2010-06-19 Marek Habersack * FormsAuthentication.cs: Authenticate must compare stored and newly hashed passwords case-insensitively. Fixes bug #601727 2010-04-29 Marek Habersack * FormsAuthentication.cs: set authentication/expiry cookie domain. Fixes bug #600740. Patch from Stuart Siegrist , thanks! 2010-04-28 Marek Habersack * RolePrincipal.cs: class is not sealed in 4.0 * MembershipUser.cs: type forwarded to System.Web.ApplicationServices in 4.0. In the 4.0 profile, a MembershipHelper instance is created using reflection, so that the Membership class and password encryption/decryption services can be accessed without referencing System.Web * MembershipProvider.cs: type forwarded to System.Web.ApplicationServices in 4.0. {Encrypt,Decrypt}Password implementations moved to MembershipHelper. Added new EncryptPassword overload for 4.0 * MembershipHelper.cs: a helper class to handle password encryption/decryption and to forward requests for certain Membership properties in 4.0. It is used also in 2.0 to keep code cleaner. System.Web.ApplicationServices uses it to access the Membership class without having to reference System.Web * MembershipCreateStatus.cs, MembershipCreateUserException.cs, MembershipPasswordException.cs, MembershipPasswordFormat.cs, MembershipProviderCollection.cs, MembershipUserCollection.cs, MembershipValidatePasswordEventHandler.cs, RoleProvider.cs, ValidatePasswordEventArgs.cs: types forwarded to System.Web.ApplicationServices in 4.0 * FormsIdentity.cs: class is not sealed in 4.0 2010-02-11 Marek Habersack * Roles.cs: IsUserInRole checks if username is null or empty before attempting to use it. Patch from Tiaan Geldenhuys . thanks! 2009-09-22 Sebastien Pouliot * MembershipProvider.cs: Ensure password decryption is always possible. [Fix bug #538406] 2009-07-09 Gonzalo Paniagua Javier * SqliteMembershipProvider.cs: * UrlAuthorizationModule.cs: use GetSection instead of OpenWebConfiguration+GetSection. 2009-05-28 Marek Habersack * FormsAuthenticationModule.cs: if forms authentication login URL is not rooted, make it relative to the application root, so that MapPath maps it correctly. Use String.Compare for checking whether requested URL matches the login URL - be case-insensitive when running on Windows or with IOMAP in effect. 2009-03-10 Marek Habersack * UrlAuthorizationModule.cs: OnAuthorizeRequest must use the configuration from elements in the config. Fixes bug #467221 2009-02-28 Gonzalo Paniagua Javier * FormsAuthentication.cs: use GetWebApplication instead of GetSection for application level configuration. 2009-01-12 Marek Habersack * MembershipUserCollection.cs: CopyTo overloads use store.Values as the copy source. Fixes bug #464783. Patch from Christian Prochnow 2008-12-25 Gonzalo Paniagua Javier * SqlRoleProvider.cs: * SqlMembershipProvider.cs: use IndexOf (char) instead of IndexOf (string). 2008-08-20 Marek Habersack * Membership.cs: implemented the HashAlgorithmType property. Fixes bug #418458 2008-06-30 Marek Habersack * SqliteMembershipProvider.cs, SqliteRoleProvider.cs: remove unused method * SqlRoleProvider.cs, AspNetDBSchemaChecker.cs: hush the warnings 2008-05-30 Marek Habersack * AnonymousIdentificationModule.cs, FormsAuthenticationModule.cs, DefaultAuthenticationModule.cs, MembershipProvider.cs, WindowsAuthenticationModule.cs, PassportAuthenticationModule.cs, RoleManagerModule.cs: do not use synthetized event accessors (to avoid locks). 2008-05-07 Marek Habersack * RolePrincipal.cs: fix: - Reloading the roles cache from the provider when expired - Update issue & expiry date for expired tickets - Incrementing the cookie expiry date - Obey Roles.MaxCachedResults Fixes bug #385877. Patch from Ivan Hamilton , thanks! 2008-03-10 Marek Habersack * RoleManagerModule.cs: initialize _config before adding event handlers and account for the fact that _config might still be null in the methods that use it. 2007-12-30 Vladimir Krasnov * SqliteMembershipProvider.cs, SqlRoleProvider.cs: added chema checking * added AspNetDBSchemaChecker.cs: schema checker helper class 2007-12-11 Vladimir Krasnov * Roles.cs: fixed Providers property to be thread safe 2007-12-08 Marek Habersack * SqliteRoleProvider.cs: added - a Role Provider for Sqlite, based on PostgreSQL Role Provider code from Daniel Nauck * SqliteMembershipProvider.cs: added - a Membership Provider for Sqlite, based on PostgreSQL Membership Provider code from Daniel Nauck 2007-11-28 Marek Habersack * SqlMembershipProvider.cs: handle situation when there is no connection string configured for the SQL Membership Provider. 2007-11-01 Marek Habersack * RolePrincipal.cs, MembershipProvider.cs: use the new MachineKeySectionUtils class wherever necessary. * FormsAuthentication.cs: use the new MachineKeySectionUtils class wherever necessary. GetHexString is a private method again. 2007-10-31 Marek Habersack * FormsAuthentication.cs: made GetHexString an internal method - it is used in the AssemblyResourceLoader.cs 2007-08-14 Marek Habersack * Roles.cs: remove unused field. * SqlMembershipProvider.cs: remove unused variable. 2007-08-13 Vladimir Krasnov * SqlRoleProvider.cs: fixed ApplicationName initialization 2007-06-24 Vladimir Krasnov * FormsAuthentication.cs: improved performance of GetHexString() 2007-05-17 Vladimir Krasnov * SqlMembershipProvider.cs: fixed DeleteUser, fixed parameter name 2007-05-14 Igor Zelmanovich * SqlMembershipProvider.cs: Fix parameter binding to stored procedures. 2007-05-09 Igor Zelmanovich * PassportIdentity.cs: added MonoNotSupported attribute. 2007-05-02 Marek Habersack * FormsAuthentication.cs: user names are stored in lowercase in the credentials database. 2007-04-29 Igor Zelmanovich * FormsAuthenticationModule.cs: Redirect to login page doesn't cause thread abort. 2007-04-19 Igor Zelmanovich * SqlMembershipProvider.cs: ChangePassword throws exception if new password has invalid format. 2007-04-17 Igor Zelmanovich * Membership.cs: * Roles.cs: if default provider was not found ConfigurationErrorsException is thrown. 2007-04-12 Marek Habersack * RoleManagerModule.cs: do not try to decrypt encryption tickets from cookies with empty values. 2007-04-04 Juraj Skripsky * FormsAuthenticationModule.cs: Move initialization of _config out of Init() as app.Context is null in that method when a session is about to be terminated. 2007-03-21 Vladimir Krasnov * AnonymousIdentificationModule.cs: optimized Config property 2007-03-21 Vladimir Krasnov * AnonymousIdentificationModule.cs: added configuration section caching to AppDomain for TARGET_JVM * RoleManagerModule.cs: * UrlAuthorizationModule.cs: * FormsAuthenticationModule.cs: refactored configuration section to be a member of a class 2007-03-20 Marek Habersack * FormsAuthentication.cs, Roles.cs: remove roles cookie on sign out. Fixes bug #81195. Patch from Mike Morano . 2007-03-12 Marek Habersack * RolePrincipal.cs: decrypt the roles ticket properly. Makes role caching in cookies work. Fixes bug #81117. Patch from Mike Morano 2007-03-02 Marek Habersack * SqlMembershipProvider.cs: cast PasswordFormat to int, so that the parameter code can infer the sql type. Makes user creation, password reset etc. work. 2007-02-28 Andreia Gaita * SqlRoleProvider.cs: Fix parameter binding to stored procedures. * SqlMembershipProvider.cs: Fix parameter binding to stored procedures. CreateUser() doesn't use transactions in MS asp.net, so removed the transaction calls. 2007-02-19 Vladimir Krasnov * RoleManagerModule.cs: fixed role chaching in OnEndRequest and OnPostAuthenticateRequest * RolePrincipal.cs: implemented ToEncryptedTicket, implemented caching role functionality * Roles.cs: implemented DeleteCookie, fixed CookieProtectionValue to get it's value from configuration 2007-02-08 Marek Habersack * FormsAuthenticationModule.cs: Expire auth tickets properly. * MembershipProvider.cs: Do not clear the password before encrypting it. 2007-01-20 Miguel de Icaza * SqlRoleProvider.cs: comment out unused code. * SqlMembershipProvider.cs: Removed unused variables. Remove unused variable. * AnonymousIdentificationModule.cs (ClearAnonymousIdentifier): remove unused variable. This might be a real bug. 2007-01-16 Vladimir Krasnov * RoleManagerModule.cs: fixed OnPostAuthenticateRequest, CacheRolesInCookie not supported yet * Roles.cs: fixed DeleteCookie, CacheRolesInCookie not supported yet 2007-01-11 Adar Wesley * MembershipProvider.cs: fixed EncryptPassword to use password buffer length 2007-01-04 Vladimir Krasnov * AnonymousIdentificationModule.cs: fixed OnEnter, fixed failure on incorrect cookie value that browser may hold 2006-12-27 Vladimir Krasnov * FormsAuthentication.cs: added internal ReturnUrl property, GetRedirectUrl added usage of ReturnUrl 2006-12-12 Vladimir Krasnov * FormsAuthentication.cs: TARGET_J2EE define for static members 2006-12-06 Vladimir Krasnov * FormsAuthenticationModule.cs: fixed OnAuthenticateRequest, suppress exception on wrong ticket 2006-12-03 Igor Zelmanovich * FormsAuthenticationModule.cs: set SkipAuthorization=true for WebResource.axd 2006-11-27 Vladimir Krasnov * SqlMembershipProvider.cs: typo bug 2006-11-21 Vladimir Krasnov * SqlMembershipProvider.cs: fixed fixed exception type in GetPassword checks user lockout 2006-11-20 Igor Zelmanovich * SqlMembershipProvider.cs: fixed: UpdateUser works properly. 2006-11-15 Igor Zelmanovich * SqlMembershipProvider.cs: fixed: name is used for ReturnValue parameter. 2006-11-05 Vladimir Krasnov * AnonymousIdentificationModule.cs: fixed anonymous id cookie 2006-11-05 Vladimir Krasnov * MembershipProvider.cs, SqlMembershipProvider.cs: refactoring of DecryptPassword and EncryptPassword methods according to documentation 2006-09-10 Konstantin Triger * SqlRoleProvider.cs: throw on empty connection string. 2006-09-26 Vladimir Krasnov * Membership.cs: fixed GetAllUsers, typo bug * SqlRoleProvider.cs, SqlMembershipProvider.cs: refactored to use aspnetdb built in stored procedures, fixed application name and membership relation, improved exception handling 2006-09-03 Igor Zelmanovich * RolePrincipal.cs: refactoring: instance can be serialized. 2006-09-03 Igor Zelmanovich * SqlMembershipProvider.cs: fixed GetUser, when username is String.Empty methods returns null. 2006-08-31 Konstantin Triger * SqlRoleProvider.cs: fixed initialization. 2006-08-31 Igor Zelmanovich * SqlMembershipProvider.cs: fixed CreateUser, password is checked, properties MinRequiredPasswordLength and MinRequiredNonAlphanumericCharacters are considered. 2006-08-29 Konstantin Triger * SqlMembershipProvider.cs: fix dispose order of reader vs connection. 2006-08-28 Igor Zelmanovich * SqlMembershipProvider.cs: fixed CreateUser, parameter isApproved is considered. 2006-08-28 Konstantin Triger * SqlMembershipProvider.cs: ensure GetUser() returns null if it cannot retrieve user information. 2006-08-28 Konstantin Triger * SqlRoleProvider.cs, SqlMembershipProvider.cs: "use SqlClientFactory in case the ProviderName is not specified. 2006-08-27 Konstantin Triger * SqlRoleProvider.cs: enable concurrent usage, refactoring. 2006-08-27 Konstantin Triger * SqlMembershipProvider.cs: enable concurrent usage, refactoring. 2006-08-27 Vladimir Krasnov * SqlMembershipProvider.cs: fixed ValidateUser, bug when user not exists 2006-08-14 Gonzalo Paniagua Javier * FormsAuthentication.cs: set the Secure attribute of the authentication cookie when required. 2006-07-06 Konstantin Triger * FormsAuthentication.cs: Ensure initialized, fix url mapping. 2006-05-03 Chris Toshok * SqlMembershipProvider.cs (GetAlg): move this here for the time being, as it's the only class that uses it. (HashAndBase64Encode): nuke. (EncryptAndBase64Encode): nuke. (Base64DecodeAndDecrypt): nuke. (DecryptPassword): new function. (EncryptPassword): new function. (ChangePassword): replace the switch with a call to EncodePassword. (ChangePasswordQuestionAndAnswer): same. (CreateUser): same. (ResetPassword): same. (ValidateUsingPassword): same. (ValidateUsingPasswordAnswer): same. (GetPassword): same, and throw MembershipPasswordException if the password answer is incorrect. * MembershipProvider.cs (InitVector): nuke this. it's actually the salt from the database (for the sql provider, anyway). (EncodePassword): based on the password format, password, and salt, encode it. Makes use of EncryptPassword. (DecodePassword): likewise for decoding, makes use of DecryptPassword. (DecryptPassword): revert this to throwing NotImplementedException, as the sql provideroverrides it to perform the actual decryption. (EncryptPassword): same. 2006-05-02 Chris Toshok * SqlMembershipProvider.cs: 85% complete, maybe more. The major functionality should work. Password retrieval (and encrypted passwords in general) is untested. 2006-05-01 Chris Toshok * Membership.cs (GeneratePassword): don't include quotes (',",`) in the set of characters in the generated passwords. 2006-05-01 Chris Toshok * MembershipProvider.cs (GetAlg): switch from Exception to ProviderException to match MS behavior (and fix the unit test.) * Membership.cs (GeneratePassword): implement. 2006-05-01 Chris Toshok * SqlMembershipProvider.cs: lots more work. checking this in in its present state because I don't want to lose it. It still needs work. * Membership.cs (.cctor): remove the fallback. (ValidatingPassword): remove the MonoTODO. * MembershipProvider.cs (DecryptPassword): implement. (EncryptPassword): implement. (GetAlg): helper function for Decrypt/EncryptPassword. (InitVector): same. 2006-04-27 Chris Toshok * SqlMembershipProvider.cs (GeneratePassword): call Membership.GeneratePassword with the configured minimum strength requirements. 2006-04-27 Chris Toshok * SqlMembershipProvider.cs (UnlockUser): fix sql query, and move the CheckPararm call to the top of the method. 2006-04-12 Chris Toshok * SqlMembershipProvider.cs: commit initial pass at SqlMembershipProvider work. lots of stuff untested in here. 2006-04-11 Chris Toshok * MembershipUser.cs (.ctor): per Shackow's book, all DateTime's are converted using ToUniversalTime when passed into this class. (UpdateSelf): update ourselves from the passed in MembershipUser, swallowing NotSupportedExceptions. (UpdateUser): fetch a new MembershipUser from the db and call UpdateSelf with it. (ChangePassword): call UpdateUser after changing the password. (ChangePasswordQuestionAndAnswer): same. (ResetPassword): same. (UnlockUser): same. Also, don't explicitly set isLockedOut. It'll be updated in UpdateSelf. (CreationDate): getter calls ToLocalTime, setter calls ToUniversalTime. (LastActivityDate): same. (LastLoginDate): same. (LastPasswordChangedDate): same. (LastLockoutDate): same. * Membership.cs (.cctor): use ProvidersHelper.InstantitateProviders, and remove some unnecessary #if NET_2_0's. 2006-03-29 Chris Toshok * SqlRoleProvider.cs: do the LOWER's in SQL, not in C#. 2006-03-23 Chris Toshok * Roles.cs: make this 2.0 configuration aware. * SqlRoleProvider.cs: flesh out all the operations. the only things that need dealing with are the Initialize method's handling of a few parameters, and the ApplicationName property. 2006-03-23 Chris Toshok * DefaultAuthenticationModule.cs (OnDefaultAuthentication): always set Thread.CurrentPrincipal, not just if we set it to the GenericPrincipal. 2006-03-22 Chris Toshok * RoleManagerModule.cs: implement using info in Shackow's book. * RolePrincipal.cs: flesh this out a bit more. * DefaultAuthenticationModule.cs (OnDefaultAuthentication): according to Shackow's book, this sets Thread.CurrentPrincipal as well as HttpContext.Current.User. 2006-02-28 Chris Toshok * FormsAuthentication.cs: corcompare work. * MembershipCreateUserException.cs: same. * MembershipPasswordException.cs: same. * AnonymousIdentificationModule.cs: same. 2006-02-01 Chris Toshok * FormsAuthentication.cs, Membership.cs, FormsAuthenticationModule.cs, UrlAuthorizationModule.cs: oops, replace GetWebApplicationSection with GetSection. 2006-02-01 Chris Toshok * FormsAuthentication.cs: CONFIGURATION_2_0 => NET_2_0. simplifies the ifdef mess quite a bit. * Membership.cs: same. * FormsAuthenticationModule.cs: same. * UrlAuthorizationModule.cs: same. 2006-01-04 Chris Toshok * FormsAuthentication.cs (Authenticate): add CONFIGURATION_2_0 code. (Decrypt2): same. (Decrypt): same. (Encrypt): same. (Initialize): same. 2006-01-04 Chris Toshok * Membership.cs (.cctor): enable the code here under CONFIGURATION_2_0. 2006-01-03 Chris Toshok * UrlAuthorizationModule.cs (OnAuthorizeRequest): add CONFIGURATION_2_0 code here. 2005-12-22 Gonzalo Paniagua Javier * FormsAuthentication.cs: don't end the request in RedirectFromLoginPage. 2005-12-22 Gonzalo Paniagua Javier * FormsAuthenticationModule.cs: expire the cookie. Fixes bug #77043. Patch by Cyrille Colin. 2005-12-13 Gonzalo Paniagua Javier * FormsAuthenticationModule.cs: ignore any exception thrown when mapping the provided virtual path to the physical one. Patch by Cyrille Colin. 2005-11-28 Chris Toshok * FormsAuthenticationModule.cs (OnAuthenticateRequest): CONFIGURATION_2_0 work. (OnEndRequest): same. 2005-09-09 Sebastien Pouliot * DefaultAuthenticationEventArgs.cs: Added LinkDemand for Minimal. * DefaultAuthenticationModule.cs: Added LinkDemand for Minimal. Added Demand for UnmanagedCode on constructor. * FileAuthorizationModule.cs: Added LinkDemand for Minimal. Added Demand for UnmanagedCode on constructor. * FormsAuthentication.cs: Added LinkDemand for Minimal. * FormsAuthenticationEventArgs.cs: Added LinkDemand for Minimal. * FormsAuthenticationModule.cs: Added LinkDemand for Minimal. Added Demand for UnmanagedCode on constructor. * FormsAuthenticationTicket.cs: Added LinkDemand for Minimal. * FormsIdentity.cs: Added LinkDemand for Minimal. * PassportAuthenticationEventArgs.cs: Added LinkDemand for Minimal. * PassportAuthenticationModule.cs: Added LinkDemand for Minimal. Added Demand for UnmanagedCode on constructor. * PassportIdentity.cs: Added LinkDemand for Minimal. Added Demand for UnmanagedCode on constructor. * UrlAuthorizationModule.cs: Added LinkDemand for Minimal. Added Demand for UnmanagedCode on constructor. * WindowsAuthenticationEventArgs.cs: Added LinkDemand for Minimal. * WindowsAuthenticationModule.cs: Added LinkDemand for Minimal. Added Demand for UnmanagedCode on constructor. 2005-09-01 Sebastien Pouliot * FormsAuthenticationEventArgs.cs: Ensure the setter for User is protected by a demand for ControlPrincipal. * PassportAuthenticationEventArgs.cs: Ensure the setter for User is protected by a demand for ControlPrincipal. * WindowsAuthenticationEventArgs.cs: Ensure the setter for User is protected by a demand for ControlPrincipal. 2005-08-25 Sebastien Pouliot * FormsAuthentication.cs: With 2.0 we can get the default properties and call Initialize without a NRE. 2005-08-25 Sebastien Pouliot * ActiveDirectoryConnectionProtection.cs: New (2.0) enum. * ActiveDirectoryMembershipProvider.cs: Fixed 2.0 API. * AnonymousIdentificationEventArgs.cs: Fixed AnonymousID property case. * AnonymousIdentificationModule.cs: Fixed 2.0 API. * FileAuthorizationModule.cs: Added static CheckFileAccessForUser in 2.0 profile (TODO). * FormsAuthentication.cs: Added missing 2.0 properties with their default values. * MembershipCreateStatus.cs: Fixed enum values/names. * MembershipProvider.cs: Added stub for [Decrypt|Encrypt]Password. Both methods don't seems to work without an active provider. * PassportIdentity.cs: Added IDispose for 2.0 profile. * Roles.cs: Added missing beta2 bits and default values (which are the only things working without a role provider (web.config). * RolePrincipal.cs: Fixed 2.0 API. Implemented a few bits. * SqlRoleProvider.cs: Fixed 2.0 API. * UrlAuthorizationModule.cs: Added static CheckUrlAccessForPrincipal in 2.0 profile (TODO). 2005-08-24 Sebastien Pouliot * MembershipUserCollection.cs: Fix exceptions. 2005-08-22 Sebastien Pouliot * FormsAuthentication.cs: Add some 2.0 stuff required for Login* controls to compile. 2005-08-18 Sebastien Pouliot * Membership.cs: Commented unworking parts of the .cctor to allow testing the Login control. * MembershipProviderCollection.cs: Fixed exception handling. * SqlMembershipProvider.cs: Don't throw NotImplementedException everywhere so Membership's .cctor (somewhat) works. Removed Description property (not in beta2). 2005-07-28 Gonzalo Paniagua Javier * FormsAuthentication.cs: allow hardware acceleration support if available. Sebastien dixit. 2005-07-26 Gonzalo Paniagua Javier * FormsAuthentication.cs: the init_vector must be the same accross restarts, otherwise the cookie does not work even when a decryption key is provided. Initialize it to the bytes of the cookie name. Fixes bug #75635. 2005-07-25 Eyal Alaluf * FormsAuthenticationModule.cs: Check for null config 2005-07-25 Miguel de Icaza * FormsAuthentication.cs (SignOut): Force the cookie to have it expire in the past. 2005-07-25 Gonzalo Paniagua Javier * FormsAuthentication.cs: my previous patch missed a "small" detail: it didn't include the verification key when computing/checking the validation hash. Now this is really a MAC or HMAC or... 2005-07-25 Gonzalo Paniagua Javier * FormsAuthentication.cs: * FormsAuthenticationTicket.cs: added support for validation and encryption of the auth. cookie and improved serialization of the ticket. 2005-07-01 Lluis Sanchez Gual * Membership.cs: Read provider info from the config file. 2005-06-10 Lluis Sanchez Gual * MembershipUserCollection.cs: * MembershipPasswordException.cs: * RoleProviderCollection.cs: * ActiveDirectoryMembershipProvider.cs: * SqlMembershipProvider.cs: * MembershipProvider.cs: * SqlRoleProvider.cs: * Membership.cs: * MembershipUser.cs: * MembershipProviderCollection.cs: * Roles.cs:. * RoleProvider.cs: Track api changes in ASP.NET 2.0. Implemented some missing methods. * AccessRoleProvider.cs: * AccessMembershipProvider.cs: Removed. * MembershipCreateUserException.cs: * MembershipValidatePasswordEventHandler.cs: * ValidatePasswordEventArgs.cs: Implemented. 2005-05-21 Sebastien Pouliot * FormsAuthentication.cs: Hash the UTF8 representation of the password strings (to be compatible with Microsoft implementation). 2005-04-20 Gonzalo Paniagua Javier * FormsAuthentication.cs: * PassportAuthenticationModule.cs: * WindowsAuthenticationModule.cs: removed warnings. 2005-03-11 Gonzalo Paniagua Javier * FormsAuthenticationModule.cs: fix for bug 73545, which caused authentication not to work when the cookie was not persistent. Patch by Ilya Kharmatsky (Mainsoft). 2005-02-23 Gonzalo Paniagua Javier * FormsAuthentication.cs: make the string to be stored in a config. file uppercase... See bug #72557. 2005-02-06 Gonzalo Paniagua Javier * FormsAuthentication.cs: fixed typo when getting the hash for the password in SHA1 and MD5. Thanks to Tadas Dailyda. Lock on a static object instead of typeof(FormsAuthentication). 2004-11-18 Lluis Sanchez Gual * RoleProvider.cs, Roles.cs, SqlRoleProvider.cs, RoleProviderCollection.cs, AccessRoleProvider.cs: IRoleProvider has been renamed to ProviderBase. * IMembershipProvider.cs: Deleted. * MembershipProvider.cs, AccessMembershipProvider.cs, MembershipUser.cs, Membership.cs, ADMembershipProvider.cs, SqlMembershipProvider.cs MembershipProviderCollection.cs: MembershipProvider has been deleted and replaced by the abstract class MembershipProvider. * MembershipProviderCollection.cs: Minor fixes. * ADMembershipProvider.cs: Renamed to ActiveDirectoryMembershipProvider.cs. 2004-11-15 Lluis Sanchez Gual * RoleProviderCollection.cs, MembershipProviderCollection.cs: Fixed warnings. 2004-08-23 Gonzalo Paniagua Javier * FormsAuthentication.cs: patch by Jim Pease to fix the date on renewal. 2004-08-22 Gonzalo Paniagua Javier * FormsAuthenticationModule.cs: don't renew expired cookies. Only renew the cookie if SlidingExpiration is set. Thanks to Jim Pease. 2004-08-03 Sanjay Gupta * MembershipSortOptions.cs: * MembershipPasswordFormat.cs: * MembershipOnlineStatus.cs: * MembershipCreateStatus.cs: * CookieProtection.cs: minor modifications. 2004-06-12 Pedro Martnez Juli * FormsAuthentication.cs: Undo last change. 2004-06-12 Pedro Martnez Juli * FormsAuthentication.cs: go to loginUrl from web.config settings before try with the default ones. 2004-06-11 Gonzalo Paniagua Javier * DefaultAuthenticationModule.cs: set the IPrincipal for this thread once we have a user. Fixes bug #59683. 2004-04-21 Gonzalo Paniagua Javier * FormsAuthenticationModule.cs: re-read configuration files if needed when determining if forms auth. is used. 2004-01-23 Gonzalo Paniagua Javier * FormsAuthentication.cs: added RequireSSL and SlidingExpiration. 2004-01-11 Andreas Nahr * PassportIdentity.cs: Added v 1.1 members 2003-11-25 Ben Maurer * AccessMembershipProvider.cs: New v2 file * AccessRoleProvider.cs: New v2 file * ADMembershipProvider.cs: New v2 file * AnonymousIdentificationEventArgs.cs: New v2 file * AnonymousIdentificationEventHandler.cs: New v2 file * AnonymousIdentificationModule.cs: New v2 file * CookieProtection.cs: New v2 file * IMembershipProvider.cs: New v2 file * IRoleProvider.cs: New v2 file * Membership.cs: New v2 file * MembershipCreateStatus.cs: New v2 file * MembershipCreateUserException.cs: New v2 file * MembershipOnlineStatus.cs: New v2 file * MembershipPasswordException.cs: New v2 file * MembershipPasswordFormat.cs: New v2 file * MembershipProviderCollection.cs: New v2 file * MembershipSortOptions.cs: New v2 file * MembershipUser.cs: New v2 file * MembershipUserCollection.cs: New v2 file * RoleManagerEventArgs.cs: New v2 file * RoleManagerEventHandler.cs: New v2 file * RoleManagerModule.cs: New v2 file * RolePrincipal.cs: New v2 file * RoleProviderCollection.cs: New v2 file * Roles.cs: New v2 file * SqlMembershipProvider.cs: New v2 file * SqlRoleProvider.cs: New v2 file 2003-11-05 Gonzalo Paniagua Javier * FormsAuthentication.cs: encoding updates. 2003-10-04 Gonzalo Paniagua Javier * FormsAuthenticationModule.cs: fixed for applications other than /. 2003-08-27 Gonzalo Paniagua Javier * UrlAuthorizationModule.cs: fixed description for status code. 2003-07-31 Gonzalo Paniagua Javier * FormsAuthenticationModule.cs: really renew the ticket. Thanks to Jens Thiel . 2003-02-13 Gonzalo Paniagua Javier * UrlAuthorizationModule.cs: tell the application not to run any other step apart from EndRequest. 2003-02-12 Gonzalo Paniagua Javier * FormsAuthentication.cs: implemented RedirectFromLoginPage and GetRedirectUrl. * FormsAuthenticationModule.cs: redirect to the login page when a 401 error happens. * UrlAuthorizationModule.cs: check for valid user or render error page. 2003-01-04 Gonzalo Paniagua Javier * DefaultAuthenticationModule.cs: implemented. It just create a default unauthenticated user when no one else provided one. * FormsAuthenticationModule.cs: removed debug output. 2002-12-20 Gonzalo Paniagua Javier * FormsAuthenticationModule.cs: remove debug lines. 2002-12-19 Gonzalo Paniagua Javier * FormsAuthentication.cs: return a null ticket when an exception is thrown creating it. Implemented RenewTicketIfOld. * FormsAuthenticationModule.cs: implemented event handlers for AuthenticateRequest and EndRequest. * FormsAuthenticationTicket.cs: implemented SetDates and Clone methods. 2002-12-18 Gonzalo Paniagua Javier * FormsAuthentication.cs: implemented GetAuthCookie, SetAuthCookie, SignOut, FormsCookieName and FormsCookiePath. 2002-12-17 Gonzalo Paniagua Javier * FormsAuthentication.cs: implemented Authenticate, unencrypted Encrypt and Decrypt, HashPasswordForStoringInConfigFile and Initialize. * FormsAuthenticationTicket.cs: set cookiePath to the default when no other provided. 2002-08-26 Gonzalo Paniagua Javier * DefaultAuthenticationEventHandler.cs: * DefaultAuthenticationModule.cs: * FileAuthorizationModule.cs: * FormsAuthentication.cs: * FormsAuthenticationEventArgs.cs: * FormsAuthenticationEventHandler.cs: * FormsAuthenticationModule.cs: * FormsAuthenticationTicket.cs: * FormsIdentity.cs: * PassportAuthenticationEventArgs.cs: * PassportAuthenticationEventHandler.cs: * PassportAuthenticationModule.cs: * PassportIdentity.cs: * UrlAuthorizationModule.cs: * WindowsAuthenticationEventArgs.cs: * WindowsAuthenticationEventHandler.cs: * WindowsAuthenticationModule.cs: new files. Some of them implemented, some others stubbed out. 2002-06-03 Gonzalo Paniagua Javier * DefaultAuthenticationEventArgs.cs: added file.