1 2010-02-11 Marek Habersack <mhabersack@novell.com>
3 * Roles.cs: IsUserInRole checks if username is null or empty
4 before attempting to use it. Patch from Tiaan Geldenhuys
5 <tagdev@gmail.com>. thanks!
7 2009-09-22 Sebastien Pouliot <sebastien@ximian.com>
9 * MembershipProvider.cs: Ensure password decryption is always
13 2009-07-09 Gonzalo Paniagua Javier <gonzalo@novell.com>
15 * SqliteMembershipProvider.cs:
16 * UrlAuthorizationModule.cs: use GetSection instead of
17 OpenWebConfiguration+GetSection.
19 2009-05-28 Marek Habersack <mhabersack@novell.com>
21 * FormsAuthenticationModule.cs: if forms authentication login URL
22 is not rooted, make it relative to the application root, so that
23 MapPath maps it correctly.
24 Use String.Compare for checking whether requested URL matches the
25 login URL - be case-insensitive when running on Windows or with
28 2009-03-10 Marek Habersack <mhabersack@novell.com>
30 * UrlAuthorizationModule.cs: OnAuthorizeRequest must use the
31 configuration from <location> elements in the config. Fixes bug
34 2009-02-28 Gonzalo Paniagua Javier <gonzalo@novell.com>
36 * FormsAuthentication.cs: use GetWebApplication instead of GetSection
37 for application level configuration.
39 2009-01-12 Marek Habersack <mhabersack@novell.com>
41 * MembershipUserCollection.cs: CopyTo overloads use store.Values
42 as the copy source. Fixes bug #464783. Patch from Christian
43 Prochnow <cproch@seculogix.de>
45 2008-12-25 Gonzalo Paniagua Javier <gonzalo@novell.com>
48 * SqlMembershipProvider.cs: use IndexOf (char) instead of
51 2008-08-20 Marek Habersack <mhabersack@novell.com>
53 * Membership.cs: implemented the HashAlgorithmType property. Fixes
56 2008-06-30 Marek Habersack <mhabersack@novell.com>
58 * SqliteMembershipProvider.cs, SqliteRoleProvider.cs: remove
61 * SqlRoleProvider.cs, AspNetDBSchemaChecker.cs: hush the warnings
63 2008-05-30 Marek Habersack <mhabersack@novell.com>
65 * AnonymousIdentificationModule.cs, FormsAuthenticationModule.cs,
66 DefaultAuthenticationModule.cs, MembershipProvider.cs,
67 WindowsAuthenticationModule.cs, PassportAuthenticationModule.cs,
68 RoleManagerModule.cs: do not use synthetized event accessors (to
71 2008-05-07 Marek Habersack <mhabersack@novell.com>
73 * RolePrincipal.cs: fix:
74 - Reloading the roles cache from the provider when expired
75 - Update issue & expiry date for expired tickets
76 - Incrementing the cookie expiry date
77 - Obey Roles.MaxCachedResults
78 Fixes bug #385877. Patch from Ivan Hamilton
79 <ivan@chimerical.com.au>, thanks!
81 2008-03-10 Marek Habersack <mhabersack@novell.com>
83 * RoleManagerModule.cs: initialize _config before adding event
84 handlers and account for the fact that _config might still be null
85 in the methods that use it.
87 2007-12-30 Vladimir Krasnov <vladimirk@mainsoft.com>
89 * SqliteMembershipProvider.cs, SqlRoleProvider.cs: added chema checking
90 * added AspNetDBSchemaChecker.cs: schema checker helper class
92 2007-12-11 Vladimir Krasnov <vladimirk@mainsoft.com>
94 * Roles.cs: fixed Providers property to be thread safe
96 2007-12-08 Marek Habersack <mhabersack@novell.com>
98 * SqliteRoleProvider.cs: added - a Role Provider for
99 Sqlite, based on PostgreSQL Role Provider code from Daniel
100 Nauck <dna@informatik.uni-kiel.de>
102 * SqliteMembershipProvider.cs: added - a Membership Provider for
103 Sqlite, based on PostgreSQL Membership Provider code from Daniel
104 Nauck <dna@informatik.uni-kiel.de>
106 2007-11-28 Marek Habersack <mhabersack@novell.com>
108 * SqlMembershipProvider.cs: handle situation when there is no
109 connection string configured for the SQL Membership Provider.
111 2007-11-01 Marek Habersack <mhabersack@novell.com>
113 * RolePrincipal.cs, MembershipProvider.cs: use the new
114 MachineKeySectionUtils class wherever necessary.
116 * FormsAuthentication.cs: use the new MachineKeySectionUtils class
118 GetHexString is a private method again.
120 2007-10-31 Marek Habersack <mhabersack@novell.com>
122 * FormsAuthentication.cs: made GetHexString an internal method -
123 it is used in the AssemblyResourceLoader.cs
125 2007-08-14 Marek Habersack <mhabersack@novell.com>
127 * Roles.cs: remove unused field.
129 * SqlMembershipProvider.cs: remove unused variable.
131 2007-08-13 Vladimir Krasnov <vladimirk@mainsoft.com>
133 * SqlRoleProvider.cs: fixed ApplicationName initialization
135 2007-06-24 Vladimir Krasnov <vladimirk@mainsoft.com>
137 * FormsAuthentication.cs: improved performance of GetHexString()
139 2007-05-17 Vladimir Krasnov <vladimirk@mainsoft.com>
141 * SqlMembershipProvider.cs: fixed DeleteUser, fixed parameter name
143 2007-05-14 Igor Zelmanovich <igorz@mainsoft.com>
145 * SqlMembershipProvider.cs: Fix parameter binding to stored procedures.
147 2007-05-09 Igor Zelmanovich <igorz@mainsoft.com>
149 * PassportIdentity.cs:
150 added MonoNotSupported attribute.
152 2007-05-02 Marek Habersack <mhabersack@novell.com>
154 * FormsAuthentication.cs: user names are stored in lowercase in
155 the credentials database.
157 2007-04-29 Igor Zelmanovich <igorz@mainsoft.com>
159 * FormsAuthenticationModule.cs:
160 Redirect to login page doesn't cause thread abort.
162 2007-04-19 Igor Zelmanovich <igorz@mainsoft.com>
164 * SqlMembershipProvider.cs:
165 ChangePassword throws exception if new password has invalid format.
167 2007-04-17 Igor Zelmanovich <igorz@mainsoft.com>
171 if default provider was not found ConfigurationErrorsException is thrown.
173 2007-04-12 Marek Habersack <mhabersack@novell.com>
175 * RoleManagerModule.cs: do not try to decrypt encryption tickets
176 from cookies with empty values.
178 2007-04-04 Juraj Skripsky <js@hotfeet.ch>
180 * FormsAuthenticationModule.cs: Move initialization of _config out
181 of Init() as app.Context is null in that method when a session is
182 about to be terminated.
184 2007-03-21 Vladimir Krasnov <vladimirk@mainsoft.com>
186 * AnonymousIdentificationModule.cs: optimized Config property
188 2007-03-21 Vladimir Krasnov <vladimirk@mainsoft.com>
190 * AnonymousIdentificationModule.cs: added configuration section caching
191 to AppDomain for TARGET_JVM
192 * RoleManagerModule.cs:
193 * UrlAuthorizationModule.cs:
194 * FormsAuthenticationModule.cs: refactored configuration section to be
197 2007-03-20 Marek Habersack <mhabersack@novell.com>
199 * FormsAuthentication.cs, Roles.cs: remove roles cookie on sign
200 out. Fixes bug #81195. Patch from Mike Morano <mmorano@mikeandwan.us>.
202 2007-03-12 Marek Habersack <mhabersack@novell.com>
204 * RolePrincipal.cs: decrypt the roles ticket properly. Makes role
205 caching in cookies work. Fixes bug #81117. Patch from Mike Morano
206 <mmorano@mikeandwan.us>
208 2007-03-02 Marek Habersack <mhabersack@novell.com>
210 * SqlMembershipProvider.cs: cast PasswordFormat to int, so that
211 the parameter code can infer the sql type. Makes user creation,
212 password reset etc. work.
214 2007-02-28 Andreia Gaita <avidigal@novell.com>
216 * SqlRoleProvider.cs: Fix parameter binding to stored procedures.
217 * SqlMembershipProvider.cs: Fix parameter binding to stored procedures.
218 CreateUser() doesn't use transactions in MS asp.net, so removed the
221 2007-02-19 Vladimir Krasnov <vladimirk@mainsoft.com>
223 * RoleManagerModule.cs: fixed role chaching in OnEndRequest and
224 OnPostAuthenticateRequest
225 * RolePrincipal.cs: implemented ToEncryptedTicket, implemented caching
227 * Roles.cs: implemented DeleteCookie, fixed CookieProtectionValue to
228 get it's value from configuration
230 2007-02-08 Marek Habersack <grendello@gmail.com>
232 * FormsAuthenticationModule.cs: Expire auth tickets properly.
234 * MembershipProvider.cs: Do not clear the password before
237 2007-01-20 Miguel de Icaza <miguel@novell.com>
239 * SqlRoleProvider.cs: comment out unused code.
241 * SqlMembershipProvider.cs: Removed unused variables.
242 Remove unused variable.
244 * AnonymousIdentificationModule.cs (ClearAnonymousIdentifier):
245 remove unused variable. This might be a real bug.
247 2007-01-16 Vladimir Krasnov <vladimirk@mainsoft.com>
249 * RoleManagerModule.cs: fixed OnPostAuthenticateRequest,
250 CacheRolesInCookie not supported yet
251 * Roles.cs: fixed DeleteCookie, CacheRolesInCookie not supported yet
253 2007-01-11 Adar Wesley <adarw@mainsoft.com>
255 * MembershipProvider.cs: fixed EncryptPassword to use password buffer length
257 2007-01-04 Vladimir Krasnov <vladimirk@mainsoft.com>
259 * AnonymousIdentificationModule.cs: fixed OnEnter, fixed failure on
260 incorrect cookie value that browser may hold
262 2006-12-27 Vladimir Krasnov <vladimirk@mainsoft.com>
264 * FormsAuthentication.cs: added internal ReturnUrl property,
265 GetRedirectUrl added usage of ReturnUrl
267 2006-12-12 Vladimir Krasnov <vladimirk@mainsoft.com>
269 * FormsAuthentication.cs: TARGET_J2EE define for static members
271 2006-12-06 Vladimir Krasnov <vladimirk@mainsoft.com>
273 * FormsAuthenticationModule.cs: fixed OnAuthenticateRequest, suppress
274 exception on wrong ticket
276 2006-12-03 Igor Zelmanovich <igorz@mainsoft.com>
278 * FormsAuthenticationModule.cs:
279 set SkipAuthorization=true for WebResource.axd
281 2006-11-27 Vladimir Krasnov <vladimirk@mainsoft.com>
283 * SqlMembershipProvider.cs: typo bug
285 2006-11-21 Vladimir Krasnov <vladimirk@mainsoft.com>
287 * SqlMembershipProvider.cs: fixed fixed exception type in GetPassword
290 2006-11-20 Igor Zelmanovich <igorz@mainsoft.com>
292 * SqlMembershipProvider.cs: fixed: UpdateUser works properly.
294 2006-11-15 Igor Zelmanovich <igorz@mainsoft.com>
296 * SqlMembershipProvider.cs: fixed: name is used for ReturnValue parameter.
298 2006-11-05 Vladimir Krasnov <vladimirk@mainsoft.com>
300 * AnonymousIdentificationModule.cs: fixed anonymous id cookie
302 2006-11-05 Vladimir Krasnov <vladimirk@mainsoft.com>
304 * MembershipProvider.cs, SqlMembershipProvider.cs:
305 refactoring of DecryptPassword and EncryptPassword methods according
308 2006-09-10 Konstantin Triger <kostat@mainsoft.com>
310 * SqlRoleProvider.cs: throw on empty connection string.
312 2006-09-26 Vladimir Krasnov <vladimirk@mainsoft.com>
314 * Membership.cs: fixed GetAllUsers, typo bug
315 * SqlRoleProvider.cs, SqlMembershipProvider.cs: refactored to use
316 aspnetdb built in stored procedures,
317 fixed application name and membership relation,
318 improved exception handling
320 2006-09-03 Igor Zelmanovich <igorz@mainsoft.com>
322 * RolePrincipal.cs: refactoring: instance can be serialized.
324 2006-09-03 Igor Zelmanovich <igorz@mainsoft.com>
326 * SqlMembershipProvider.cs: fixed GetUser,
327 when username is String.Empty methods returns null.
329 2006-08-31 Konstantin Triger <kostat@mainsoft.com>
331 * SqlRoleProvider.cs: fixed initialization.
333 2006-08-31 Igor Zelmanovich <igorz@mainsoft.com>
335 * SqlMembershipProvider.cs: fixed CreateUser,
336 password is checked, properties MinRequiredPasswordLength and
337 MinRequiredNonAlphanumericCharacters are considered.
339 2006-08-29 Konstantin Triger <kostat@mainsoft.com>
341 * SqlMembershipProvider.cs: fix dispose order of reader vs connection.
343 2006-08-28 Igor Zelmanovich <igorz@mainsoft.com>
345 * SqlMembershipProvider.cs: fixed CreateUser, parameter isApproved is
348 2006-08-28 Konstantin Triger <kostat@mainsoft.com>
350 * SqlMembershipProvider.cs: ensure GetUser() returns null if it cannot
351 retrieve user information.
353 2006-08-28 Konstantin Triger <kostat@mainsoft.com>
355 * SqlRoleProvider.cs, SqlMembershipProvider.cs:
356 "use SqlClientFactory in case the ProviderName is not specified.
358 2006-08-27 Konstantin Triger <kostat@mainsoft.com>
360 * SqlRoleProvider.cs: enable concurrent usage, refactoring.
362 2006-08-27 Konstantin Triger <kostat@mainsoft.com>
364 * SqlMembershipProvider.cs: enable concurrent usage, refactoring.
366 2006-08-27 Vladimir Krasnov <vladimirk@mainsoft.com>
368 * SqlMembershipProvider.cs: fixed ValidateUser, bug when user
371 2006-08-14 Gonzalo Paniagua Javier <gonzalo@ximian.com>
373 * FormsAuthentication.cs: set the Secure attribute of the authentication
374 cookie when required.
376 2006-07-06 Konstantin Triger <kostat@mainsoft.com>
378 * FormsAuthentication.cs: Ensure initialized, fix url mapping.
380 2006-05-03 Chris Toshok <toshok@ximian.com>
382 * SqlMembershipProvider.cs (GetAlg): move this here for the time
383 being, as it's the only class that uses it.
384 (HashAndBase64Encode): nuke.
385 (EncryptAndBase64Encode): nuke.
386 (Base64DecodeAndDecrypt): nuke.
387 (DecryptPassword): new function.
388 (EncryptPassword): new function.
389 (ChangePassword): replace the switch with a call to
391 (ChangePasswordQuestionAndAnswer): same.
393 (ResetPassword): same.
394 (ValidateUsingPassword): same.
395 (ValidateUsingPasswordAnswer): same.
396 (GetPassword): same, and throw MembershipPasswordException if the
397 password answer is incorrect.
399 * MembershipProvider.cs (InitVector): nuke this. it's actually
400 the salt from the database (for the sql provider, anyway).
401 (EncodePassword): based on the password format, password, and
402 salt, encode it. Makes use of EncryptPassword.
403 (DecodePassword): likewise for decoding, makes use of
405 (DecryptPassword): revert this to throwing
406 NotImplementedException, as the sql provideroverrides it to
407 perform the actual decryption.
408 (EncryptPassword): same.
410 2006-05-02 Chris Toshok <toshok@ximian.com>
412 * SqlMembershipProvider.cs: 85% complete, maybe more. The major
413 functionality should work. Password retrieval (and encrypted
414 passwords in general) is untested.
416 2006-05-01 Chris Toshok <toshok@ximian.com>
418 * Membership.cs (GeneratePassword): don't include quotes (',",`)
419 in the set of characters in the generated passwords.
421 2006-05-01 Chris Toshok <toshok@ximian.com>
423 * MembershipProvider.cs (GetAlg): switch from Exception to
424 ProviderException to match MS behavior (and fix the unit test.)
426 * Membership.cs (GeneratePassword): implement.
428 2006-05-01 Chris Toshok <toshok@ximian.com>
430 * SqlMembershipProvider.cs: lots more work. checking this in in
431 its present state because I don't want to lose it. It still needs
434 * Membership.cs (.cctor): remove the fallback.
435 (ValidatingPassword): remove the MonoTODO.
437 * MembershipProvider.cs (DecryptPassword): implement.
438 (EncryptPassword): implement.
439 (GetAlg): helper function for Decrypt/EncryptPassword.
442 2006-04-27 Chris Toshok <toshok@ximian.com>
444 * SqlMembershipProvider.cs (GeneratePassword): call
445 Membership.GeneratePassword with the configured minimum strength
448 2006-04-27 Chris Toshok <toshok@ximian.com>
450 * SqlMembershipProvider.cs (UnlockUser): fix sql query, and move
451 the CheckPararm call to the top of the method.
453 2006-04-12 Chris Toshok <toshok@ximian.com>
455 * SqlMembershipProvider.cs: commit initial pass at
456 SqlMembershipProvider work. lots of stuff untested in here.
458 2006-04-11 Chris Toshok <toshok@ximian.com>
460 * MembershipUser.cs (.ctor): per Shackow's book, all DateTime's
461 are converted using ToUniversalTime when passed into this class.
462 (UpdateSelf): update ourselves from the passed in MembershipUser,
463 swallowing NotSupportedExceptions.
464 (UpdateUser): fetch a new MembershipUser from the db and call
466 (ChangePassword): call UpdateUser after changing the password.
467 (ChangePasswordQuestionAndAnswer): same.
468 (ResetPassword): same.
469 (UnlockUser): same. Also, don't explicitly set isLockedOut.
470 It'll be updated in UpdateSelf.
471 (CreationDate): getter calls ToLocalTime, setter calls
473 (LastActivityDate): same.
474 (LastLoginDate): same.
475 (LastPasswordChangedDate): same.
476 (LastLockoutDate): same.
478 * Membership.cs (.cctor): use
479 ProvidersHelper.InstantitateProviders, and remove some unnecessary
482 2006-03-29 Chris Toshok <toshok@ximian.com>
484 * SqlRoleProvider.cs: do the LOWER's in SQL, not in C#.
486 2006-03-23 Chris Toshok <toshok@ximian.com>
488 * Roles.cs: make this 2.0 configuration aware.
490 * SqlRoleProvider.cs: flesh out all the operations. the only
491 things that need dealing with are the Initialize method's handling
492 of a few parameters, and the ApplicationName property.
494 2006-03-23 Chris Toshok <toshok@ximian.com>
496 * DefaultAuthenticationModule.cs (OnDefaultAuthentication): always
497 set Thread.CurrentPrincipal, not just if we set it to the
500 2006-03-22 Chris Toshok <toshok@ximian.com>
502 * RoleManagerModule.cs: implement using info in Shackow's book.
504 * RolePrincipal.cs: flesh this out a bit more.
506 * DefaultAuthenticationModule.cs (OnDefaultAuthentication):
507 according to Shackow's book, this sets Thread.CurrentPrincipal as
508 well as HttpContext.Current.User.
510 2006-02-28 Chris Toshok <toshok@ximian.com>
512 * FormsAuthentication.cs: corcompare work.
514 * MembershipCreateUserException.cs: same.
516 * MembershipPasswordException.cs: same.
518 * AnonymousIdentificationModule.cs: same.
520 2006-02-01 Chris Toshok <toshok@ximian.com>
522 * FormsAuthentication.cs, Membership.cs,
523 FormsAuthenticationModule.cs, UrlAuthorizationModule.cs: oops,
524 replace GetWebApplicationSection with GetSection.
526 2006-02-01 Chris Toshok <toshok@ximian.com>
528 * FormsAuthentication.cs: CONFIGURATION_2_0 => NET_2_0.
529 simplifies the ifdef mess quite a bit.
531 * Membership.cs: same.
533 * FormsAuthenticationModule.cs: same.
535 * UrlAuthorizationModule.cs: same.
537 2006-01-04 Chris Toshok <toshok@ximian.com>
539 * FormsAuthentication.cs (Authenticate): add CONFIGURATION_2_0
546 2006-01-04 Chris Toshok <toshok@ximian.com>
548 * Membership.cs (.cctor): enable the code here under
551 2006-01-03 Chris Toshok <toshok@ximian.com>
553 * UrlAuthorizationModule.cs (OnAuthorizeRequest): add
554 CONFIGURATION_2_0 code here.
556 2005-12-22 Gonzalo Paniagua Javier <gonzalo@ximian.com>
558 * FormsAuthentication.cs: don't end the request in
559 RedirectFromLoginPage.
561 2005-12-22 Gonzalo Paniagua Javier <gonzalo@ximian.com>
563 * FormsAuthenticationModule.cs: expire the cookie. Fixes bug #77043.
564 Patch by Cyrille Colin.
566 2005-12-13 Gonzalo Paniagua Javier <gonzalo@ximian.com>
568 * FormsAuthenticationModule.cs: ignore any exception thrown when mapping
569 the provided virtual path to the physical one. Patch by Cyrille Colin.
571 2005-11-28 Chris Toshok <toshok@ximian.com>
573 * FormsAuthenticationModule.cs (OnAuthenticateRequest):
574 CONFIGURATION_2_0 work.
575 (OnEndRequest): same.
577 2005-09-09 Sebastien Pouliot <sebastien@ximian.com>
579 * DefaultAuthenticationEventArgs.cs: Added LinkDemand for Minimal.
580 * DefaultAuthenticationModule.cs: Added LinkDemand for Minimal. Added
581 Demand for UnmanagedCode on constructor.
582 * FileAuthorizationModule.cs: Added LinkDemand for Minimal. Added
583 Demand for UnmanagedCode on constructor.
584 * FormsAuthentication.cs: Added LinkDemand for Minimal.
585 * FormsAuthenticationEventArgs.cs: Added LinkDemand for Minimal.
586 * FormsAuthenticationModule.cs: Added LinkDemand for Minimal. Added
587 Demand for UnmanagedCode on constructor.
588 * FormsAuthenticationTicket.cs: Added LinkDemand for Minimal.
589 * FormsIdentity.cs: Added LinkDemand for Minimal.
590 * PassportAuthenticationEventArgs.cs: Added LinkDemand for Minimal.
591 * PassportAuthenticationModule.cs: Added LinkDemand for Minimal. Added
592 Demand for UnmanagedCode on constructor.
593 * PassportIdentity.cs: Added LinkDemand for Minimal. Added Demand for
594 UnmanagedCode on constructor.
595 * UrlAuthorizationModule.cs: Added LinkDemand for Minimal. Added
596 Demand for UnmanagedCode on constructor.
597 * WindowsAuthenticationEventArgs.cs: Added LinkDemand for Minimal.
598 * WindowsAuthenticationModule.cs: Added LinkDemand for Minimal. Added
599 Demand for UnmanagedCode on constructor.
601 2005-09-01 Sebastien Pouliot <sebastien@ximian.com>
603 * FormsAuthenticationEventArgs.cs: Ensure the setter for User is
604 protected by a demand for ControlPrincipal.
605 * PassportAuthenticationEventArgs.cs: Ensure the setter for User is
606 protected by a demand for ControlPrincipal.
607 * WindowsAuthenticationEventArgs.cs: Ensure the setter for User is
608 protected by a demand for ControlPrincipal.
610 2005-08-25 Sebastien Pouliot <sebastien@ximian.com>
612 * FormsAuthentication.cs: With 2.0 we can get the default properties
613 and call Initialize without a NRE.
615 2005-08-25 Sebastien Pouliot <sebastien@ximian.com>
617 * ActiveDirectoryConnectionProtection.cs: New (2.0) enum.
618 * ActiveDirectoryMembershipProvider.cs: Fixed 2.0 API.
619 * AnonymousIdentificationEventArgs.cs: Fixed AnonymousID property case.
620 * AnonymousIdentificationModule.cs: Fixed 2.0 API.
621 * FileAuthorizationModule.cs: Added static CheckFileAccessForUser in
623 * FormsAuthentication.cs: Added missing 2.0 properties with their
625 * MembershipCreateStatus.cs: Fixed enum values/names.
626 * MembershipProvider.cs: Added stub for [Decrypt|Encrypt]Password. Both
627 methods don't seems to work without an active provider.
628 * PassportIdentity.cs: Added IDispose for 2.0 profile.
629 * Roles.cs: Added missing beta2 bits and default values (which are the
630 only things working without a role provider (web.config).
631 * RolePrincipal.cs: Fixed 2.0 API. Implemented a few bits.
632 * SqlRoleProvider.cs: Fixed 2.0 API.
633 * UrlAuthorizationModule.cs: Added static CheckUrlAccessForPrincipal in
636 2005-08-24 Sebastien Pouliot <sebastien@ximian.com>
638 * MembershipUserCollection.cs: Fix exceptions.
640 2005-08-22 Sebastien Pouliot <sebastien@ximian.com>
642 * FormsAuthentication.cs: Add some 2.0 stuff required for Login*
645 2005-08-18 Sebastien Pouliot <sebastien@ximian.com>
647 * Membership.cs: Commented unworking parts of the .cctor to allow
648 testing the Login control.
649 * MembershipProviderCollection.cs: Fixed exception handling.
650 * SqlMembershipProvider.cs: Don't throw NotImplementedException
651 everywhere so Membership's .cctor (somewhat) works. Removed
652 Description property (not in beta2).
654 2005-07-28 Gonzalo Paniagua Javier <gonzalo@ximian.com>
656 * FormsAuthentication.cs: allow hardware acceleration support if
657 available. Sebastien dixit.
659 2005-07-26 Gonzalo Paniagua Javier <gonzalo@ximian.com>
661 * FormsAuthentication.cs: the init_vector must be the same accross
662 restarts, otherwise the cookie does not work even when a decryption
663 key is provided. Initialize it to the bytes of the cookie name. Fixes
666 2005-07-25 Eyal Alaluf <eyala@mainsoft.com>
668 * FormsAuthenticationModule.cs: Check for null config
670 2005-07-25 Miguel de Icaza <miguel@novell.com>
672 * FormsAuthentication.cs (SignOut): Force the cookie to have it
675 2005-07-25 Gonzalo Paniagua Javier <gonzalo@ximian.com>
677 * FormsAuthentication.cs: my previous patch missed a "small" detail: it
678 didn't include the verification key when computing/checking the
679 validation hash. Now this is really a MAC or HMAC or...
681 2005-07-25 Gonzalo Paniagua Javier <gonzalo@ximian.com>
683 * FormsAuthentication.cs:
684 * FormsAuthenticationTicket.cs: added support for validation and
685 encryption of the auth. cookie and improved serialization of the ticket.
687 2005-07-01 Lluis Sanchez Gual <lluis@novell.com>
689 * Membership.cs: Read provider info from the config file.
691 2005-06-10 Lluis Sanchez Gual <lluis@novell.com>
693 * MembershipUserCollection.cs:
694 * MembershipPasswordException.cs:
695 * RoleProviderCollection.cs:
696 * ActiveDirectoryMembershipProvider.cs:
697 * SqlMembershipProvider.cs:
698 * MembershipProvider.cs:
699 * SqlRoleProvider.cs:
702 * MembershipProviderCollection.cs:
704 * RoleProvider.cs: Track api changes in ASP.NET 2.0. Implemented
705 some missing methods.
707 * AccessRoleProvider.cs:
708 * AccessMembershipProvider.cs: Removed.
710 * MembershipCreateUserException.cs:
711 * MembershipValidatePasswordEventHandler.cs:
712 * ValidatePasswordEventArgs.cs: Implemented.
714 2005-05-21 Sebastien Pouliot <sebastien@ximian.com>
716 * FormsAuthentication.cs: Hash the UTF8 representation of the password
717 strings (to be compatible with Microsoft implementation).
719 2005-04-20 Gonzalo Paniagua Javier <gonzalo@ximian.com>
721 * FormsAuthentication.cs:
722 * PassportAuthenticationModule.cs:
723 * WindowsAuthenticationModule.cs: removed warnings.
725 2005-03-11 Gonzalo Paniagua Javier <gonzalo@ximian.com>
727 * FormsAuthenticationModule.cs: fix for bug 73545, which caused
728 authentication not to work when the cookie was not persistent.
729 Patch by Ilya Kharmatsky (Mainsoft).
731 2005-02-23 Gonzalo Paniagua Javier <gonzalo@ximian.com>
733 * FormsAuthentication.cs: make the string to be stored in a config.
734 file uppercase... See bug #72557.
736 2005-02-06 Gonzalo Paniagua Javier <gonzalo@ximian.com>
738 * FormsAuthentication.cs: fixed typo when getting the hash for the
739 password in SHA1 and MD5. Thanks to Tadas Dailyda.
740 Lock on a static object instead of typeof(FormsAuthentication).
742 2004-11-18 Lluis Sanchez Gual <lluis@novell.com>
744 * RoleProvider.cs, Roles.cs, SqlRoleProvider.cs, RoleProviderCollection.cs,
745 AccessRoleProvider.cs: IRoleProvider has been renamed to ProviderBase.
746 * IMembershipProvider.cs: Deleted.
747 * MembershipProvider.cs, AccessMembershipProvider.cs, MembershipUser.cs,
748 Membership.cs, ADMembershipProvider.cs, SqlMembershipProvider.cs
749 MembershipProviderCollection.cs: MembershipProvider has been deleted
750 and replaced by the abstract class MembershipProvider.
751 * MembershipProviderCollection.cs: Minor fixes.
752 * ADMembershipProvider.cs: Renamed to ActiveDirectoryMembershipProvider.cs.
754 2004-11-15 Lluis Sanchez Gual <lluis@novell.com>
756 * RoleProviderCollection.cs, MembershipProviderCollection.cs:
759 2004-08-23 Gonzalo Paniagua Javier <gonzalo@ximian.com>
761 * FormsAuthentication.cs: patch by Jim Pease to fix the date on renewal.
763 2004-08-22 Gonzalo Paniagua Javier <gonzalo@ximian.com>
765 * FormsAuthenticationModule.cs: don't renew expired cookies. Only renew
766 the cookie if SlidingExpiration is set. Thanks to Jim Pease.
768 2004-08-03 Sanjay Gupta <gsanjay@novell.com>
770 * MembershipSortOptions.cs:
771 * MembershipPasswordFormat.cs:
772 * MembershipOnlineStatus.cs:
773 * MembershipCreateStatus.cs:
774 * CookieProtection.cs: minor modifications.
776 2004-06-12 Pedro Martnez Juli <yoros@wanadoo.es>
778 * FormsAuthentication.cs: Undo last change.
780 2004-06-12 Pedro Martnez Juli <yoros@wanadoo.es>
782 * FormsAuthentication.cs: go to loginUrl from web.config settings
783 before try with the default ones.
785 2004-06-11 Gonzalo Paniagua Javier <gonzalo@ximian.com>
787 * DefaultAuthenticationModule.cs: set the IPrincipal for this thread
788 once we have a user. Fixes bug #59683.
790 2004-04-21 Gonzalo Paniagua Javier <gonzalo@ximian.com>
792 * FormsAuthenticationModule.cs: re-read configuration files if needed
793 when determining if forms auth. is used.
795 2004-01-23 Gonzalo Paniagua Javier <gonzalo@ximian.com>
797 * FormsAuthentication.cs: added RequireSSL and SlidingExpiration.
799 2004-01-11 Andreas Nahr <ClassDevelopment@A-SoftTech.com>
801 * PassportIdentity.cs: Added v 1.1 members
803 2003-11-25 Ben Maurer <bmaurer@users.sourceforge.net>
805 * AccessMembershipProvider.cs: New v2 file
806 * AccessRoleProvider.cs: New v2 file
807 * ADMembershipProvider.cs: New v2 file
808 * AnonymousIdentificationEventArgs.cs: New v2 file
809 * AnonymousIdentificationEventHandler.cs: New v2 file
810 * AnonymousIdentificationModule.cs: New v2 file
811 * CookieProtection.cs: New v2 file
812 * IMembershipProvider.cs: New v2 file
813 * IRoleProvider.cs: New v2 file
814 * Membership.cs: New v2 file
815 * MembershipCreateStatus.cs: New v2 file
816 * MembershipCreateUserException.cs: New v2 file
817 * MembershipOnlineStatus.cs: New v2 file
818 * MembershipPasswordException.cs: New v2 file
819 * MembershipPasswordFormat.cs: New v2 file
820 * MembershipProviderCollection.cs: New v2 file
821 * MembershipSortOptions.cs: New v2 file
822 * MembershipUser.cs: New v2 file
823 * MembershipUserCollection.cs: New v2 file
824 * RoleManagerEventArgs.cs: New v2 file
825 * RoleManagerEventHandler.cs: New v2 file
826 * RoleManagerModule.cs: New v2 file
827 * RolePrincipal.cs: New v2 file
828 * RoleProviderCollection.cs: New v2 file
829 * Roles.cs: New v2 file
830 * SqlMembershipProvider.cs: New v2 file
831 * SqlRoleProvider.cs: New v2 file
833 2003-11-05 Gonzalo Paniagua Javier <gonzalo@ximian.com>
835 * FormsAuthentication.cs: encoding updates.
837 2003-10-04 Gonzalo Paniagua Javier <gonzalo@ximian.com>
839 * FormsAuthenticationModule.cs: fixed for applications other than /.
841 2003-08-27 Gonzalo Paniagua Javier <gonzalo@ximian.com>
843 * UrlAuthorizationModule.cs: fixed description for status code.
845 2003-07-31 Gonzalo Paniagua Javier <gonzalo@ximian.com>
847 * FormsAuthenticationModule.cs: really renew the ticket. Thanks to
848 Jens Thiel <Jens@Thiel.DE>.
850 2003-02-13 Gonzalo Paniagua Javier <gonzalo@ximian.com>
852 * UrlAuthorizationModule.cs: tell the application not to run any other
853 step apart from EndRequest.
855 2003-02-12 Gonzalo Paniagua Javier <gonzalo@ximian.com>
857 * FormsAuthentication.cs: implemented RedirectFromLoginPage and
860 * FormsAuthenticationModule.cs: redirect to the login page when a 401
863 * UrlAuthorizationModule.cs: check for valid user or render error page.
865 2003-01-04 Gonzalo Paniagua Javier <gonzalo@ximian.com>
867 * DefaultAuthenticationModule.cs: implemented. It just create a default
868 unauthenticated user when no one else provided one.
870 * FormsAuthenticationModule.cs: removed debug output.
872 2002-12-20 Gonzalo Paniagua Javier <gonzalo@ximian.com>
874 * FormsAuthenticationModule.cs: remove debug lines.
876 2002-12-19 Gonzalo Paniagua Javier <gonzalo@ximian.com>
878 * FormsAuthentication.cs: return a null ticket when an exception is
879 thrown creating it. Implemented RenewTicketIfOld.
881 * FormsAuthenticationModule.cs: implemented event handlers for
882 AuthenticateRequest and EndRequest.
884 * FormsAuthenticationTicket.cs: implemented SetDates and Clone methods.
886 2002-12-18 Gonzalo Paniagua Javier <gonzalo@ximian.com>
888 * FormsAuthentication.cs: implemented GetAuthCookie, SetAuthCookie,
889 SignOut, FormsCookieName and FormsCookiePath.
891 2002-12-17 Gonzalo Paniagua Javier <gonzalo@ximian.com>
893 * FormsAuthentication.cs: implemented Authenticate, unencrypted Encrypt
894 and Decrypt, HashPasswordForStoringInConfigFile and Initialize.
896 * FormsAuthenticationTicket.cs: set cookiePath to the default when no
899 2002-08-26 Gonzalo Paniagua Javier <gonzalo@ximian.com>
901 * DefaultAuthenticationEventHandler.cs:
902 * DefaultAuthenticationModule.cs:
903 * FileAuthorizationModule.cs:
904 * FormsAuthentication.cs:
905 * FormsAuthenticationEventArgs.cs:
906 * FormsAuthenticationEventHandler.cs:
907 * FormsAuthenticationModule.cs:
908 * FormsAuthenticationTicket.cs:
910 * PassportAuthenticationEventArgs.cs:
911 * PassportAuthenticationEventHandler.cs:
912 * PassportAuthenticationModule.cs:
913 * PassportIdentity.cs:
914 * UrlAuthorizationModule.cs:
915 * WindowsAuthenticationEventArgs.cs:
916 * WindowsAuthenticationEventHandler.cs:
917 * WindowsAuthenticationModule.cs: new files. Some of them implemented,
918 some others stubbed out.
920 2002-06-03 Gonzalo Paniagua Javier <gonzalo@ximian.com>
922 * DefaultAuthenticationEventArgs.cs: added file.