1 2006-05-02 Chris Toshok <toshok@ximian.com>
3 * SqlMembershipProvider.cs: 85% complete, maybe more. The major
4 functionality should work. Password retrieval (and encrypted
5 passwords in general) is untested.
7 2006-05-01 Chris Toshok <toshok@ximian.com>
9 * Membership.cs (GeneratePassword): don't include quotes (',",`)
10 in the set of characters in the generated passwords.
12 2006-05-01 Chris Toshok <toshok@ximian.com>
14 * MembershipProvider.cs (GetAlg): switch from Exception to
15 ProviderException to match MS behavior (and fix the unit test.)
17 * Membership.cs (GeneratePassword): implement.
19 2006-05-01 Chris Toshok <toshok@ximian.com>
21 * SqlMembershipProvider.cs: lots more work. checking this in in
22 its present state because I don't want to lose it. It still needs
25 * Membership.cs (.cctor): remove the fallback.
26 (ValidatingPassword): remove the MonoTODO.
28 * MembershipProvider.cs (DecryptPassword): implement.
29 (EncryptPassword): implement.
30 (GetAlg): helper function for Decrypt/EncryptPassword.
33 2006-04-27 Chris Toshok <toshok@ximian.com>
35 * SqlMembershipProvider.cs (GeneratePassword): call
36 Membership.GeneratePassword with the configured minimum strength
39 2006-04-27 Chris Toshok <toshok@ximian.com>
41 * SqlMembershipProvider.cs (UnlockUser): fix sql query, and move
42 the CheckPararm call to the top of the method.
44 2006-04-12 Chris Toshok <toshok@ximian.com>
46 * SqlMembershipProvider.cs: commit initial pass at
47 SqlMembershipProvider work. lots of stuff untested in here.
49 2006-04-11 Chris Toshok <toshok@ximian.com>
51 * MembershipUser.cs (.ctor): per Shackow's book, all DateTime's
52 are converted using ToUniversalTime when passed into this class.
53 (UpdateSelf): update ourselves from the passed in MembershipUser,
54 swallowing NotSupportedExceptions.
55 (UpdateUser): fetch a new MembershipUser from the db and call
57 (ChangePassword): call UpdateUser after changing the password.
58 (ChangePasswordQuestionAndAnswer): same.
59 (ResetPassword): same.
60 (UnlockUser): same. Also, don't explicitly set isLockedOut.
61 It'll be updated in UpdateSelf.
62 (CreationDate): getter calls ToLocalTime, setter calls
64 (LastActivityDate): same.
65 (LastLoginDate): same.
66 (LastPasswordChangedDate): same.
67 (LastLockoutDate): same.
69 * Membership.cs (.cctor): use
70 ProvidersHelper.InstantitateProviders, and remove some unnecessary
73 2006-03-29 Chris Toshok <toshok@ximian.com>
75 * SqlRoleProvider.cs: do the LOWER's in SQL, not in C#.
77 2006-03-23 Chris Toshok <toshok@ximian.com>
79 * Roles.cs: make this 2.0 configuration aware.
81 * SqlRoleProvider.cs: flesh out all the operations. the only
82 things that need dealing with are the Initialize method's handling
83 of a few parameters, and the ApplicationName property.
85 2006-03-23 Chris Toshok <toshok@ximian.com>
87 * DefaultAuthenticationModule.cs (OnDefaultAuthentication): always
88 set Thread.CurrentPrincipal, not just if we set it to the
91 2006-03-22 Chris Toshok <toshok@ximian.com>
93 * RoleManagerModule.cs: implement using info in Shackow's book.
95 * RolePrincipal.cs: flesh this out a bit more.
97 * DefaultAuthenticationModule.cs (OnDefaultAuthentication):
98 according to Shackow's book, this sets Thread.CurrentPrincipal as
99 well as HttpContext.Current.User.
101 2006-02-28 Chris Toshok <toshok@ximian.com>
103 * FormsAuthentication.cs: corcompare work.
105 * MembershipCreateUserException.cs: same.
107 * MembershipPasswordException.cs: same.
109 * AnonymousIdentificationModule.cs: same.
111 2006-02-01 Chris Toshok <toshok@ximian.com>
113 * FormsAuthentication.cs, Membership.cs,
114 FormsAuthenticationModule.cs, UrlAuthorizationModule.cs: oops,
115 replace GetWebApplicationSection with GetSection.
117 2006-02-01 Chris Toshok <toshok@ximian.com>
119 * FormsAuthentication.cs: CONFIGURATION_2_0 => NET_2_0.
120 simplifies the ifdef mess quite a bit.
122 * Membership.cs: same.
124 * FormsAuthenticationModule.cs: same.
126 * UrlAuthorizationModule.cs: same.
128 2006-01-04 Chris Toshok <toshok@ximian.com>
130 * FormsAuthentication.cs (Authenticate): add CONFIGURATION_2_0
137 2006-01-04 Chris Toshok <toshok@ximian.com>
139 * Membership.cs (.cctor): enable the code here under
142 2006-01-03 Chris Toshok <toshok@ximian.com>
144 * UrlAuthorizationModule.cs (OnAuthorizeRequest): add
145 CONFIGURATION_2_0 code here.
147 2005-12-22 Gonzalo Paniagua Javier <gonzalo@ximian.com>
149 * FormsAuthentication.cs: don't end the request in
150 RedirectFromLoginPage.
152 2005-12-22 Gonzalo Paniagua Javier <gonzalo@ximian.com>
154 * FormsAuthenticationModule.cs: expire the cookie. Fixes bug #77043.
155 Patch by Cyrille Colin.
157 2005-12-13 Gonzalo Paniagua Javier <gonzalo@ximian.com>
159 * FormsAuthenticationModule.cs: ignore any exception thrown when mapping
160 the provided virtual path to the physical one. Patch by Cyrille Colin.
162 2005-11-28 Chris Toshok <toshok@ximian.com>
164 * FormsAuthenticationModule.cs (OnAuthenticateRequest):
165 CONFIGURATION_2_0 work.
166 (OnEndRequest): same.
168 2005-09-09 Sebastien Pouliot <sebastien@ximian.com>
170 * DefaultAuthenticationEventArgs.cs: Added LinkDemand for Minimal.
171 * DefaultAuthenticationModule.cs: Added LinkDemand for Minimal. Added
172 Demand for UnmanagedCode on constructor.
173 * FileAuthorizationModule.cs: Added LinkDemand for Minimal. Added
174 Demand for UnmanagedCode on constructor.
175 * FormsAuthentication.cs: Added LinkDemand for Minimal.
176 * FormsAuthenticationEventArgs.cs: Added LinkDemand for Minimal.
177 * FormsAuthenticationModule.cs: Added LinkDemand for Minimal. Added
178 Demand for UnmanagedCode on constructor.
179 * FormsAuthenticationTicket.cs: Added LinkDemand for Minimal.
180 * FormsIdentity.cs: Added LinkDemand for Minimal.
181 * PassportAuthenticationEventArgs.cs: Added LinkDemand for Minimal.
182 * PassportAuthenticationModule.cs: Added LinkDemand for Minimal. Added
183 Demand for UnmanagedCode on constructor.
184 * PassportIdentity.cs: Added LinkDemand for Minimal. Added Demand for
185 UnmanagedCode on constructor.
186 * UrlAuthorizationModule.cs: Added LinkDemand for Minimal. Added
187 Demand for UnmanagedCode on constructor.
188 * WindowsAuthenticationEventArgs.cs: Added LinkDemand for Minimal.
189 * WindowsAuthenticationModule.cs: Added LinkDemand for Minimal. Added
190 Demand for UnmanagedCode on constructor.
192 2005-09-01 Sebastien Pouliot <sebastien@ximian.com>
194 * FormsAuthenticationEventArgs.cs: Ensure the setter for User is
195 protected by a demand for ControlPrincipal.
196 * PassportAuthenticationEventArgs.cs: Ensure the setter for User is
197 protected by a demand for ControlPrincipal.
198 * WindowsAuthenticationEventArgs.cs: Ensure the setter for User is
199 protected by a demand for ControlPrincipal.
201 2005-08-25 Sebastien Pouliot <sebastien@ximian.com>
203 * FormsAuthentication.cs: With 2.0 we can get the default properties
204 and call Initialize without a NRE.
206 2005-08-25 Sebastien Pouliot <sebastien@ximian.com>
208 * ActiveDirectoryConnectionProtection.cs: New (2.0) enum.
209 * ActiveDirectoryMembershipProvider.cs: Fixed 2.0 API.
210 * AnonymousIdentificationEventArgs.cs: Fixed AnonymousID property case.
211 * AnonymousIdentificationModule.cs: Fixed 2.0 API.
212 * FileAuthorizationModule.cs: Added static CheckFileAccessForUser in
214 * FormsAuthentication.cs: Added missing 2.0 properties with their
216 * MembershipCreateStatus.cs: Fixed enum values/names.
217 * MembershipProvider.cs: Added stub for [Decrypt|Encrypt]Password. Both
218 methods don't seems to work without an active provider.
219 * PassportIdentity.cs: Added IDispose for 2.0 profile.
220 * Roles.cs: Added missing beta2 bits and default values (which are the
221 only things working without a role provider (web.config).
222 * RolePrincipal.cs: Fixed 2.0 API. Implemented a few bits.
223 * SqlRoleProvider.cs: Fixed 2.0 API.
224 * UrlAuthorizationModule.cs: Added static CheckUrlAccessForPrincipal in
227 2005-08-24 Sebastien Pouliot <sebastien@ximian.com>
229 * MembershipUserCollection.cs: Fix exceptions.
231 2005-08-22 Sebastien Pouliot <sebastien@ximian.com>
233 * FormsAuthentication.cs: Add some 2.0 stuff required for Login*
236 2005-08-18 Sebastien Pouliot <sebastien@ximian.com>
238 * Membership.cs: Commented unworking parts of the .cctor to allow
239 testing the Login control.
240 * MembershipProviderCollection.cs: Fixed exception handling.
241 * SqlMembershipProvider.cs: Don't throw NotImplementedException
242 everywhere so Membership's .cctor (somewhat) works. Removed
243 Description property (not in beta2).
245 2005-07-28 Gonzalo Paniagua Javier <gonzalo@ximian.com>
247 * FormsAuthentication.cs: allow hardware acceleration support if
248 available. Sebastien dixit.
250 2005-07-26 Gonzalo Paniagua Javier <gonzalo@ximian.com>
252 * FormsAuthentication.cs: the init_vector must be the same accross
253 restarts, otherwise the cookie does not work even when a decryption
254 key is provided. Initialize it to the bytes of the cookie name. Fixes
257 2005-07-25 Eyal Alaluf <eyala@mainsoft.com>
259 * FormsAuthenticationModule.cs: Check for null config
261 2005-07-25 Miguel de Icaza <miguel@novell.com>
263 * FormsAuthentication.cs (SignOut): Force the cookie to have it
266 2005-07-25 Gonzalo Paniagua Javier <gonzalo@ximian.com>
268 * FormsAuthentication.cs: my previous patch missed a "small" detail: it
269 didn't include the verification key when computing/checking the
270 validation hash. Now this is really a MAC or HMAC or...
272 2005-07-25 Gonzalo Paniagua Javier <gonzalo@ximian.com>
274 * FormsAuthentication.cs:
275 * FormsAuthenticationTicket.cs: added support for validation and
276 encryption of the auth. cookie and improved serialization of the ticket.
278 2005-07-01 Lluis Sanchez Gual <lluis@novell.com>
280 * Membership.cs: Read provider info from the config file.
282 2005-06-10 Lluis Sanchez Gual <lluis@novell.com>
284 * MembershipUserCollection.cs:
285 * MembershipPasswordException.cs:
286 * RoleProviderCollection.cs:
287 * ActiveDirectoryMembershipProvider.cs:
288 * SqlMembershipProvider.cs:
289 * MembershipProvider.cs:
290 * SqlRoleProvider.cs:
293 * MembershipProviderCollection.cs:
295 * RoleProvider.cs: Track api changes in ASP.NET 2.0. Implemented
296 some missing methods.
298 * AccessRoleProvider.cs:
299 * AccessMembershipProvider.cs: Removed.
301 * MembershipCreateUserException.cs:
302 * MembershipValidatePasswordEventHandler.cs:
303 * ValidatePasswordEventArgs.cs: Implemented.
305 2005-05-21 Sebastien Pouliot <sebastien@ximian.com>
307 * FormsAuthentication.cs: Hash the UTF8 representation of the password
308 strings (to be compatible with Microsoft implementation).
310 2005-04-20 Gonzalo Paniagua Javier <gonzalo@ximian.com>
312 * FormsAuthentication.cs:
313 * PassportAuthenticationModule.cs:
314 * WindowsAuthenticationModule.cs: removed warnings.
316 2005-03-11 Gonzalo Paniagua Javier <gonzalo@ximian.com>
318 * FormsAuthenticationModule.cs: fix for bug 73545, which caused
319 authentication not to work when the cookie was not persistent.
320 Patch by Ilya Kharmatsky (Mainsoft).
322 2005-02-23 Gonzalo Paniagua Javier <gonzalo@ximian.com>
324 * FormsAuthentication.cs: make the string to be stored in a config.
325 file uppercase... See bug #72557.
327 2005-02-06 Gonzalo Paniagua Javier <gonzalo@ximian.com>
329 * FormsAuthentication.cs: fixed typo when getting the hash for the
330 password in SHA1 and MD5. Thanks to Tadas Dailyda.
331 Lock on a static object instead of typeof(FormsAuthentication).
333 2004-11-18 Lluis Sanchez Gual <lluis@novell.com>
335 * RoleProvider.cs, Roles.cs, SqlRoleProvider.cs, RoleProviderCollection.cs,
336 AccessRoleProvider.cs: IRoleProvider has been renamed to ProviderBase.
337 * IMembershipProvider.cs: Deleted.
338 * MembershipProvider.cs, AccessMembershipProvider.cs, MembershipUser.cs,
339 Membership.cs, ADMembershipProvider.cs, SqlMembershipProvider.cs
340 MembershipProviderCollection.cs: MembershipProvider has been deleted
341 and replaced by the abstract class MembershipProvider.
342 * MembershipProviderCollection.cs: Minor fixes.
343 * ADMembershipProvider.cs: Renamed to ActiveDirectoryMembershipProvider.cs.
345 2004-11-15 Lluis Sanchez Gual <lluis@novell.com>
347 * RoleProviderCollection.cs, MembershipProviderCollection.cs:
350 2004-08-23 Gonzalo Paniagua Javier <gonzalo@ximian.com>
352 * FormsAuthentication.cs: patch by Jim Pease to fix the date on renewal.
354 2004-08-22 Gonzalo Paniagua Javier <gonzalo@ximian.com>
356 * FormsAuthenticationModule.cs: don't renew expired cookies. Only renew
357 the cookie if SlidingExpiration is set. Thanks to Jim Pease.
359 2004-08-03 Sanjay Gupta <gsanjay@novell.com>
361 * MembershipSortOptions.cs:
362 * MembershipPasswordFormat.cs:
363 * MembershipOnlineStatus.cs:
364 * MembershipCreateStatus.cs:
365 * CookieProtection.cs: minor modifications.
367 2004-06-12 Pedro Martnez Juli <yoros@wanadoo.es>
369 * FormsAuthentication.cs: Undo last change.
371 2004-06-12 Pedro Martnez Juli <yoros@wanadoo.es>
373 * FormsAuthentication.cs: go to loginUrl from web.config settings
374 before try with the default ones.
376 2004-06-11 Gonzalo Paniagua Javier <gonzalo@ximian.com>
378 * DefaultAuthenticationModule.cs: set the IPrincipal for this thread
379 once we have a user. Fixes bug #59683.
381 2004-04-21 Gonzalo Paniagua Javier <gonzalo@ximian.com>
383 * FormsAuthenticationModule.cs: re-read configuration files if needed
384 when determining if forms auth. is used.
386 2004-01-23 Gonzalo Paniagua Javier <gonzalo@ximian.com>
388 * FormsAuthentication.cs: added RequireSSL and SlidingExpiration.
390 2004-01-11 Andreas Nahr <ClassDevelopment@A-SoftTech.com>
392 * PassportIdentity.cs: Added v 1.1 members
394 2003-11-25 Ben Maurer <bmaurer@users.sourceforge.net>
396 * AccessMembershipProvider.cs: New v2 file
397 * AccessRoleProvider.cs: New v2 file
398 * ADMembershipProvider.cs: New v2 file
399 * AnonymousIdentificationEventArgs.cs: New v2 file
400 * AnonymousIdentificationEventHandler.cs: New v2 file
401 * AnonymousIdentificationModule.cs: New v2 file
402 * CookieProtection.cs: New v2 file
403 * IMembershipProvider.cs: New v2 file
404 * IRoleProvider.cs: New v2 file
405 * Membership.cs: New v2 file
406 * MembershipCreateStatus.cs: New v2 file
407 * MembershipCreateUserException.cs: New v2 file
408 * MembershipOnlineStatus.cs: New v2 file
409 * MembershipPasswordException.cs: New v2 file
410 * MembershipPasswordFormat.cs: New v2 file
411 * MembershipProviderCollection.cs: New v2 file
412 * MembershipSortOptions.cs: New v2 file
413 * MembershipUser.cs: New v2 file
414 * MembershipUserCollection.cs: New v2 file
415 * RoleManagerEventArgs.cs: New v2 file
416 * RoleManagerEventHandler.cs: New v2 file
417 * RoleManagerModule.cs: New v2 file
418 * RolePrincipal.cs: New v2 file
419 * RoleProviderCollection.cs: New v2 file
420 * Roles.cs: New v2 file
421 * SqlMembershipProvider.cs: New v2 file
422 * SqlRoleProvider.cs: New v2 file
424 2003-11-05 Gonzalo Paniagua Javier <gonzalo@ximian.com>
426 * FormsAuthentication.cs: encoding updates.
428 2003-10-04 Gonzalo Paniagua Javier <gonzalo@ximian.com>
430 * FormsAuthenticationModule.cs: fixed for applications other than /.
432 2003-08-27 Gonzalo Paniagua Javier <gonzalo@ximian.com>
434 * UrlAuthorizationModule.cs: fixed description for status code.
436 2003-07-31 Gonzalo Paniagua Javier <gonzalo@ximian.com>
438 * FormsAuthenticationModule.cs: really renew the ticket. Thanks to
439 Jens Thiel <Jens@Thiel.DE>.
441 2003-02-13 Gonzalo Paniagua Javier <gonzalo@ximian.com>
443 * UrlAuthorizationModule.cs: tell the application not to run any other
444 step apart from EndRequest.
446 2003-02-12 Gonzalo Paniagua Javier <gonzalo@ximian.com>
448 * FormsAuthentication.cs: implemented RedirectFromLoginPage and
451 * FormsAuthenticationModule.cs: redirect to the login page when a 401
454 * UrlAuthorizationModule.cs: check for valid user or render error page.
456 2003-01-04 Gonzalo Paniagua Javier <gonzalo@ximian.com>
458 * DefaultAuthenticationModule.cs: implemented. It just create a default
459 unauthenticated user when no one else provided one.
461 * FormsAuthenticationModule.cs: removed debug output.
463 2002-12-20 Gonzalo Paniagua Javier <gonzalo@ximian.com>
465 * FormsAuthenticationModule.cs: remove debug lines.
467 2002-12-19 Gonzalo Paniagua Javier <gonzalo@ximian.com>
469 * FormsAuthentication.cs: return a null ticket when an exception is
470 thrown creating it. Implemented RenewTicketIfOld.
472 * FormsAuthenticationModule.cs: implemented event handlers for
473 AuthenticateRequest and EndRequest.
475 * FormsAuthenticationTicket.cs: implemented SetDates and Clone methods.
477 2002-12-18 Gonzalo Paniagua Javier <gonzalo@ximian.com>
479 * FormsAuthentication.cs: implemented GetAuthCookie, SetAuthCookie,
480 SignOut, FormsCookieName and FormsCookiePath.
482 2002-12-17 Gonzalo Paniagua Javier <gonzalo@ximian.com>
484 * FormsAuthentication.cs: implemented Authenticate, unencrypted Encrypt
485 and Decrypt, HashPasswordForStoringInConfigFile and Initialize.
487 * FormsAuthenticationTicket.cs: set cookiePath to the default when no
490 2002-08-26 Gonzalo Paniagua Javier <gonzalo@ximian.com>
492 * DefaultAuthenticationEventHandler.cs:
493 * DefaultAuthenticationModule.cs:
494 * FileAuthorizationModule.cs:
495 * FormsAuthentication.cs:
496 * FormsAuthenticationEventArgs.cs:
497 * FormsAuthenticationEventHandler.cs:
498 * FormsAuthenticationModule.cs:
499 * FormsAuthenticationTicket.cs:
501 * PassportAuthenticationEventArgs.cs:
502 * PassportAuthenticationEventHandler.cs:
503 * PassportAuthenticationModule.cs:
504 * PassportIdentity.cs:
505 * UrlAuthorizationModule.cs:
506 * WindowsAuthenticationEventArgs.cs:
507 * WindowsAuthenticationEventHandler.cs:
508 * WindowsAuthenticationModule.cs: new files. Some of them implemented,
509 some others stubbed out.
511 2002-06-03 Gonzalo Paniagua Javier <gonzalo@ximian.com>
513 * DefaultAuthenticationEventArgs.cs: added file.