+2008-08-20 Marek Habersack <mhabersack@novell.com>
+
+ * Membership.cs: implemented the HashAlgorithmType property. Fixes
+ bug #418458
+
+2008-06-30 Marek Habersack <mhabersack@novell.com>
+
+ * SqliteMembershipProvider.cs, SqliteRoleProvider.cs: remove
+ unused method
+
+ * SqlRoleProvider.cs, AspNetDBSchemaChecker.cs: hush the warnings
+
+2008-05-30 Marek Habersack <mhabersack@novell.com>
+
+ * AnonymousIdentificationModule.cs, FormsAuthenticationModule.cs,
+ DefaultAuthenticationModule.cs, MembershipProvider.cs,
+ WindowsAuthenticationModule.cs, PassportAuthenticationModule.cs,
+ RoleManagerModule.cs: do not use synthetized event accessors (to
+ avoid locks).
+
+2008-05-07 Marek Habersack <mhabersack@novell.com>
+
+ * RolePrincipal.cs: fix:
+ - Reloading the roles cache from the provider when expired
+ - Update issue & expiry date for expired tickets
+ - Incrementing the cookie expiry date
+ - Obey Roles.MaxCachedResults
+ Fixes bug #385877. Patch from Ivan Hamilton
+ <ivan@chimerical.com.au>, thanks!
+
+2008-03-10 Marek Habersack <mhabersack@novell.com>
+
+ * RoleManagerModule.cs: initialize _config before adding event
+ handlers and account for the fact that _config might still be null
+ in the methods that use it.
+
+2007-12-30 Vladimir Krasnov <vladimirk@mainsoft.com>
+
+ * SqliteMembershipProvider.cs, SqlRoleProvider.cs: added chema checking
+ * added AspNetDBSchemaChecker.cs: schema checker helper class
+
+2007-12-11 Vladimir Krasnov <vladimirk@mainsoft.com>
+
+ * Roles.cs: fixed Providers property to be thread safe
+
+2007-12-08 Marek Habersack <mhabersack@novell.com>
+
+ * SqliteRoleProvider.cs: added - a Role Provider for
+ Sqlite, based on PostgreSQL Role Provider code from Daniel
+ Nauck <dna@informatik.uni-kiel.de>
+
+ * SqliteMembershipProvider.cs: added - a Membership Provider for
+ Sqlite, based on PostgreSQL Membership Provider code from Daniel
+ Nauck <dna@informatik.uni-kiel.de>
+
+2007-11-28 Marek Habersack <mhabersack@novell.com>
+
+ * SqlMembershipProvider.cs: handle situation when there is no
+ connection string configured for the SQL Membership Provider.
+
+2007-11-01 Marek Habersack <mhabersack@novell.com>
+
+ * RolePrincipal.cs, MembershipProvider.cs: use the new
+ MachineKeySectionUtils class wherever necessary.
+
+ * FormsAuthentication.cs: use the new MachineKeySectionUtils class
+ wherever necessary.
+ GetHexString is a private method again.
+
+2007-10-31 Marek Habersack <mhabersack@novell.com>
+
+ * FormsAuthentication.cs: made GetHexString an internal method -
+ it is used in the AssemblyResourceLoader.cs
+
+2007-08-14 Marek Habersack <mhabersack@novell.com>
+
+ * Roles.cs: remove unused field.
+
+ * SqlMembershipProvider.cs: remove unused variable.
+
+2007-08-13 Vladimir Krasnov <vladimirk@mainsoft.com>
+
+ * SqlRoleProvider.cs: fixed ApplicationName initialization
+
+2007-06-24 Vladimir Krasnov <vladimirk@mainsoft.com>
+
+ * FormsAuthentication.cs: improved performance of GetHexString()
+
+2007-05-17 Vladimir Krasnov <vladimirk@mainsoft.com>
+
+ * SqlMembershipProvider.cs: fixed DeleteUser, fixed parameter name
+
+2007-05-14 Igor Zelmanovich <igorz@mainsoft.com>
+
+ * SqlMembershipProvider.cs: Fix parameter binding to stored procedures.
+
+2007-05-09 Igor Zelmanovich <igorz@mainsoft.com>
+
+ * PassportIdentity.cs:
+ added MonoNotSupported attribute.
+
+2007-05-02 Marek Habersack <mhabersack@novell.com>
+
+ * FormsAuthentication.cs: user names are stored in lowercase in
+ the credentials database.
+
+2007-04-29 Igor Zelmanovich <igorz@mainsoft.com>
+
+ * FormsAuthenticationModule.cs:
+ Redirect to login page doesn't cause thread abort.
+
+2007-04-19 Igor Zelmanovich <igorz@mainsoft.com>
+
+ * SqlMembershipProvider.cs:
+ ChangePassword throws exception if new password has invalid format.
+
+2007-04-17 Igor Zelmanovich <igorz@mainsoft.com>
+
+ * Membership.cs:
+ * Roles.cs:
+ if default provider was not found ConfigurationErrorsException is thrown.
+
+2007-04-12 Marek Habersack <mhabersack@novell.com>
+
+ * RoleManagerModule.cs: do not try to decrypt encryption tickets
+ from cookies with empty values.
+
+2007-04-04 Juraj Skripsky <js@hotfeet.ch>
+
+ * FormsAuthenticationModule.cs: Move initialization of _config out
+ of Init() as app.Context is null in that method when a session is
+ about to be terminated.
+
+2007-03-21 Vladimir Krasnov <vladimirk@mainsoft.com>
+
+ * AnonymousIdentificationModule.cs: optimized Config property
+
+2007-03-21 Vladimir Krasnov <vladimirk@mainsoft.com>
+
+ * AnonymousIdentificationModule.cs: added configuration section caching
+ to AppDomain for TARGET_JVM
+ * RoleManagerModule.cs:
+ * UrlAuthorizationModule.cs:
+ * FormsAuthenticationModule.cs: refactored configuration section to be
+ a member of a class
+
+2007-03-20 Marek Habersack <mhabersack@novell.com>
+
+ * FormsAuthentication.cs, Roles.cs: remove roles cookie on sign
+ out. Fixes bug #81195. Patch from Mike Morano <mmorano@mikeandwan.us>.
+
+2007-03-12 Marek Habersack <mhabersack@novell.com>
+
+ * RolePrincipal.cs: decrypt the roles ticket properly. Makes role
+ caching in cookies work. Fixes bug #81117. Patch from Mike Morano
+ <mmorano@mikeandwan.us>
+
+2007-03-02 Marek Habersack <mhabersack@novell.com>
+
+ * SqlMembershipProvider.cs: cast PasswordFormat to int, so that
+ the parameter code can infer the sql type. Makes user creation,
+ password reset etc. work.
+
+2007-02-28 Andreia Gaita <avidigal@novell.com>
+
+ * SqlRoleProvider.cs: Fix parameter binding to stored procedures.
+ * SqlMembershipProvider.cs: Fix parameter binding to stored procedures.
+ CreateUser() doesn't use transactions in MS asp.net, so removed the
+ transaction calls.
+
+2007-02-19 Vladimir Krasnov <vladimirk@mainsoft.com>
+
+ * RoleManagerModule.cs: fixed role chaching in OnEndRequest and
+ OnPostAuthenticateRequest
+ * RolePrincipal.cs: implemented ToEncryptedTicket, implemented caching
+ role functionality
+ * Roles.cs: implemented DeleteCookie, fixed CookieProtectionValue to
+ get it's value from configuration
+
+2007-02-08 Marek Habersack <grendello@gmail.com>
+
+ * FormsAuthenticationModule.cs: Expire auth tickets properly.
+
+ * MembershipProvider.cs: Do not clear the password before
+ encrypting it.
+
+2007-01-20 Miguel de Icaza <miguel@novell.com>
+
+ * SqlRoleProvider.cs: comment out unused code.
+
+ * SqlMembershipProvider.cs: Removed unused variables.
+ Remove unused variable.
+
+ * AnonymousIdentificationModule.cs (ClearAnonymousIdentifier):
+ remove unused variable. This might be a real bug.
+
+2007-01-16 Vladimir Krasnov <vladimirk@mainsoft.com>
+
+ * RoleManagerModule.cs: fixed OnPostAuthenticateRequest,
+ CacheRolesInCookie not supported yet
+ * Roles.cs: fixed DeleteCookie, CacheRolesInCookie not supported yet
+
+2007-01-11 Adar Wesley <adarw@mainsoft.com>
+
+ * MembershipProvider.cs: fixed EncryptPassword to use password buffer length
+
+2007-01-04 Vladimir Krasnov <vladimirk@mainsoft.com>
+
+ * AnonymousIdentificationModule.cs: fixed OnEnter, fixed failure on
+ incorrect cookie value that browser may hold
+
+2006-12-27 Vladimir Krasnov <vladimirk@mainsoft.com>
+
+ * FormsAuthentication.cs: added internal ReturnUrl property,
+ GetRedirectUrl added usage of ReturnUrl
+
+2006-12-12 Vladimir Krasnov <vladimirk@mainsoft.com>
+
+ * FormsAuthentication.cs: TARGET_J2EE define for static members
+
+2006-12-06 Vladimir Krasnov <vladimirk@mainsoft.com>
+
+ * FormsAuthenticationModule.cs: fixed OnAuthenticateRequest, suppress
+ exception on wrong ticket
+
+2006-12-03 Igor Zelmanovich <igorz@mainsoft.com>
+
+ * FormsAuthenticationModule.cs:
+ set SkipAuthorization=true for WebResource.axd
+
+2006-11-27 Vladimir Krasnov <vladimirk@mainsoft.com>
+
+ * SqlMembershipProvider.cs: typo bug
+
+2006-11-21 Vladimir Krasnov <vladimirk@mainsoft.com>
+
+ * SqlMembershipProvider.cs: fixed fixed exception type in GetPassword
+ checks user lockout
+
+2006-11-20 Igor Zelmanovich <igorz@mainsoft.com>
+
+ * SqlMembershipProvider.cs: fixed: UpdateUser works properly.
+
+2006-11-15 Igor Zelmanovich <igorz@mainsoft.com>
+
+ * SqlMembershipProvider.cs: fixed: name is used for ReturnValue parameter.
+
+2006-11-05 Vladimir Krasnov <vladimirk@mainsoft.com>
+
+ * AnonymousIdentificationModule.cs: fixed anonymous id cookie
+
+2006-11-05 Vladimir Krasnov <vladimirk@mainsoft.com>
+
+ * MembershipProvider.cs, SqlMembershipProvider.cs:
+ refactoring of DecryptPassword and EncryptPassword methods according
+ to documentation
+
+2006-09-10 Konstantin Triger <kostat@mainsoft.com>
+
+ * SqlRoleProvider.cs: throw on empty connection string.
+
+2006-09-26 Vladimir Krasnov <vladimirk@mainsoft.com>
+
+ * Membership.cs: fixed GetAllUsers, typo bug
+ * SqlRoleProvider.cs, SqlMembershipProvider.cs: refactored to use
+ aspnetdb built in stored procedures,
+ fixed application name and membership relation,
+ improved exception handling
+
+2006-09-03 Igor Zelmanovich <igorz@mainsoft.com>
+
+ * RolePrincipal.cs: refactoring: instance can be serialized.
+
+2006-09-03 Igor Zelmanovich <igorz@mainsoft.com>
+
+ * SqlMembershipProvider.cs: fixed GetUser,
+ when username is String.Empty methods returns null.
+
+2006-08-31 Konstantin Triger <kostat@mainsoft.com>
+
+ * SqlRoleProvider.cs: fixed initialization.
+
+2006-08-31 Igor Zelmanovich <igorz@mainsoft.com>
+
+ * SqlMembershipProvider.cs: fixed CreateUser,
+ password is checked, properties MinRequiredPasswordLength and
+ MinRequiredNonAlphanumericCharacters are considered.
+
+2006-08-29 Konstantin Triger <kostat@mainsoft.com>
+
+ * SqlMembershipProvider.cs: fix dispose order of reader vs connection.
+
+2006-08-28 Igor Zelmanovich <igorz@mainsoft.com>
+
+ * SqlMembershipProvider.cs: fixed CreateUser, parameter isApproved is
+ considered.
+
+2006-08-28 Konstantin Triger <kostat@mainsoft.com>
+
+ * SqlMembershipProvider.cs: ensure GetUser() returns null if it cannot
+ retrieve user information.
+
+2006-08-28 Konstantin Triger <kostat@mainsoft.com>
+
+ * SqlRoleProvider.cs, SqlMembershipProvider.cs:
+ "use SqlClientFactory in case the ProviderName is not specified.
+
+2006-08-27 Konstantin Triger <kostat@mainsoft.com>
+
+ * SqlRoleProvider.cs: enable concurrent usage, refactoring.
+
+2006-08-27 Konstantin Triger <kostat@mainsoft.com>
+
+ * SqlMembershipProvider.cs: enable concurrent usage, refactoring.
+
+2006-08-27 Vladimir Krasnov <vladimirk@mainsoft.com>
+
+ * SqlMembershipProvider.cs: fixed ValidateUser, bug when user
+ not exists
+
+2006-08-14 Gonzalo Paniagua Javier <gonzalo@ximian.com>
+
+ * FormsAuthentication.cs: set the Secure attribute of the authentication
+ cookie when required.
+
+2006-07-06 Konstantin Triger <kostat@mainsoft.com>
+
+ * FormsAuthentication.cs: Ensure initialized, fix url mapping.
+
+2006-05-03 Chris Toshok <toshok@ximian.com>
+
+ * SqlMembershipProvider.cs (GetAlg): move this here for the time
+ being, as it's the only class that uses it.
+ (HashAndBase64Encode): nuke.
+ (EncryptAndBase64Encode): nuke.
+ (Base64DecodeAndDecrypt): nuke.
+ (DecryptPassword): new function.
+ (EncryptPassword): new function.
+ (ChangePassword): replace the switch with a call to
+ EncodePassword.
+ (ChangePasswordQuestionAndAnswer): same.
+ (CreateUser): same.
+ (ResetPassword): same.
+ (ValidateUsingPassword): same.
+ (ValidateUsingPasswordAnswer): same.
+ (GetPassword): same, and throw MembershipPasswordException if the
+ password answer is incorrect.
+
+ * MembershipProvider.cs (InitVector): nuke this. it's actually
+ the salt from the database (for the sql provider, anyway).
+ (EncodePassword): based on the password format, password, and
+ salt, encode it. Makes use of EncryptPassword.
+ (DecodePassword): likewise for decoding, makes use of
+ DecryptPassword.
+ (DecryptPassword): revert this to throwing
+ NotImplementedException, as the sql provideroverrides it to
+ perform the actual decryption.
+ (EncryptPassword): same.
+
+2006-05-02 Chris Toshok <toshok@ximian.com>
+
+ * SqlMembershipProvider.cs: 85% complete, maybe more. The major
+ functionality should work. Password retrieval (and encrypted
+ passwords in general) is untested.
+
+2006-05-01 Chris Toshok <toshok@ximian.com>
+
+ * Membership.cs (GeneratePassword): don't include quotes (',",`)
+ in the set of characters in the generated passwords.
+
+2006-05-01 Chris Toshok <toshok@ximian.com>
+
+ * MembershipProvider.cs (GetAlg): switch from Exception to
+ ProviderException to match MS behavior (and fix the unit test.)
+
+ * Membership.cs (GeneratePassword): implement.
+
+2006-05-01 Chris Toshok <toshok@ximian.com>
+
+ * SqlMembershipProvider.cs: lots more work. checking this in in
+ its present state because I don't want to lose it. It still needs
+ work.
+
+ * Membership.cs (.cctor): remove the fallback.
+ (ValidatingPassword): remove the MonoTODO.
+
+ * MembershipProvider.cs (DecryptPassword): implement.
+ (EncryptPassword): implement.
+ (GetAlg): helper function for Decrypt/EncryptPassword.
+ (InitVector): same.
+
+2006-04-27 Chris Toshok <toshok@ximian.com>
+
+ * SqlMembershipProvider.cs (GeneratePassword): call
+ Membership.GeneratePassword with the configured minimum strength
+ requirements.
+
+2006-04-27 Chris Toshok <toshok@ximian.com>
+
+ * SqlMembershipProvider.cs (UnlockUser): fix sql query, and move
+ the CheckPararm call to the top of the method.
+
+2006-04-12 Chris Toshok <toshok@ximian.com>
+
+ * SqlMembershipProvider.cs: commit initial pass at
+ SqlMembershipProvider work. lots of stuff untested in here.
+
+2006-04-11 Chris Toshok <toshok@ximian.com>
+
+ * MembershipUser.cs (.ctor): per Shackow's book, all DateTime's
+ are converted using ToUniversalTime when passed into this class.
+ (UpdateSelf): update ourselves from the passed in MembershipUser,
+ swallowing NotSupportedExceptions.
+ (UpdateUser): fetch a new MembershipUser from the db and call
+ UpdateSelf with it.
+ (ChangePassword): call UpdateUser after changing the password.
+ (ChangePasswordQuestionAndAnswer): same.
+ (ResetPassword): same.
+ (UnlockUser): same. Also, don't explicitly set isLockedOut.
+ It'll be updated in UpdateSelf.
+ (CreationDate): getter calls ToLocalTime, setter calls
+ ToUniversalTime.
+ (LastActivityDate): same.
+ (LastLoginDate): same.
+ (LastPasswordChangedDate): same.
+ (LastLockoutDate): same.
+
+ * Membership.cs (.cctor): use
+ ProvidersHelper.InstantitateProviders, and remove some unnecessary
+ #if NET_2_0's.
+
+2006-03-29 Chris Toshok <toshok@ximian.com>
+
+ * SqlRoleProvider.cs: do the LOWER's in SQL, not in C#.
+
+2006-03-23 Chris Toshok <toshok@ximian.com>
+
+ * Roles.cs: make this 2.0 configuration aware.
+
+ * SqlRoleProvider.cs: flesh out all the operations. the only
+ things that need dealing with are the Initialize method's handling
+ of a few parameters, and the ApplicationName property.
+
+2006-03-23 Chris Toshok <toshok@ximian.com>
+
+ * DefaultAuthenticationModule.cs (OnDefaultAuthentication): always
+ set Thread.CurrentPrincipal, not just if we set it to the
+ GenericPrincipal.
+
+2006-03-22 Chris Toshok <toshok@ximian.com>
+
+ * RoleManagerModule.cs: implement using info in Shackow's book.
+
+ * RolePrincipal.cs: flesh this out a bit more.
+
+ * DefaultAuthenticationModule.cs (OnDefaultAuthentication):
+ according to Shackow's book, this sets Thread.CurrentPrincipal as
+ well as HttpContext.Current.User.
+
+2006-02-28 Chris Toshok <toshok@ximian.com>
+
+ * FormsAuthentication.cs: corcompare work.
+
+ * MembershipCreateUserException.cs: same.
+
+ * MembershipPasswordException.cs: same.
+
+ * AnonymousIdentificationModule.cs: same.
+
2006-02-01 Chris Toshok <toshok@ximian.com>
* FormsAuthentication.cs, Membership.cs,
projects / mono.git / blobdiff