23 Chris Toshok <toshok@ximian.com>
478 * DefaultAuthenticationModule.cs (OnDefaultAuthentication): always
479 set Thread.CurrentPrincipal, not just if we set it to the
482 2006-03-22 Chris Toshok <toshok@ximian.com>
484 * RoleManagerModule.cs: implement using info in Shackow's book.
486 * RolePrincipal.cs: flesh this out a bit more.
488 * DefaultAuthenticationModule.cs (OnDefaultAuthentication):
489 according to Shackow's book, this sets Thread.CurrentPrincipal as
490 well as HttpContext.Current.User.
492 2006-02-28 Chris Toshok <toshok@ximian.com>
494 * FormsAuthentication.cs: corcompare work.
496 * MembershipCreateUserException.cs: same.
498 * MembershipPasswordException.cs: same.
500 * AnonymousIdentificationModule.cs: same.
502 2006-02-01 Chris Toshok <toshok@ximian.com>
504 * FormsAuthentication.cs, Membership.cs,
505 FormsAuthenticationModule.cs, UrlAuthorizationModule.cs: oops,
506 replace GetWebApplicationSection with GetSection.
508 2006-02-01 Chris Toshok <toshok@ximian.com>
510 * FormsAuthentication.cs: CONFIGURATION_2_0 => NET_2_0.
511 simplifies the ifdef mess quite a bit.
513 * Membership.cs: same.
515 * FormsAuthenticationModule.cs: same.
517 * UrlAuthorizationModule.cs: same.
519 2006-01-04 Chris Toshok <toshok@ximian.com>
521 * FormsAuthentication.cs (Authenticate): add CONFIGURATION_2_0
528 2006-01-04 Chris Toshok <toshok@ximian.com>
530 * Membership.cs (.cctor): enable the code here under
533 2006-01-03 Chris Toshok <toshok@ximian.com>
535 * UrlAuthorizationModule.cs (OnAuthorizeRequest): add
536 CONFIGURATION_2_0 code here.
538 2005-12-22 Gonzalo Paniagua Javier <gonzalo@ximian.com>
540 * FormsAuthentication.cs: don't end the request in
541 RedirectFromLoginPage.
543 2005-12-22 Gonzalo Paniagua Javier <gonzalo@ximian.com>
545 * FormsAuthenticationModule.cs: expire the cookie. Fixes bug #77043.
546 Patch by Cyrille Colin.
548 2005-12-13 Gonzalo Paniagua Javier <gonzalo@ximian.com>
550 * FormsAuthenticationModule.cs: ignore any exception thrown when mapping
551 the provided virtual path to the physical one. Patch by Cyrille Colin.
553 2005-11-28 Chris Toshok <toshok@ximian.com>
555 * FormsAuthenticationModule.cs (OnAuthenticateRequest):
556 CONFIGURATION_2_0 work.
557 (OnEndRequest): same.
559 2005-09-09 Sebastien Pouliot <sebastien@ximian.com>
561 * DefaultAuthenticationEventArgs.cs: Added LinkDemand for Minimal.
562 * DefaultAuthenticationModule.cs: Added LinkDemand for Minimal. Added
563 Demand for UnmanagedCode on constructor.
564 * FileAuthorizationModule.cs: Added LinkDemand for Minimal. Added
565 Demand for UnmanagedCode on constructor.
566 * FormsAuthentication.cs: Added LinkDemand for Minimal.
567 * FormsAuthenticationEventArgs.cs: Added LinkDemand for Minimal.
568 * FormsAuthenticationModule.cs: Added LinkDemand for Minimal. Added
569 Demand for UnmanagedCode on constructor.
570 * FormsAuthenticationTicket.cs: Added LinkDemand for Minimal.
571 * FormsIdentity.cs: Added LinkDemand for Minimal.
572 * PassportAuthenticationEventArgs.cs: Added LinkDemand for Minimal.
573 * PassportAuthenticationModule.cs: Added LinkDemand for Minimal. Added
574 Demand for UnmanagedCode on constructor.
575 * PassportIdentity.cs: Added LinkDemand for Minimal. Added Demand for
576 UnmanagedCode on constructor.
577 * UrlAuthorizationModule.cs: Added LinkDemand for Minimal. Added
578 Demand for UnmanagedCode on constructor.
579 * WindowsAuthenticationEventArgs.cs: Added LinkDemand for Minimal.
580 * WindowsAuthenticationModule.cs: Added LinkDemand for Minimal. Added
581 Demand for UnmanagedCode on constructor.
583 2005-09-01 Sebastien Pouliot <sebastien@ximian.com>
585 * FormsAuthenticationEventArgs.cs: Ensure the setter for User is
586 protected by a demand for ControlPrincipal.
587 * PassportAuthenticationEventArgs.cs: Ensure the setter for User is
588 protected by a demand for ControlPrincipal.
589 * WindowsAuthenticationEventArgs.cs: Ensure the setter for User is
590 protected by a demand for ControlPrincipal.
592 2005-08-25 Sebastien Pouliot <sebastien@ximian.com>
594 * FormsAuthentication.cs: With 2.0 we can get the default properties
595 and call Initialize without a NRE.
597 2005-08-25 Sebastien Pouliot <sebastien@ximian.com>
599 * ActiveDirectoryConnectionProtection.cs: New (2.0) enum.
600 * ActiveDirectoryMembershipProvider.cs: Fixed 2.0 API.
601 * AnonymousIdentificationEventArgs.cs: Fixed AnonymousID property case.
602 * AnonymousIdentificationModule.cs: Fixed 2.0 API.
603 * FileAuthorizationModule.cs: Added static CheckFileAccessForUser in
605 * FormsAuthentication.cs: Added missing 2.0 properties with their
607 * MembershipCreateStatus.cs: Fixed enum values/names.
608 * MembershipProvider.cs: Added stub for [Decrypt|Encrypt]Password. Both
609 methods don't seems to work without an active provider.
610 * PassportIdentity.cs: Added IDispose for 2.0 profile.
611 * Roles.cs: Added missing beta2 bits and default values (which are the
612 only things working without a role provider (web.config).
613 * RolePrincipal.cs: Fixed 2.0 API. Implemented a few bits.
614 * SqlRoleProvider.cs: Fixed 2.0 API.
615 * UrlAuthorizationModule.cs: Added static CheckUrlAccessForPrincipal in
618 2005-08-24 Sebastien Pouliot <sebastien@ximian.com>
620 * MembershipUserCollection.cs: Fix exceptions.
622 2005-08-22 Sebastien Pouliot <sebastien@ximian.com>
624 * FormsAuthentication.cs: Add some 2.0 stuff required for Login*
627 2005-08-18 Sebastien Pouliot <sebastien@ximian.com>
629 * Membership.cs: Commented unworking parts of the .cctor to allow
630 testing the Login control.
631 * MembershipProviderCollection.cs: Fixed exception handling.
632 * SqlMembershipProvider.cs: Don't throw NotImplementedException
633 everywhere so Membership's .cctor (somewhat) works. Removed
634 Description property (not in beta2).
636 2005-07-28 Gonzalo Paniagua Javier <gonzalo@ximian.com>
638 * FormsAuthentication.cs: allow hardware acceleration support if
639 available. Sebastien dixit.
641 2005-07-26 Gonzalo Paniagua Javier <gonzalo@ximian.com>
643 * FormsAuthentication.cs: the init_vector must be the same accross
644 restarts, otherwise the cookie does not work even when a decryption
645 key is provided. Initialize it to the bytes of the cookie name. Fixes
648 2005-07-25 Eyal Alaluf <eyala@mainsoft.com>
650 * FormsAuthenticationModule.cs: Check for null config
652 2005-07-25 Miguel de Icaza <miguel@novell.com>
654 * FormsAuthentication.cs (SignOut): Force the cookie to have it
657 2005-07-25 Gonzalo Paniagua Javier <gonzalo@ximian.com>
659 * FormsAuthentication.cs: my previous patch missed a "small" detail: it
660 didn't include the verification key when computing/checking the
661 validation hash. Now this is really a MAC or HMAC or...
663 2005-07-25 Gonzalo Paniagua Javier <gonzalo@ximian.com>
665 * FormsAuthentication.cs:
666 * FormsAuthenticationTicket.cs: added support for validation and
667 encryption of the auth. cookie and improved serialization of the ticket.
669 2005-07-01 Lluis Sanchez Gual <lluis@novell.com>
671 * Membership.cs: Read provider info from the config file.
673 2005-06-10 Lluis Sanchez Gual <lluis@novell.com>
675 * MembershipUserCollection.cs:
676 * MembershipPasswordException.cs:
677 * RoleProviderCollection.cs:
678 * ActiveDirectoryMembershipProvider.cs:
679 * SqlMembershipProvider.cs:
680 * MembershipProvider.cs:
681 * SqlRoleProvider.cs:
684 * MembershipProviderCollection.cs:
686 * RoleProvider.cs: Track api changes in ASP.NET 2.0. Implemented
687 some missing methods.
689 * AccessRoleProvider.cs:
690 * AccessMembershipProvider.cs: Removed.
692 * MembershipCreateUserException.cs:
693 * MembershipValidatePasswordEventHandler.cs:
694 * ValidatePasswordEventArgs.cs: Implemented.
696 2005-05-21 Sebastien Pouliot <sebastien@ximian.com>
698 * FormsAuthentication.cs: Hash the UTF8 representation of the password
699 strings (to be compatible with Microsoft implementation).
701 2005-04-20 Gonzalo Paniagua Javier <gonzalo@ximian.com>
703 * FormsAuthentication.cs:
704 * PassportAuthenticationModule.cs:
705 * WindowsAuthenticationModule.cs: removed warnings.
707 2005-03-11 Gonzalo Paniagua Javier <gonzalo@ximian.com>
709 * FormsAuthenticationModule.cs: fix for bug 73545, which caused
710 authentication not to work when the cookie was not persistent.
711 Patch by Ilya Kharmatsky (Mainsoft).
713 2005-02-23 Gonzalo Paniagua Javier <gonzalo@ximian.com>
715 * FormsAuthentication.cs: make the string to be stored in a config.
716 file uppercase... See bug #72557.
718 2005-02-06 Gonzalo Paniagua Javier <gonzalo@ximian.com>
720 * FormsAuthentication.cs: fixed typo when getting the hash for the
721 password in SHA1 and MD5. Thanks to Tadas Dailyda.
722 Lock on a static object instead of typeof(FormsAuthentication).
724 2004-11-18 Lluis Sanchez Gual <lluis@novell.com>
726 * RoleProvider.cs, Roles.cs, SqlRoleProvider.cs, RoleProviderCollection.cs,
727 AccessRoleProvider.cs: IRoleProvider has been renamed to ProviderBase.
728 * IMembershipProvider.cs: Deleted.
729 * MembershipProvider.cs, AccessMembershipProvider.cs, MembershipUser.cs,
730 Membership.cs, ADMembershipProvider.cs, SqlMembershipProvider.cs
731 MembershipProviderCollection.cs: MembershipProvider has been deleted
732 and replaced by the abstract class MembershipProvider.
733 * MembershipProviderCollection.cs: Minor fixes.
734 * ADMembershipProvider.cs: Renamed to ActiveDirectoryMembershipProvider.cs.
736 2004-11-15 Lluis Sanchez Gual <lluis@novell.com>
738 * RoleProviderCollection.cs, MembershipProviderCollection.cs:
741 2004-08-23 Gonzalo Paniagua Javier <gonzalo@ximian.com>
743 * FormsAuthentication.cs: patch by Jim Pease to fix the date on renewal.
745 2004-08-22 Gonzalo Paniagua Javier <gonzalo@ximian.com>
747 * FormsAuthenticationModule.cs: don't renew expired cookies. Only renew
748 the cookie if SlidingExpiration is set. Thanks to Jim Pease.
750 2004-08-03 Sanjay Gupta <gsanjay@novell.com>
752 * MembershipSortOptions.cs:
753 * MembershipPasswordFormat.cs:
754 * MembershipOnlineStatus.cs:
755 * MembershipCreateStatus.cs:
756 * CookieProtection.cs: minor modifications.
758 2004-06-12 Pedro Martnez Juli <yoros@wanadoo.es>
760 * FormsAuthentication.cs: Undo last change.
762 2004-06-12 Pedro Martnez Juli <yoros@wanadoo.es>
764 * FormsAuthentication.cs: go to loginUrl from web.config settings
765 before try with the default ones.
767 2004-06-11 Gonzalo Paniagua Javier <gonzalo@ximian.com>
769 * DefaultAuthenticationModule.cs: set the IPrincipal for this thread
770 once we have a user. Fixes bug #59683.
772 2004-04-21 Gonzalo Paniagua Javier <gonzalo@ximian.com>
774 * FormsAuthenticationModule.cs: re-read configuration files if needed
775 when determining if forms auth. is used.
777 2004-01-23 Gonzalo Paniagua Javier <gonzalo@ximian.com>
779 * FormsAuthentication.cs: added RequireSSL and SlidingExpiration.
781 2004-01-11 Andreas Nahr <ClassDevelopment@A-SoftTech.com>
783 * PassportIdentity.cs: Added v 1.1 members
785 2003-11-25 Ben Maurer <bmaurer@users.sourceforge.net>
787 * AccessMembershipProvider.cs: New v2 file
788 * AccessRoleProvider.cs: New v2 file
789 * ADMembershipProvider.cs: New v2 file
790 * AnonymousIdentificationEventArgs.cs: New v2 file
791 * AnonymousIdentificationEventHandler.cs: New v2 file
792 * AnonymousIdentificationModule.cs: New v2 file
793 * CookieProtection.cs: New v2 file
794 * IMembershipProvider.cs: New v2 file
795 * IRoleProvider.cs: New v2 file
796 * Membership.cs: New v2 file
797 * MembershipCreateStatus.cs: New v2 file
798 * MembershipCreateUserException.cs: New v2 file
799 * MembershipOnlineStatus.cs: New v2 file
800 * MembershipPasswordException.cs: New v2 file
801 * MembershipPasswordFormat.cs: New v2 file
802 * MembershipProviderCollection.cs: New v2 file
803 * MembershipSortOptions.cs: New v2 file
804 * MembershipUser.cs: New v2 file
805 * MembershipUserCollection.cs: New v2 file
806 * RoleManagerEventArgs.cs: New v2 file
807 * RoleManagerEventHandler.cs: New v2 file
808 * RoleManagerModule.cs: New v2 file
809 * RolePrincipal.cs: New v2 file
810 * RoleProviderCollection.cs: New v2 file
811 * Roles.cs: New v2 file
812 * SqlMembershipProvider.cs: New v2 file
813 * SqlRoleProvider.cs: New v2 file
815 2003-11-05 Gonzalo Paniagua Javier <gonzalo@ximian.com>
817 * FormsAuthentication.cs: encoding updates.
819 2003-10-04 Gonzalo Paniagua Javier <gonzalo@ximian.com>
821 * FormsAuthenticationModule.cs: fixed for applications other than /.
823 2003-08-27 Gonzalo Paniagua Javier <gonzalo@ximian.com>
825 * UrlAuthorizationModule.cs: fixed description for status code.
827 2003-07-31 Gonzalo Paniagua Javier <gonzalo@ximian.com>
829 * FormsAuthenticationModule.cs: really renew the ticket. Thanks to
830 Jens Thiel <Jens@Thiel.DE>.
832 2003-02-13 Gonzalo Paniagua Javier <gonzalo@ximian.com>
834 * UrlAuthorizationModule.cs: tell the application not to run any other
835 step apart from EndRequest.
837 2003-02-12 Gonzalo Paniagua Javier <gonzalo@ximian.com>
839 * FormsAuthentication.cs: implemented RedirectFromLoginPage and
842 * FormsAuthenticationModule.cs: redirect to the login page when a 401
845 * UrlAuthorizationModule.cs: check for valid user or render error page.
847 2003-01-04 Gonzalo Paniagua Javier <gonzalo@ximian.com>
849 * DefaultAuthenticationModule.cs: implemented. It just create a default
850 unauthenticated user when no one else provided one.
852 * FormsAuthenticationModule.cs: removed debug output.
854 2002-12-20 Gonzalo Paniagua Javier <gonzalo@ximian.com>
856 * FormsAuthenticationModule.cs: remove debug lines.
858 2002-12-19 Gonzalo Paniagua Javier <gonzalo@ximian.com>
860 * FormsAuthentication.cs: return a null ticket when an exception is
861 thrown creating it. Implemented RenewTicketIfOld.
863 * FormsAuthenticationModule.cs: implemented event handlers for
864 AuthenticateRequest and EndRequest.
866 * FormsAuthenticationTicket.cs: implemented SetDates and Clone methods.
868 2002-12-18 Gonzalo Paniagua Javier <gonzalo@ximian.com>
870 * FormsAuthentication.cs: implemented GetAuthCookie, SetAuthCookie,
871 SignOut, FormsCookieName and FormsCookiePath.
873 2002-12-17 Gonzalo Paniagua Javier <gonzalo@ximian.com>
875 * FormsAuthentication.cs: implemented Authenticate, unencrypted Encrypt
876 and Decrypt, HashPasswordForStoringInConfigFile and Initialize.
878 * FormsAuthenticationTicket.cs: set cookiePath to the default when no
881 2002-08-26 Gonzalo Paniagua Javier <gonzalo@ximian.com>
883 * DefaultAuthenticationEventHandler.cs:
884 * DefaultAuthenticationModule.cs:
885 * FileAuthorizationModule.cs:
886 * FormsAuthentication.cs:
887 * FormsAuthenticationEventArgs.cs:
888 * FormsAuthenticationEventHandler.cs:
889 * FormsAuthenticationModule.cs:
890 * FormsAuthenticationTicket.cs:
892 * PassportAuthenticationEventArgs.cs:
893 * PassportAuthenticationEventHandler.cs:
894 * PassportAuthenticationModule.cs:
895 * PassportIdentity.cs:
896 * UrlAuthorizationModule.cs:
897 * WindowsAuthenticationEventArgs.cs:
898 * WindowsAuthenticationEventHandler.cs:
899 * WindowsAuthenticationModule.cs: new files. Some of them implemented,
900 some others stubbed out.
902 2002-06-03 Gonzalo Paniagua Javier <gonzalo@ximian.com>
904 * DefaultAuthenticationEventArgs.cs: added file.