+2010-06-19 Marek Habersack <mhabersack@novell.com>
+
+ * FormsAuthentication.cs: Authenticate must compare stored and
+ newly hashed passwords case-insensitively. Fixes bug #601727
+
+2010-04-29 Marek Habersack <mhabersack@novell.com>
+
+ * FormsAuthentication.cs: set authentication/expiry cookie
+ domain. Fixes bug #600740. Patch from Stuart Siegrist
+ <stuart@cbtnuggets.com>, thanks!
+
+2010-04-28 Marek Habersack <mhabersack@novell.com>
+
+ * RolePrincipal.cs: class is not sealed in 4.0
+
+ * MembershipUser.cs: type forwarded to
+ System.Web.ApplicationServices in 4.0.
+ In the 4.0 profile, a MembershipHelper instance is created using
+ reflection, so that the Membership class and password
+ encryption/decryption services can be accessed without referencing
+ System.Web
+
+ * MembershipProvider.cs: type forwarded to
+ System.Web.ApplicationServices in 4.0.
+ {Encrypt,Decrypt}Password implementations moved to
+ MembershipHelper.
+ Added new EncryptPassword overload for 4.0
+
+ * MembershipHelper.cs: a helper class to handle password
+ encryption/decryption and to forward requests for certain
+ Membership properties in 4.0. It is used also in 2.0 to keep code
+ cleaner. System.Web.ApplicationServices uses it to access the
+ Membership class without having to reference System.Web
+
+ * MembershipCreateStatus.cs, MembershipCreateUserException.cs,
+ MembershipPasswordException.cs, MembershipPasswordFormat.cs,
+ MembershipProviderCollection.cs, MembershipUserCollection.cs,
+ MembershipValidatePasswordEventHandler.cs, RoleProvider.cs,
+ ValidatePasswordEventArgs.cs:
+ types forwarded to System.Web.ApplicationServices in 4.0
+
+ * FormsIdentity.cs: class is not sealed in 4.0
+
+2010-02-11 Marek Habersack <mhabersack@novell.com>
+
+ * Roles.cs: IsUserInRole checks if username is null or empty
+ before attempting to use it. Patch from Tiaan Geldenhuys
+ <tagdev@gmail.com>. thanks!
+
+2009-09-22 Sebastien Pouliot <sebastien@ximian.com>
+
+ * MembershipProvider.cs: Ensure password decryption is always
+ possible.
+ [Fix bug #538406]
+
+2009-07-09 Gonzalo Paniagua Javier <gonzalo@novell.com>
+
+ * SqliteMembershipProvider.cs:
+ * UrlAuthorizationModule.cs: use GetSection instead of
+ OpenWebConfiguration+GetSection.
+
+2009-05-28 Marek Habersack <mhabersack@novell.com>
+
+ * FormsAuthenticationModule.cs: if forms authentication login URL
+ is not rooted, make it relative to the application root, so that
+ MapPath maps it correctly.
+ Use String.Compare for checking whether requested URL matches the
+ login URL - be case-insensitive when running on Windows or with
+ IOMAP in effect.
+
+2009-03-10 Marek Habersack <mhabersack@novell.com>
+
+ * UrlAuthorizationModule.cs: OnAuthorizeRequest must use the
+ configuration from <location> elements in the config. Fixes bug
+ #467221
+
+2009-02-28 Gonzalo Paniagua Javier <gonzalo@novell.com>
+
+ * FormsAuthentication.cs: use GetWebApplication instead of GetSection
+ for application level configuration.
+
+2009-01-12 Marek Habersack <mhabersack@novell.com>
+
+ * MembershipUserCollection.cs: CopyTo overloads use store.Values
+ as the copy source. Fixes bug #464783. Patch from Christian
+ Prochnow <cproch@seculogix.de>
+
+2008-12-25 Gonzalo Paniagua Javier <gonzalo@novell.com>
+
+ * SqlRoleProvider.cs:
+ * SqlMembershipProvider.cs: use IndexOf (char) instead of
+ IndexOf (string).
+
+2008-08-20 Marek Habersack <mhabersack@novell.com>
+
+ * Membership.cs: implemented the HashAlgorithmType property. Fixes
+ bug #418458
+
+2008-06-30 Marek Habersack <mhabersack@novell.com>
+
+ * SqliteMembershipProvider.cs, SqliteRoleProvider.cs: remove
+ unused method
+
+ * SqlRoleProvider.cs, AspNetDBSchemaChecker.cs: hush the warnings
+
+2008-05-30 Marek Habersack <mhabersack@novell.com>
+
+ * AnonymousIdentificationModule.cs, FormsAuthenticationModule.cs,
+ DefaultAuthenticationModule.cs, MembershipProvider.cs,
+ WindowsAuthenticationModule.cs, PassportAuthenticationModule.cs,
+ RoleManagerModule.cs: do not use synthetized event accessors (to
+ avoid locks).
+
+2008-05-07 Marek Habersack <mhabersack@novell.com>
+
+ * RolePrincipal.cs: fix:
+ - Reloading the roles cache from the provider when expired
+ - Update issue & expiry date for expired tickets
+ - Incrementing the cookie expiry date
+ - Obey Roles.MaxCachedResults
+ Fixes bug #385877. Patch from Ivan Hamilton
+ <ivan@chimerical.com.au>, thanks!
+
+2008-03-10 Marek Habersack <mhabersack@novell.com>
+
+ * RoleManagerModule.cs: initialize _config before adding event
+ handlers and account for the fact that _config might still be null
+ in the methods that use it.
+
+2007-12-30 Vladimir Krasnov <vladimirk@mainsoft.com>
+
+ * SqliteMembershipProvider.cs, SqlRoleProvider.cs: added chema checking
+ * added AspNetDBSchemaChecker.cs: schema checker helper class
+
+2007-12-11 Vladimir Krasnov <vladimirk@mainsoft.com>
+
+ * Roles.cs: fixed Providers property to be thread safe
+
+2007-12-08 Marek Habersack <mhabersack@novell.com>
+
+ * SqliteRoleProvider.cs: added - a Role Provider for
+ Sqlite, based on PostgreSQL Role Provider code from Daniel
+ Nauck <dna@informatik.uni-kiel.de>
+
+ * SqliteMembershipProvider.cs: added - a Membership Provider for
+ Sqlite, based on PostgreSQL Membership Provider code from Daniel
+ Nauck <dna@informatik.uni-kiel.de>
+
+2007-11-28 Marek Habersack <mhabersack@novell.com>
+
+ * SqlMembershipProvider.cs: handle situation when there is no
+ connection string configured for the SQL Membership Provider.
+
+2007-11-01 Marek Habersack <mhabersack@novell.com>
+
+ * RolePrincipal.cs, MembershipProvider.cs: use the new
+ MachineKeySectionUtils class wherever necessary.
+
+ * FormsAuthentication.cs: use the new MachineKeySectionUtils class
+ wherever necessary.
+ GetHexString is a private method again.
+
+2007-10-31 Marek Habersack <mhabersack@novell.com>
+
+ * FormsAuthentication.cs: made GetHexString an internal method -
+ it is used in the AssemblyResourceLoader.cs
+
+2007-08-14 Marek Habersack <mhabersack@novell.com>
+
+ * Roles.cs: remove unused field.
+
+ * SqlMembershipProvider.cs: remove unused variable.
+
+2007-08-13 Vladimir Krasnov <vladimirk@mainsoft.com>
+
+ * SqlRoleProvider.cs: fixed ApplicationName initialization
+
+2007-06-24 Vladimir Krasnov <vladimirk@mainsoft.com>
+
+ * FormsAuthentication.cs: improved performance of GetHexString()
+
+2007-05-17 Vladimir Krasnov <vladimirk@mainsoft.com>
+
+ * SqlMembershipProvider.cs: fixed DeleteUser, fixed parameter name
+
+2007-05-14 Igor Zelmanovich <igorz@mainsoft.com>
+
+ * SqlMembershipProvider.cs: Fix parameter binding to stored procedures.
+
+2007-05-09 Igor Zelmanovich <igorz@mainsoft.com>
+
+ * PassportIdentity.cs:
+ added MonoNotSupported attribute.
+
+2007-05-02 Marek Habersack <mhabersack@novell.com>
+
+ * FormsAuthentication.cs: user names are stored in lowercase in
+ the credentials database.
+
+2007-04-29 Igor Zelmanovich <igorz@mainsoft.com>
+
+ * FormsAuthenticationModule.cs:
+ Redirect to login page doesn't cause thread abort.
+
2007-04-19 Igor Zelmanovich <igorz@mainsoft.com>
* SqlMembershipProvider.cs: