1 2010-04-28 Marek Habersack <mhabersack@novell.com>
3 * RolePrincipal.cs: class is not sealed in 4.0
5 * MembershipUser.cs: type forwarded to
6 System.Web.ApplicationServices in 4.0.
7 In the 4.0 profile, a MembershipHelper instance is created using
8 reflection, so that the Membership class and password
9 encryption/decryption services can be accessed without referencing
12 * MembershipProvider.cs: type forwarded to
13 System.Web.ApplicationServices in 4.0.
14 {Encrypt,Decrypt}Password implementations moved to
16 Added new EncryptPassword overload for 4.0
18 * MembershipHelper.cs: a helper class to handle password
19 encryption/decryption and to forward requests for certain
20 Membership properties in 4.0. It is used also in 2.0 to keep code
21 cleaner. System.Web.ApplicationServices uses it to access the
22 Membership class without having to reference System.Web
24 * MembershipCreateStatus.cs, MembershipCreateUserException.cs,
25 MembershipPasswordException.cs, MembershipPasswordFormat.cs,
26 MembershipProviderCollection.cs, MembershipUserCollection.cs,
27 MembershipValidatePasswordEventHandler.cs, RoleProvider.cs,
28 ValidatePasswordEventArgs.cs:
29 types forwarded to System.Web.ApplicationServices in 4.0
31 * FormsIdentity.cs: class is not sealed in 4.0
33 2010-02-11 Marek Habersack <mhabersack@novell.com>
35 * Roles.cs: IsUserInRole checks if username is null or empty
36 before attempting to use it. Patch from Tiaan Geldenhuys
37 <tagdev@gmail.com>. thanks!
39 2009-09-22 Sebastien Pouliot <sebastien@ximian.com>
41 * MembershipProvider.cs: Ensure password decryption is always
45 2009-07-09 Gonzalo Paniagua Javier <gonzalo@novell.com>
47 * SqliteMembershipProvider.cs:
48 * UrlAuthorizationModule.cs: use GetSection instead of
49 OpenWebConfiguration+GetSection.
51 2009-05-28 Marek Habersack <mhabersack@novell.com>
53 * FormsAuthenticationModule.cs: if forms authentication login URL
54 is not rooted, make it relative to the application root, so that
55 MapPath maps it correctly.
56 Use String.Compare for checking whether requested URL matches the
57 login URL - be case-insensitive when running on Windows or with
60 2009-03-10 Marek Habersack <mhabersack@novell.com>
62 * UrlAuthorizationModule.cs: OnAuthorizeRequest must use the
63 configuration from <location> elements in the config. Fixes bug
66 2009-02-28 Gonzalo Paniagua Javier <gonzalo@novell.com>
68 * FormsAuthentication.cs: use GetWebApplication instead of GetSection
69 for application level configuration.
71 2009-01-12 Marek Habersack <mhabersack@novell.com>
73 * MembershipUserCollection.cs: CopyTo overloads use store.Values
74 as the copy source. Fixes bug #464783. Patch from Christian
75 Prochnow <cproch@seculogix.de>
77 2008-12-25 Gonzalo Paniagua Javier <gonzalo@novell.com>
80 * SqlMembershipProvider.cs: use IndexOf (char) instead of
83 2008-08-20 Marek Habersack <mhabersack@novell.com>
85 * Membership.cs: implemented the HashAlgorithmType property. Fixes
88 2008-06-30 Marek Habersack <mhabersack@novell.com>
90 * SqliteMembershipProvider.cs, SqliteRoleProvider.cs: remove
93 * SqlRoleProvider.cs, AspNetDBSchemaChecker.cs: hush the warnings
95 2008-05-30 Marek Habersack <mhabersack@novell.com>
97 * AnonymousIdentificationModule.cs, FormsAuthenticationModule.cs,
98 DefaultAuthenticationModule.cs, MembershipProvider.cs,
99 WindowsAuthenticationModule.cs, PassportAuthenticationModule.cs,
100 RoleManagerModule.cs: do not use synthetized event accessors (to
103 2008-05-07 Marek Habersack <mhabersack@novell.com>
105 * RolePrincipal.cs: fix:
106 - Reloading the roles cache from the provider when expired
107 - Update issue & expiry date for expired tickets
108 - Incrementing the cookie expiry date
109 - Obey Roles.MaxCachedResults
110 Fixes bug #385877. Patch from Ivan Hamilton
111 <ivan@chimerical.com.au>, thanks!
113 2008-03-10 Marek Habersack <mhabersack@novell.com>
115 * RoleManagerModule.cs: initialize _config before adding event
116 handlers and account for the fact that _config might still be null
117 in the methods that use it.
119 2007-12-30 Vladimir Krasnov <vladimirk@mainsoft.com>
121 * SqliteMembershipProvider.cs, SqlRoleProvider.cs: added chema checking
122 * added AspNetDBSchemaChecker.cs: schema checker helper class
124 2007-12-11 Vladimir Krasnov <vladimirk@mainsoft.com>
126 * Roles.cs: fixed Providers property to be thread safe
128 2007-12-08 Marek Habersack <mhabersack@novell.com>
130 * SqliteRoleProvider.cs: added - a Role Provider for
131 Sqlite, based on PostgreSQL Role Provider code from Daniel
132 Nauck <dna@informatik.uni-kiel.de>
134 * SqliteMembershipProvider.cs: added - a Membership Provider for
135 Sqlite, based on PostgreSQL Membership Provider code from Daniel
136 Nauck <dna@informatik.uni-kiel.de>
138 2007-11-28 Marek Habersack <mhabersack@novell.com>
140 * SqlMembershipProvider.cs: handle situation when there is no
141 connection string configured for the SQL Membership Provider.
143 2007-11-01 Marek Habersack <mhabersack@novell.com>
145 * RolePrincipal.cs, MembershipProvider.cs: use the new
146 MachineKeySectionUtils class wherever necessary.
148 * FormsAuthentication.cs: use the new MachineKeySectionUtils class
150 GetHexString is a private method again.
152 2007-10-31 Marek Habersack <mhabersack@novell.com>
154 * FormsAuthentication.cs: made GetHexString an internal method -
155 it is used in the AssemblyResourceLoader.cs
157 2007-08-14 Marek Habersack <mhabersack@novell.com>
159 * Roles.cs: remove unused field.
161 * SqlMembershipProvider.cs: remove unused variable.
163 2007-08-13 Vladimir Krasnov <vladimirk@mainsoft.com>
165 * SqlRoleProvider.cs: fixed ApplicationName initialization
167 2007-06-24 Vladimir Krasnov <vladimirk@mainsoft.com>
169 * FormsAuthentication.cs: improved performance of GetHexString()
171 2007-05-17 Vladimir Krasnov <vladimirk@mainsoft.com>
173 * SqlMembershipProvider.cs: fixed DeleteUser, fixed parameter name
175 2007-05-14 Igor Zelmanovich <igorz@mainsoft.com>
177 * SqlMembershipProvider.cs: Fix parameter binding to stored procedures.
179 2007-05-09 Igor Zelmanovich <igorz@mainsoft.com>
181 * PassportIdentity.cs:
182 added MonoNotSupported attribute.
184 2007-05-02 Marek Habersack <mhabersack@novell.com>
186 * FormsAuthentication.cs: user names are stored in lowercase in
187 the credentials database.
189 2007-04-29 Igor Zelmanovich <igorz@mainsoft.com>
191 * FormsAuthenticationModule.cs:
192 Redirect to login page doesn't cause thread abort.
194 2007-04-19 Igor Zelmanovich <igorz@mainsoft.com>
196 * SqlMembershipProvider.cs:
197 ChangePassword throws exception if new password has invalid format.
199 2007-04-17 Igor Zelmanovich <igorz@mainsoft.com>
203 if default provider was not found ConfigurationErrorsException is thrown.
205 2007-04-12 Marek Habersack <mhabersack@novell.com>
207 * RoleManagerModule.cs: do not try to decrypt encryption tickets
208 from cookies with empty values.
210 2007-04-04 Juraj Skripsky <js@hotfeet.ch>
212 * FormsAuthenticationModule.cs: Move initialization of _config out
213 of Init() as app.Context is null in that method when a session is
214 about to be terminated.
216 2007-03-21 Vladimir Krasnov <vladimirk@mainsoft.com>
218 * AnonymousIdentificationModule.cs: optimized Config property
220 2007-03-21 Vladimir Krasnov <vladimirk@mainsoft.com>
222 * AnonymousIdentificationModule.cs: added configuration section caching
223 to AppDomain for TARGET_JVM
224 * RoleManagerModule.cs:
225 * UrlAuthorizationModule.cs:
226 * FormsAuthenticationModule.cs: refactored configuration section to be
229 2007-03-20 Marek Habersack <mhabersack@novell.com>
231 * FormsAuthentication.cs, Roles.cs: remove roles cookie on sign
232 out. Fixes bug #81195. Patch from Mike Morano <mmorano@mikeandwan.us>.
234 2007-03-12 Marek Habersack <mhabersack@novell.com>
236 * RolePrincipal.cs: decrypt the roles ticket properly. Makes role
237 caching in cookies work. Fixes bug #81117. Patch from Mike Morano
238 <mmorano@mikeandwan.us>
240 2007-03-02 Marek Habersack <mhabersack@novell.com>
242 * SqlMembershipProvider.cs: cast PasswordFormat to int, so that
243 the parameter code can infer the sql type. Makes user creation,
244 password reset etc. work.
246 2007-02-28 Andreia Gaita <avidigal@novell.com>
248 * SqlRoleProvider.cs: Fix parameter binding to stored procedures.
249 * SqlMembershipProvider.cs: Fix parameter binding to stored procedures.
250 CreateUser() doesn't use transactions in MS asp.net, so removed the
253 2007-02-19 Vladimir Krasnov <vladimirk@mainsoft.com>
255 * RoleManagerModule.cs: fixed role chaching in OnEndRequest and
256 OnPostAuthenticateRequest
257 * RolePrincipal.cs: implemented ToEncryptedTicket, implemented caching
259 * Roles.cs: implemented DeleteCookie, fixed CookieProtectionValue to
260 get it's value from configuration
262 2007-02-08 Marek Habersack <grendello@gmail.com>
264 * FormsAuthenticationModule.cs: Expire auth tickets properly.
266 * MembershipProvider.cs: Do not clear the password before
269 2007-01-20 Miguel de Icaza <miguel@novell.com>
271 * SqlRoleProvider.cs: comment out unused code.
273 * SqlMembershipProvider.cs: Removed unused variables.
274 Remove unused variable.
276 * AnonymousIdentificationModule.cs (ClearAnonymousIdentifier):
277 remove unused variable. This might be a real bug.
279 2007-01-16 Vladimir Krasnov <vladimirk@mainsoft.com>
281 * RoleManagerModule.cs: fixed OnPostAuthenticateRequest,
282 CacheRolesInCookie not supported yet
283 * Roles.cs: fixed DeleteCookie, CacheRolesInCookie not supported yet
285 2007-01-11 Adar Wesley <adarw@mainsoft.com>
287 * MembershipProvider.cs: fixed EncryptPassword to use password buffer length
289 2007-01-04 Vladimir Krasnov <vladimirk@mainsoft.com>
291 * AnonymousIdentificationModule.cs: fixed OnEnter, fixed failure on
292 incorrect cookie value that browser may hold
294 2006-12-27 Vladimir Krasnov <vladimirk@mainsoft.com>
296 * FormsAuthentication.cs: added internal ReturnUrl property,
297 GetRedirectUrl added usage of ReturnUrl
299 2006-12-12 Vladimir Krasnov <vladimirk@mainsoft.com>
301 * FormsAuthentication.cs: TARGET_J2EE define for static members
303 2006-12-06 Vladimir Krasnov <vladimirk@mainsoft.com>
305 * FormsAuthenticationModule.cs: fixed OnAuthenticateRequest, suppress
306 exception on wrong ticket
308 2006-12-03 Igor Zelmanovich <igorz@mainsoft.com>
310 * FormsAuthenticationModule.cs:
311 set SkipAuthorization=true for WebResource.axd
313 2006-11-27 Vladimir Krasnov <vladimirk@mainsoft.com>
315 * SqlMembershipProvider.cs: typo bug
317 2006-11-21 Vladimir Krasnov <vladimirk@mainsoft.com>
319 * SqlMembershipProvider.cs: fixed fixed exception type in GetPassword
322 2006-11-20 Igor Zelmanovich <igorz@mainsoft.com>
324 * SqlMembershipProvider.cs: fixed: UpdateUser works properly.
326 2006-11-15 Igor Zelmanovich <igorz@mainsoft.com>
328 * SqlMembershipProvider.cs: fixed: name is used for ReturnValue parameter.
330 2006-11-05 Vladimir Krasnov <vladimirk@mainsoft.com>
332 * AnonymousIdentificationModule.cs: fixed anonymous id cookie
334 2006-11-05 Vladimir Krasnov <vladimirk@mainsoft.com>
336 * MembershipProvider.cs, SqlMembershipProvider.cs:
337 refactoring of DecryptPassword and EncryptPassword methods according
340 2006-09-10 Konstantin Triger <kostat@mainsoft.com>
342 * SqlRoleProvider.cs: throw on empty connection string.
344 2006-09-26 Vladimir Krasnov <vladimirk@mainsoft.com>
346 * Membership.cs: fixed GetAllUsers, typo bug
347 * SqlRoleProvider.cs, SqlMembershipProvider.cs: refactored to use
348 aspnetdb built in stored procedures,
349 fixed application name and membership relation,
350 improved exception handling
352 2006-09-03 Igor Zelmanovich <igorz@mainsoft.com>
354 * RolePrincipal.cs: refactoring: instance can be serialized.
356 2006-09-03 Igor Zelmanovich <igorz@mainsoft.com>
358 * SqlMembershipProvider.cs: fixed GetUser,
359 when username is String.Empty methods returns null.
361 2006-08-31 Konstantin Triger <kostat@mainsoft.com>
363 * SqlRoleProvider.cs: fixed initialization.
365 2006-08-31 Igor Zelmanovich <igorz@mainsoft.com>
367 * SqlMembershipProvider.cs: fixed CreateUser,
368 password is checked, properties MinRequiredPasswordLength and
369 MinRequiredNonAlphanumericCharacters are considered.
371 2006-08-29 Konstantin Triger <kostat@mainsoft.com>
373 * SqlMembershipProvider.cs: fix dispose order of reader vs connection.
375 2006-08-28 Igor Zelmanovich <igorz@mainsoft.com>
377 * SqlMembershipProvider.cs: fixed CreateUser, parameter isApproved is
380 2006-08-28 Konstantin Triger <kostat@mainsoft.com>
382 * SqlMembershipProvider.cs: ensure GetUser() returns null if it cannot
383 retrieve user information.
385 2006-08-28 Konstantin Triger <kostat@mainsoft.com>
387 * SqlRoleProvider.cs, SqlMembershipProvider.cs:
388 "use SqlClientFactory in case the ProviderName is not specified.
390 2006-08-27 Konstantin Triger <kostat@mainsoft.com>
392 * SqlRoleProvider.cs: enable concurrent usage, refactoring.
394 2006-08-27 Konstantin Triger <kostat@mainsoft.com>
396 * SqlMembershipProvider.cs: enable concurrent usage, refactoring.
398 2006-08-27 Vladimir Krasnov <vladimirk@mainsoft.com>
400 * SqlMembershipProvider.cs: fixed ValidateUser, bug when user
403 2006-08-14 Gonzalo Paniagua Javier <gonzalo@ximian.com>
405 * FormsAuthentication.cs: set the Secure attribute of the authentication
406 cookie when required.
408 2006-07-06 Konstantin Triger <kostat@mainsoft.com>
410 * FormsAuthentication.cs: Ensure initialized, fix url mapping.
412 2006-05-03 Chris Toshok <toshok@ximian.com>
414 * SqlMembershipProvider.cs (GetAlg): move this here for the time
415 being, as it's the only class that uses it.
416 (HashAndBase64Encode): nuke.
417 (EncryptAndBase64Encode): nuke.
418 (Base64DecodeAndDecrypt): nuke.
419 (DecryptPassword): new function.
420 (EncryptPassword): new function.
421 (ChangePassword): replace the switch with a call to
423 (ChangePasswordQuestionAndAnswer): same.
425 (ResetPassword): same.
426 (ValidateUsingPassword): same.
427 (ValidateUsingPasswordAnswer): same.
428 (GetPassword): same, and throw MembershipPasswordException if the
429 password answer is incorrect.
431 * MembershipProvider.cs (InitVector): nuke this. it's actually
432 the salt from the database (for the sql provider, anyway).
433 (EncodePassword): based on the password format, password, and
434 salt, encode it. Makes use of EncryptPassword.
435 (DecodePassword): likewise for decoding, makes use of
437 (DecryptPassword): revert this to throwing
438 NotImplementedException, as the sql provideroverrides it to
439 perform the actual decryption.
440 (EncryptPassword): same.
442 2006-05-02 Chris Toshok <toshok@ximian.com>
444 * SqlMembershipProvider.cs: 85% complete, maybe more. The major
445 functionality should work. Password retrieval (and encrypted
446 passwords in general) is untested.
448 2006-05-01 Chris Toshok <toshok@ximian.com>
450 * Membership.cs (GeneratePassword): don't include quotes (',",`)
451 in the set of characters in the generated passwords.
453 2006-05-01 Chris Toshok <toshok@ximian.com>
455 * MembershipProvider.cs (GetAlg): switch from Exception to
456 ProviderException to match MS behavior (and fix the unit test.)
458 * Membership.cs (GeneratePassword): implement.
460 2006-05-01 Chris Toshok <toshok@ximian.com>
462 * SqlMembershipProvider.cs: lots more work. checking this in in
463 its present state because I don't want to lose it. It still needs
466 * Membership.cs (.cctor): remove the fallback.
467 (ValidatingPassword): remove the MonoTODO.
469 * MembershipProvider.cs (DecryptPassword): implement.
470 (EncryptPassword): implement.
471 (GetAlg): helper function for Decrypt/EncryptPassword.
474 2006-04-27 Chris Toshok <toshok@ximian.com>
476 * SqlMembershipProvider.cs (GeneratePassword): call
477 Membership.GeneratePassword with the configured minimum strength
480 2006-04-27 Chris Toshok <toshok@ximian.com>
482 * SqlMembershipProvider.cs (UnlockUser): fix sql query, and move
483 the CheckPararm call to the top of the method.
485 2006-04-12 Chris Toshok <toshok@ximian.com>
487 * SqlMembershipProvider.cs: commit initial pass at
488 SqlMembershipProvider work. lots of stuff untested in here.
490 2006-04-11 Chris Toshok <toshok@ximian.com>
492 * MembershipUser.cs (.ctor): per Shackow's book, all DateTime's
493 are converted using ToUniversalTime when passed into this class.
494 (UpdateSelf): update ourselves from the passed in MembershipUser,
495 swallowing NotSupportedExceptions.
496 (UpdateUser): fetch a new MembershipUser from the db and call
498 (ChangePassword): call UpdateUser after changing the password.
499 (ChangePasswordQuestionAndAnswer): same.
500 (ResetPassword): same.
501 (UnlockUser): same. Also, don't explicitly set isLockedOut.
502 It'll be updated in UpdateSelf.
503 (CreationDate): getter calls ToLocalTime, setter calls
505 (LastActivityDate): same.
506 (LastLoginDate): same.
507 (LastPasswordChangedDate): same.
508 (LastLockoutDate): same.
510 * Membership.cs (.cctor): use
511 ProvidersHelper.InstantitateProviders, and remove some unnecessary
514 2006-03-29 Chris Toshok <toshok@ximian.com>
516 * SqlRoleProvider.cs: do the LOWER's in SQL, not in C#.
518 2006-03-23 Chris Toshok <toshok@ximian.com>
520 * Roles.cs: make this 2.0 configuration aware.
522 * SqlRoleProvider.cs: flesh out all the operations. the only
523 things that need dealing with are the Initialize method's handling
524 of a few parameters, and the ApplicationName property.
526 2006-03-23 Chris Toshok <toshok@ximian.com>
528 * DefaultAuthenticationModule.cs (OnDefaultAuthentication): always
529 set Thread.CurrentPrincipal, not just if we set it to the
532 2006-03-22 Chris Toshok <toshok@ximian.com>
534 * RoleManagerModule.cs: implement using info in Shackow's book.
536 * RolePrincipal.cs: flesh this out a bit more.
538 * DefaultAuthenticationModule.cs (OnDefaultAuthentication):
539 according to Shackow's book, this sets Thread.CurrentPrincipal as
540 well as HttpContext.Current.User.
542 2006-02-28 Chris Toshok <toshok@ximian.com>
544 * FormsAuthentication.cs: corcompare work.
546 * MembershipCreateUserException.cs: same.
548 * MembershipPasswordException.cs: same.
550 * AnonymousIdentificationModule.cs: same.
552 2006-02-01 Chris Toshok <toshok@ximian.com>
554 * FormsAuthentication.cs, Membership.cs,
555 FormsAuthenticationModule.cs, UrlAuthorizationModule.cs: oops,
556 replace GetWebApplicationSection with GetSection.
558 2006-02-01 Chris Toshok <toshok@ximian.com>
560 * FormsAuthentication.cs: CONFIGURATION_2_0 => NET_2_0.
561 simplifies the ifdef mess quite a bit.
563 * Membership.cs: same.
565 * FormsAuthenticationModule.cs: same.
567 * UrlAuthorizationModule.cs: same.
569 2006-01-04 Chris Toshok <toshok@ximian.com>
571 * FormsAuthentication.cs (Authenticate): add CONFIGURATION_2_0
578 2006-01-04 Chris Toshok <toshok@ximian.com>
580 * Membership.cs (.cctor): enable the code here under
583 2006-01-03 Chris Toshok <toshok@ximian.com>
585 * UrlAuthorizationModule.cs (OnAuthorizeRequest): add
586 CONFIGURATION_2_0 code here.
588 2005-12-22 Gonzalo Paniagua Javier <gonzalo@ximian.com>
590 * FormsAuthentication.cs: don't end the request in
591 RedirectFromLoginPage.
593 2005-12-22 Gonzalo Paniagua Javier <gonzalo@ximian.com>
595 * FormsAuthenticationModule.cs: expire the cookie. Fixes bug #77043.
596 Patch by Cyrille Colin.
598 2005-12-13 Gonzalo Paniagua Javier <gonzalo@ximian.com>
600 * FormsAuthenticationModule.cs: ignore any exception thrown when mapping
601 the provided virtual path to the physical one. Patch by Cyrille Colin.
603 2005-11-28 Chris Toshok <toshok@ximian.com>
605 * FormsAuthenticationModule.cs (OnAuthenticateRequest):
606 CONFIGURATION_2_0 work.
607 (OnEndRequest): same.
609 2005-09-09 Sebastien Pouliot <sebastien@ximian.com>
611 * DefaultAuthenticationEventArgs.cs: Added LinkDemand for Minimal.
612 * DefaultAuthenticationModule.cs: Added LinkDemand for Minimal. Added
613 Demand for UnmanagedCode on constructor.
614 * FileAuthorizationModule.cs: Added LinkDemand for Minimal. Added
615 Demand for UnmanagedCode on constructor.
616 * FormsAuthentication.cs: Added LinkDemand for Minimal.
617 * FormsAuthenticationEventArgs.cs: Added LinkDemand for Minimal.
618 * FormsAuthenticationModule.cs: Added LinkDemand for Minimal. Added
619 Demand for UnmanagedCode on constructor.
620 * FormsAuthenticationTicket.cs: Added LinkDemand for Minimal.
621 * FormsIdentity.cs: Added LinkDemand for Minimal.
622 * PassportAuthenticationEventArgs.cs: Added LinkDemand for Minimal.
623 * PassportAuthenticationModule.cs: Added LinkDemand for Minimal. Added
624 Demand for UnmanagedCode on constructor.
625 * PassportIdentity.cs: Added LinkDemand for Minimal. Added Demand for
626 UnmanagedCode on constructor.
627 * UrlAuthorizationModule.cs: Added LinkDemand for Minimal. Added
628 Demand for UnmanagedCode on constructor.
629 * WindowsAuthenticationEventArgs.cs: Added LinkDemand for Minimal.
630 * WindowsAuthenticationModule.cs: Added LinkDemand for Minimal. Added
631 Demand for UnmanagedCode on constructor.
633 2005-09-01 Sebastien Pouliot <sebastien@ximian.com>
635 * FormsAuthenticationEventArgs.cs: Ensure the setter for User is
636 protected by a demand for ControlPrincipal.
637 * PassportAuthenticationEventArgs.cs: Ensure the setter for User is
638 protected by a demand for ControlPrincipal.
639 * WindowsAuthenticationEventArgs.cs: Ensure the setter for User is
640 protected by a demand for ControlPrincipal.
642 2005-08-25 Sebastien Pouliot <sebastien@ximian.com>
644 * FormsAuthentication.cs: With 2.0 we can get the default properties
645 and call Initialize without a NRE.
647 2005-08-25 Sebastien Pouliot <sebastien@ximian.com>
649 * ActiveDirectoryConnectionProtection.cs: New (2.0) enum.
650 * ActiveDirectoryMembershipProvider.cs: Fixed 2.0 API.
651 * AnonymousIdentificationEventArgs.cs: Fixed AnonymousID property case.
652 * AnonymousIdentificationModule.cs: Fixed 2.0 API.
653 * FileAuthorizationModule.cs: Added static CheckFileAccessForUser in
655 * FormsAuthentication.cs: Added missing 2.0 properties with their
657 * MembershipCreateStatus.cs: Fixed enum values/names.
658 * MembershipProvider.cs: Added stub for [Decrypt|Encrypt]Password. Both
659 methods don't seems to work without an active provider.
660 * PassportIdentity.cs: Added IDispose for 2.0 profile.
661 * Roles.cs: Added missing beta2 bits and default values (which are the
662 only things working without a role provider (web.config).
663 * RolePrincipal.cs: Fixed 2.0 API. Implemented a few bits.
664 * SqlRoleProvider.cs: Fixed 2.0 API.
665 * UrlAuthorizationModule.cs: Added static CheckUrlAccessForPrincipal in
668 2005-08-24 Sebastien Pouliot <sebastien@ximian.com>
670 * MembershipUserCollection.cs: Fix exceptions.
672 2005-08-22 Sebastien Pouliot <sebastien@ximian.com>
674 * FormsAuthentication.cs: Add some 2.0 stuff required for Login*
677 2005-08-18 Sebastien Pouliot <sebastien@ximian.com>
679 * Membership.cs: Commented unworking parts of the .cctor to allow
680 testing the Login control.
681 * MembershipProviderCollection.cs: Fixed exception handling.
682 * SqlMembershipProvider.cs: Don't throw NotImplementedException
683 everywhere so Membership's .cctor (somewhat) works. Removed
684 Description property (not in beta2).
686 2005-07-28 Gonzalo Paniagua Javier <gonzalo@ximian.com>
688 * FormsAuthentication.cs: allow hardware acceleration support if
689 available. Sebastien dixit.
691 2005-07-26 Gonzalo Paniagua Javier <gonzalo@ximian.com>
693 * FormsAuthentication.cs: the init_vector must be the same accross
694 restarts, otherwise the cookie does not work even when a decryption
695 key is provided. Initialize it to the bytes of the cookie name. Fixes
698 2005-07-25 Eyal Alaluf <eyala@mainsoft.com>
700 * FormsAuthenticationModule.cs: Check for null config
702 2005-07-25 Miguel de Icaza <miguel@novell.com>
704 * FormsAuthentication.cs (SignOut): Force the cookie to have it
707 2005-07-25 Gonzalo Paniagua Javier <gonzalo@ximian.com>
709 * FormsAuthentication.cs: my previous patch missed a "small" detail: it
710 didn't include the verification key when computing/checking the
711 validation hash. Now this is really a MAC or HMAC or...
713 2005-07-25 Gonzalo Paniagua Javier <gonzalo@ximian.com>
715 * FormsAuthentication.cs:
716 * FormsAuthenticationTicket.cs: added support for validation and
717 encryption of the auth. cookie and improved serialization of the ticket.
719 2005-07-01 Lluis Sanchez Gual <lluis@novell.com>
721 * Membership.cs: Read provider info from the config file.
723 2005-06-10 Lluis Sanchez Gual <lluis@novell.com>
725 * MembershipUserCollection.cs:
726 * MembershipPasswordException.cs:
727 * RoleProviderCollection.cs:
728 * ActiveDirectoryMembershipProvider.cs:
729 * SqlMembershipProvider.cs:
730 * MembershipProvider.cs:
731 * SqlRoleProvider.cs:
734 * MembershipProviderCollection.cs:
736 * RoleProvider.cs: Track api changes in ASP.NET 2.0. Implemented
737 some missing methods.
739 * AccessRoleProvider.cs:
740 * AccessMembershipProvider.cs: Removed.
742 * MembershipCreateUserException.cs:
743 * MembershipValidatePasswordEventHandler.cs:
744 * ValidatePasswordEventArgs.cs: Implemented.
746 2005-05-21 Sebastien Pouliot <sebastien@ximian.com>
748 * FormsAuthentication.cs: Hash the UTF8 representation of the password
749 strings (to be compatible with Microsoft implementation).
751 2005-04-20 Gonzalo Paniagua Javier <gonzalo@ximian.com>
753 * FormsAuthentication.cs:
754 * PassportAuthenticationModule.cs:
755 * WindowsAuthenticationModule.cs: removed warnings.
757 2005-03-11 Gonzalo Paniagua Javier <gonzalo@ximian.com>
759 * FormsAuthenticationModule.cs: fix for bug 73545, which caused
760 authentication not to work when the cookie was not persistent.
761 Patch by Ilya Kharmatsky (Mainsoft).
763 2005-02-23 Gonzalo Paniagua Javier <gonzalo@ximian.com>
765 * FormsAuthentication.cs: make the string to be stored in a config.
766 file uppercase... See bug #72557.
768 2005-02-06 Gonzalo Paniagua Javier <gonzalo@ximian.com>
770 * FormsAuthentication.cs: fixed typo when getting the hash for the
771 password in SHA1 and MD5. Thanks to Tadas Dailyda.
772 Lock on a static object instead of typeof(FormsAuthentication).
774 2004-11-18 Lluis Sanchez Gual <lluis@novell.com>
776 * RoleProvider.cs, Roles.cs, SqlRoleProvider.cs, RoleProviderCollection.cs,
777 AccessRoleProvider.cs: IRoleProvider has been renamed to ProviderBase.
778 * IMembershipProvider.cs: Deleted.
779 * MembershipProvider.cs, AccessMembershipProvider.cs, MembershipUser.cs,
780 Membership.cs, ADMembershipProvider.cs, SqlMembershipProvider.cs
781 MembershipProviderCollection.cs: MembershipProvider has been deleted
782 and replaced by the abstract class MembershipProvider.
783 * MembershipProviderCollection.cs: Minor fixes.
784 * ADMembershipProvider.cs: Renamed to ActiveDirectoryMembershipProvider.cs.
786 2004-11-15 Lluis Sanchez Gual <lluis@novell.com>
788 * RoleProviderCollection.cs, MembershipProviderCollection.cs:
791 2004-08-23 Gonzalo Paniagua Javier <gonzalo@ximian.com>
793 * FormsAuthentication.cs: patch by Jim Pease to fix the date on renewal.
795 2004-08-22 Gonzalo Paniagua Javier <gonzalo@ximian.com>
797 * FormsAuthenticationModule.cs: don't renew expired cookies. Only renew
798 the cookie if SlidingExpiration is set. Thanks to Jim Pease.
800 2004-08-03 Sanjay Gupta <gsanjay@novell.com>
802 * MembershipSortOptions.cs:
803 * MembershipPasswordFormat.cs:
804 * MembershipOnlineStatus.cs:
805 * MembershipCreateStatus.cs:
806 * CookieProtection.cs: minor modifications.
808 2004-06-12 Pedro Martnez Juli <yoros@wanadoo.es>
810 * FormsAuthentication.cs: Undo last change.
812 2004-06-12 Pedro Martnez Juli <yoros@wanadoo.es>
814 * FormsAuthentication.cs: go to loginUrl from web.config settings
815 before try with the default ones.
817 2004-06-11 Gonzalo Paniagua Javier <gonzalo@ximian.com>
819 * DefaultAuthenticationModule.cs: set the IPrincipal for this thread
820 once we have a user. Fixes bug #59683.
822 2004-04-21 Gonzalo Paniagua Javier <gonzalo@ximian.com>
824 * FormsAuthenticationModule.cs: re-read configuration files if needed
825 when determining if forms auth. is used.
827 2004-01-23 Gonzalo Paniagua Javier <gonzalo@ximian.com>
829 * FormsAuthentication.cs: added RequireSSL and SlidingExpiration.
831 2004-01-11 Andreas Nahr <ClassDevelopment@A-SoftTech.com>
833 * PassportIdentity.cs: Added v 1.1 members
835 2003-11-25 Ben Maurer <bmaurer@users.sourceforge.net>
837 * AccessMembershipProvider.cs: New v2 file
838 * AccessRoleProvider.cs: New v2 file
839 * ADMembershipProvider.cs: New v2 file
840 * AnonymousIdentificationEventArgs.cs: New v2 file
841 * AnonymousIdentificationEventHandler.cs: New v2 file
842 * AnonymousIdentificationModule.cs: New v2 file
843 * CookieProtection.cs: New v2 file
844 * IMembershipProvider.cs: New v2 file
845 * IRoleProvider.cs: New v2 file
846 * Membership.cs: New v2 file
847 * MembershipCreateStatus.cs: New v2 file
848 * MembershipCreateUserException.cs: New v2 file
849 * MembershipOnlineStatus.cs: New v2 file
850 * MembershipPasswordException.cs: New v2 file
851 * MembershipPasswordFormat.cs: New v2 file
852 * MembershipProviderCollection.cs: New v2 file
853 * MembershipSortOptions.cs: New v2 file
854 * MembershipUser.cs: New v2 file
855 * MembershipUserCollection.cs: New v2 file
856 * RoleManagerEventArgs.cs: New v2 file
857 * RoleManagerEventHandler.cs: New v2 file
858 * RoleManagerModule.cs: New v2 file
859 * RolePrincipal.cs: New v2 file
860 * RoleProviderCollection.cs: New v2 file
861 * Roles.cs: New v2 file
862 * SqlMembershipProvider.cs: New v2 file
863 * SqlRoleProvider.cs: New v2 file
865 2003-11-05 Gonzalo Paniagua Javier <gonzalo@ximian.com>
867 * FormsAuthentication.cs: encoding updates.
869 2003-10-04 Gonzalo Paniagua Javier <gonzalo@ximian.com>
871 * FormsAuthenticationModule.cs: fixed for applications other than /.
873 2003-08-27 Gonzalo Paniagua Javier <gonzalo@ximian.com>
875 * UrlAuthorizationModule.cs: fixed description for status code.
877 2003-07-31 Gonzalo Paniagua Javier <gonzalo@ximian.com>
879 * FormsAuthenticationModule.cs: really renew the ticket. Thanks to
880 Jens Thiel <Jens@Thiel.DE>.
882 2003-02-13 Gonzalo Paniagua Javier <gonzalo@ximian.com>
884 * UrlAuthorizationModule.cs: tell the application not to run any other
885 step apart from EndRequest.
887 2003-02-12 Gonzalo Paniagua Javier <gonzalo@ximian.com>
889 * FormsAuthentication.cs: implemented RedirectFromLoginPage and
892 * FormsAuthenticationModule.cs: redirect to the login page when a 401
895 * UrlAuthorizationModule.cs: check for valid user or render error page.
897 2003-01-04 Gonzalo Paniagua Javier <gonzalo@ximian.com>
899 * DefaultAuthenticationModule.cs: implemented. It just create a default
900 unauthenticated user when no one else provided one.
902 * FormsAuthenticationModule.cs: removed debug output.
904 2002-12-20 Gonzalo Paniagua Javier <gonzalo@ximian.com>
906 * FormsAuthenticationModule.cs: remove debug lines.
908 2002-12-19 Gonzalo Paniagua Javier <gonzalo@ximian.com>
910 * FormsAuthentication.cs: return a null ticket when an exception is
911 thrown creating it. Implemented RenewTicketIfOld.
913 * FormsAuthenticationModule.cs: implemented event handlers for
914 AuthenticateRequest and EndRequest.
916 * FormsAuthenticationTicket.cs: implemented SetDates and Clone methods.
918 2002-12-18 Gonzalo Paniagua Javier <gonzalo@ximian.com>
920 * FormsAuthentication.cs: implemented GetAuthCookie, SetAuthCookie,
921 SignOut, FormsCookieName and FormsCookiePath.
923 2002-12-17 Gonzalo Paniagua Javier <gonzalo@ximian.com>
925 * FormsAuthentication.cs: implemented Authenticate, unencrypted Encrypt
926 and Decrypt, HashPasswordForStoringInConfigFile and Initialize.
928 * FormsAuthenticationTicket.cs: set cookiePath to the default when no
931 2002-08-26 Gonzalo Paniagua Javier <gonzalo@ximian.com>
933 * DefaultAuthenticationEventHandler.cs:
934 * DefaultAuthenticationModule.cs:
935 * FileAuthorizationModule.cs:
936 * FormsAuthentication.cs:
937 * FormsAuthenticationEventArgs.cs:
938 * FormsAuthenticationEventHandler.cs:
939 * FormsAuthenticationModule.cs:
940 * FormsAuthenticationTicket.cs:
942 * PassportAuthenticationEventArgs.cs:
943 * PassportAuthenticationEventHandler.cs:
944 * PassportAuthenticationModule.cs:
945 * PassportIdentity.cs:
946 * UrlAuthorizationModule.cs:
947 * WindowsAuthenticationEventArgs.cs:
948 * WindowsAuthenticationEventHandler.cs:
949 * WindowsAuthenticationModule.cs: new files. Some of them implemented,
950 some others stubbed out.
952 2002-06-03 Gonzalo Paniagua Javier <gonzalo@ximian.com>
954 * DefaultAuthenticationEventArgs.cs: added file.