1 2010-06-19 Marek Habersack <mhabersack@novell.com>
3 * FormsAuthentication.cs: Authenticate must compare stored and
4 newly hashed passwords case-insensitively. Fixes bug #601727
6 2010-04-29 Marek Habersack <mhabersack@novell.com>
8 * FormsAuthentication.cs: set authentication/expiry cookie
9 domain. Fixes bug #600740. Patch from Stuart Siegrist
10 <stuart@cbtnuggets.com>, thanks!
12 2010-04-28 Marek Habersack <mhabersack@novell.com>
14 * RolePrincipal.cs: class is not sealed in 4.0
16 * MembershipUser.cs: type forwarded to
17 System.Web.ApplicationServices in 4.0.
18 In the 4.0 profile, a MembershipHelper instance is created using
19 reflection, so that the Membership class and password
20 encryption/decryption services can be accessed without referencing
23 * MembershipProvider.cs: type forwarded to
24 System.Web.ApplicationServices in 4.0.
25 {Encrypt,Decrypt}Password implementations moved to
27 Added new EncryptPassword overload for 4.0
29 * MembershipHelper.cs: a helper class to handle password
30 encryption/decryption and to forward requests for certain
31 Membership properties in 4.0. It is used also in 2.0 to keep code
32 cleaner. System.Web.ApplicationServices uses it to access the
33 Membership class without having to reference System.Web
35 * MembershipCreateStatus.cs, MembershipCreateUserException.cs,
36 MembershipPasswordException.cs, MembershipPasswordFormat.cs,
37 MembershipProviderCollection.cs, MembershipUserCollection.cs,
38 MembershipValidatePasswordEventHandler.cs, RoleProvider.cs,
39 ValidatePasswordEventArgs.cs:
40 types forwarded to System.Web.ApplicationServices in 4.0
42 * FormsIdentity.cs: class is not sealed in 4.0
44 2010-02-11 Marek Habersack <mhabersack@novell.com>
46 * Roles.cs: IsUserInRole checks if username is null or empty
47 before attempting to use it. Patch from Tiaan Geldenhuys
48 <tagdev@gmail.com>. thanks!
50 2009-09-22 Sebastien Pouliot <sebastien@ximian.com>
52 * MembershipProvider.cs: Ensure password decryption is always
56 2009-07-09 Gonzalo Paniagua Javier <gonzalo@novell.com>
58 * SqliteMembershipProvider.cs:
59 * UrlAuthorizationModule.cs: use GetSection instead of
60 OpenWebConfiguration+GetSection.
62 2009-05-28 Marek Habersack <mhabersack@novell.com>
64 * FormsAuthenticationModule.cs: if forms authentication login URL
65 is not rooted, make it relative to the application root, so that
66 MapPath maps it correctly.
67 Use String.Compare for checking whether requested URL matches the
68 login URL - be case-insensitive when running on Windows or with
71 2009-03-10 Marek Habersack <mhabersack@novell.com>
73 * UrlAuthorizationModule.cs: OnAuthorizeRequest must use the
74 configuration from <location> elements in the config. Fixes bug
77 2009-02-28 Gonzalo Paniagua Javier <gonzalo@novell.com>
79 * FormsAuthentication.cs: use GetWebApplication instead of GetSection
80 for application level configuration.
82 2009-01-12 Marek Habersack <mhabersack@novell.com>
84 * MembershipUserCollection.cs: CopyTo overloads use store.Values
85 as the copy source. Fixes bug #464783. Patch from Christian
86 Prochnow <cproch@seculogix.de>
88 2008-12-25 Gonzalo Paniagua Javier <gonzalo@novell.com>
91 * SqlMembershipProvider.cs: use IndexOf (char) instead of
94 2008-08-20 Marek Habersack <mhabersack@novell.com>
96 * Membership.cs: implemented the HashAlgorithmType property. Fixes
99 2008-06-30 Marek Habersack <mhabersack@novell.com>
101 * SqliteMembershipProvider.cs, SqliteRoleProvider.cs: remove
104 * SqlRoleProvider.cs, AspNetDBSchemaChecker.cs: hush the warnings
106 2008-05-30 Marek Habersack <mhabersack@novell.com>
108 * AnonymousIdentificationModule.cs, FormsAuthenticationModule.cs,
109 DefaultAuthenticationModule.cs, MembershipProvider.cs,
110 WindowsAuthenticationModule.cs, PassportAuthenticationModule.cs,
111 RoleManagerModule.cs: do not use synthetized event accessors (to
114 2008-05-07 Marek Habersack <mhabersack@novell.com>
116 * RolePrincipal.cs: fix:
117 - Reloading the roles cache from the provider when expired
118 - Update issue & expiry date for expired tickets
119 - Incrementing the cookie expiry date
120 - Obey Roles.MaxCachedResults
121 Fixes bug #385877. Patch from Ivan Hamilton
122 <ivan@chimerical.com.au>, thanks!
124 2008-03-10 Marek Habersack <mhabersack@novell.com>
126 * RoleManagerModule.cs: initialize _config before adding event
127 handlers and account for the fact that _config might still be null
128 in the methods that use it.
130 2007-12-30 Vladimir Krasnov <vladimirk@mainsoft.com>
132 * SqliteMembershipProvider.cs, SqlRoleProvider.cs: added chema checking
133 * added AspNetDBSchemaChecker.cs: schema checker helper class
135 2007-12-11 Vladimir Krasnov <vladimirk@mainsoft.com>
137 * Roles.cs: fixed Providers property to be thread safe
139 2007-12-08 Marek Habersack <mhabersack@novell.com>
141 * SqliteRoleProvider.cs: added - a Role Provider for
142 Sqlite, based on PostgreSQL Role Provider code from Daniel
143 Nauck <dna@informatik.uni-kiel.de>
145 * SqliteMembershipProvider.cs: added - a Membership Provider for
146 Sqlite, based on PostgreSQL Membership Provider code from Daniel
147 Nauck <dna@informatik.uni-kiel.de>
149 2007-11-28 Marek Habersack <mhabersack@novell.com>
151 * SqlMembershipProvider.cs: handle situation when there is no
152 connection string configured for the SQL Membership Provider.
154 2007-11-01 Marek Habersack <mhabersack@novell.com>
156 * RolePrincipal.cs, MembershipProvider.cs: use the new
157 MachineKeySectionUtils class wherever necessary.
159 * FormsAuthentication.cs: use the new MachineKeySectionUtils class
161 GetHexString is a private method again.
163 2007-10-31 Marek Habersack <mhabersack@novell.com>
165 * FormsAuthentication.cs: made GetHexString an internal method -
166 it is used in the AssemblyResourceLoader.cs
168 2007-08-14 Marek Habersack <mhabersack@novell.com>
170 * Roles.cs: remove unused field.
172 * SqlMembershipProvider.cs: remove unused variable.
174 2007-08-13 Vladimir Krasnov <vladimirk@mainsoft.com>
176 * SqlRoleProvider.cs: fixed ApplicationName initialization
178 2007-06-24 Vladimir Krasnov <vladimirk@mainsoft.com>
180 * FormsAuthentication.cs: improved performance of GetHexString()
182 2007-05-17 Vladimir Krasnov <vladimirk@mainsoft.com>
184 * SqlMembershipProvider.cs: fixed DeleteUser, fixed parameter name
186 2007-05-14 Igor Zelmanovich <igorz@mainsoft.com>
188 * SqlMembershipProvider.cs: Fix parameter binding to stored procedures.
190 2007-05-09 Igor Zelmanovich <igorz@mainsoft.com>
192 * PassportIdentity.cs:
193 added MonoNotSupported attribute.
195 2007-05-02 Marek Habersack <mhabersack@novell.com>
197 * FormsAuthentication.cs: user names are stored in lowercase in
198 the credentials database.
200 2007-04-29 Igor Zelmanovich <igorz@mainsoft.com>
202 * FormsAuthenticationModule.cs:
203 Redirect to login page doesn't cause thread abort.
205 2007-04-19 Igor Zelmanovich <igorz@mainsoft.com>
207 * SqlMembershipProvider.cs:
208 ChangePassword throws exception if new password has invalid format.
210 2007-04-17 Igor Zelmanovich <igorz@mainsoft.com>
214 if default provider was not found ConfigurationErrorsException is thrown.
216 2007-04-12 Marek Habersack <mhabersack@novell.com>
218 * RoleManagerModule.cs: do not try to decrypt encryption tickets
219 from cookies with empty values.
221 2007-04-04 Juraj Skripsky <js@hotfeet.ch>
223 * FormsAuthenticationModule.cs: Move initialization of _config out
224 of Init() as app.Context is null in that method when a session is
225 about to be terminated.
227 2007-03-21 Vladimir Krasnov <vladimirk@mainsoft.com>
229 * AnonymousIdentificationModule.cs: optimized Config property
231 2007-03-21 Vladimir Krasnov <vladimirk@mainsoft.com>
233 * AnonymousIdentificationModule.cs: added configuration section caching
234 to AppDomain for TARGET_JVM
235 * RoleManagerModule.cs:
236 * UrlAuthorizationModule.cs:
237 * FormsAuthenticationModule.cs: refactored configuration section to be
240 2007-03-20 Marek Habersack <mhabersack@novell.com>
242 * FormsAuthentication.cs, Roles.cs: remove roles cookie on sign
243 out. Fixes bug #81195. Patch from Mike Morano <mmorano@mikeandwan.us>.
245 2007-03-12 Marek Habersack <mhabersack@novell.com>
247 * RolePrincipal.cs: decrypt the roles ticket properly. Makes role
248 caching in cookies work. Fixes bug #81117. Patch from Mike Morano
249 <mmorano@mikeandwan.us>
251 2007-03-02 Marek Habersack <mhabersack@novell.com>
253 * SqlMembershipProvider.cs: cast PasswordFormat to int, so that
254 the parameter code can infer the sql type. Makes user creation,
255 password reset etc. work.
257 2007-02-28 Andreia Gaita <avidigal@novell.com>
259 * SqlRoleProvider.cs: Fix parameter binding to stored procedures.
260 * SqlMembershipProvider.cs: Fix parameter binding to stored procedures.
261 CreateUser() doesn't use transactions in MS asp.net, so removed the
264 2007-02-19 Vladimir Krasnov <vladimirk@mainsoft.com>
266 * RoleManagerModule.cs: fixed role chaching in OnEndRequest and
267 OnPostAuthenticateRequest
268 * RolePrincipal.cs: implemented ToEncryptedTicket, implemented caching
270 * Roles.cs: implemented DeleteCookie, fixed CookieProtectionValue to
271 get it's value from configuration
273 2007-02-08 Marek Habersack <grendello@gmail.com>
275 * FormsAuthenticationModule.cs: Expire auth tickets properly.
277 * MembershipProvider.cs: Do not clear the password before
280 2007-01-20 Miguel de Icaza <miguel@novell.com>
282 * SqlRoleProvider.cs: comment out unused code.
284 * SqlMembershipProvider.cs: Removed unused variables.
285 Remove unused variable.
287 * AnonymousIdentificationModule.cs (ClearAnonymousIdentifier):
288 remove unused variable. This might be a real bug.
290 2007-01-16 Vladimir Krasnov <vladimirk@mainsoft.com>
292 * RoleManagerModule.cs: fixed OnPostAuthenticateRequest,
293 CacheRolesInCookie not supported yet
294 * Roles.cs: fixed DeleteCookie, CacheRolesInCookie not supported yet
296 2007-01-11 Adar Wesley <adarw@mainsoft.com>
298 * MembershipProvider.cs: fixed EncryptPassword to use password buffer length
300 2007-01-04 Vladimir Krasnov <vladimirk@mainsoft.com>
302 * AnonymousIdentificationModule.cs: fixed OnEnter, fixed failure on
303 incorrect cookie value that browser may hold
305 2006-12-27 Vladimir Krasnov <vladimirk@mainsoft.com>
307 * FormsAuthentication.cs: added internal ReturnUrl property,
308 GetRedirectUrl added usage of ReturnUrl
310 2006-12-12 Vladimir Krasnov <vladimirk@mainsoft.com>
312 * FormsAuthentication.cs: TARGET_J2EE define for static members
314 2006-12-06 Vladimir Krasnov <vladimirk@mainsoft.com>
316 * FormsAuthenticationModule.cs: fixed OnAuthenticateRequest, suppress
317 exception on wrong ticket
319 2006-12-03 Igor Zelmanovich <igorz@mainsoft.com>
321 * FormsAuthenticationModule.cs:
322 set SkipAuthorization=true for WebResource.axd
324 2006-11-27 Vladimir Krasnov <vladimirk@mainsoft.com>
326 * SqlMembershipProvider.cs: typo bug
328 2006-11-21 Vladimir Krasnov <vladimirk@mainsoft.com>
330 * SqlMembershipProvider.cs: fixed fixed exception type in GetPassword
333 2006-11-20 Igor Zelmanovich <igorz@mainsoft.com>
335 * SqlMembershipProvider.cs: fixed: UpdateUser works properly.
337 2006-11-15 Igor Zelmanovich <igorz@mainsoft.com>
339 * SqlMembershipProvider.cs: fixed: name is used for ReturnValue parameter.
341 2006-11-05 Vladimir Krasnov <vladimirk@mainsoft.com>
343 * AnonymousIdentificationModule.cs: fixed anonymous id cookie
345 2006-11-05 Vladimir Krasnov <vladimirk@mainsoft.com>
347 * MembershipProvider.cs, SqlMembershipProvider.cs:
348 refactoring of DecryptPassword and EncryptPassword methods according
351 2006-09-10 Konstantin Triger <kostat@mainsoft.com>
353 * SqlRoleProvider.cs: throw on empty connection string.
355 2006-09-26 Vladimir Krasnov <vladimirk@mainsoft.com>
357 * Membership.cs: fixed GetAllUsers, typo bug
358 * SqlRoleProvider.cs, SqlMembershipProvider.cs: refactored to use
359 aspnetdb built in stored procedures,
360 fixed application name and membership relation,
361 improved exception handling
363 2006-09-03 Igor Zelmanovich <igorz@mainsoft.com>
365 * RolePrincipal.cs: refactoring: instance can be serialized.
367 2006-09-03 Igor Zelmanovich <igorz@mainsoft.com>
369 * SqlMembershipProvider.cs: fixed GetUser,
370 when username is String.Empty methods returns null.
372 2006-08-31 Konstantin Triger <kostat@mainsoft.com>
374 * SqlRoleProvider.cs: fixed initialization.
376 2006-08-31 Igor Zelmanovich <igorz@mainsoft.com>
378 * SqlMembershipProvider.cs: fixed CreateUser,
379 password is checked, properties MinRequiredPasswordLength and
380 MinRequiredNonAlphanumericCharacters are considered.
382 2006-08-29 Konstantin Triger <kostat@mainsoft.com>
384 * SqlMembershipProvider.cs: fix dispose order of reader vs connection.
386 2006-08-28 Igor Zelmanovich <igorz@mainsoft.com>
388 * SqlMembershipProvider.cs: fixed CreateUser, parameter isApproved is
391 2006-08-28 Konstantin Triger <kostat@mainsoft.com>
393 * SqlMembershipProvider.cs: ensure GetUser() returns null if it cannot
394 retrieve user information.
396 2006-08-28 Konstantin Triger <kostat@mainsoft.com>
398 * SqlRoleProvider.cs, SqlMembershipProvider.cs:
399 "use SqlClientFactory in case the ProviderName is not specified.
401 2006-08-27 Konstantin Triger <kostat@mainsoft.com>
403 * SqlRoleProvider.cs: enable concurrent usage, refactoring.
405 2006-08-27 Konstantin Triger <kostat@mainsoft.com>
407 * SqlMembershipProvider.cs: enable concurrent usage, refactoring.
409 2006-08-27 Vladimir Krasnov <vladimirk@mainsoft.com>
411 * SqlMembershipProvider.cs: fixed ValidateUser, bug when user
414 2006-08-14 Gonzalo Paniagua Javier <gonzalo@ximian.com>
416 * FormsAuthentication.cs: set the Secure attribute of the authentication
417 cookie when required.
419 2006-07-06 Konstantin Triger <kostat@mainsoft.com>
421 * FormsAuthentication.cs: Ensure initialized, fix url mapping.
423 2006-05-03 Chris Toshok <toshok@ximian.com>
425 * SqlMembershipProvider.cs (GetAlg): move this here for the time
426 being, as it's the only class that uses it.
427 (HashAndBase64Encode): nuke.
428 (EncryptAndBase64Encode): nuke.
429 (Base64DecodeAndDecrypt): nuke.
430 (DecryptPassword): new function.
431 (EncryptPassword): new function.
432 (ChangePassword): replace the switch with a call to
434 (ChangePasswordQuestionAndAnswer): same.
436 (ResetPassword): same.
437 (ValidateUsingPassword): same.
438 (ValidateUsingPasswordAnswer): same.
439 (GetPassword): same, and throw MembershipPasswordException if the
440 password answer is incorrect.
442 * MembershipProvider.cs (InitVector): nuke this. it's actually
443 the salt from the database (for the sql provider, anyway).
444 (EncodePassword): based on the password format, password, and
445 salt, encode it. Makes use of EncryptPassword.
446 (DecodePassword): likewise for decoding, makes use of
448 (DecryptPassword): revert this to throwing
449 NotImplementedException, as the sql provideroverrides it to
450 perform the actual decryption.
451 (EncryptPassword): same.
453 2006-05-02 Chris Toshok <toshok@ximian.com>
455 * SqlMembershipProvider.cs: 85% complete, maybe more. The major
456 functionality should work. Password retrieval (and encrypted
457 passwords in general) is untested.
459 2006-05-01 Chris Toshok <toshok@ximian.com>
461 * Membership.cs (GeneratePassword): don't include quotes (',",`)
462 in the set of characters in the generated passwords.
464 2006-05-01 Chris Toshok <toshok@ximian.com>
466 * MembershipProvider.cs (GetAlg): switch from Exception to
467 ProviderException to match MS behavior (and fix the unit test.)
469 * Membership.cs (GeneratePassword): implement.
471 2006-05-01 Chris Toshok <toshok@ximian.com>
473 * SqlMembershipProvider.cs: lots more work. checking this in in
474 its present state because I don't want to lose it. It still needs
477 * Membership.cs (.cctor): remove the fallback.
478 (ValidatingPassword): remove the MonoTODO.
480 * MembershipProvider.cs (DecryptPassword): implement.
481 (EncryptPassword): implement.
482 (GetAlg): helper function for Decrypt/EncryptPassword.
485 2006-04-27 Chris Toshok <toshok@ximian.com>
487 * SqlMembershipProvider.cs (GeneratePassword): call
488 Membership.GeneratePassword with the configured minimum strength
491 2006-04-27 Chris Toshok <toshok@ximian.com>
493 * SqlMembershipProvider.cs (UnlockUser): fix sql query, and move
494 the CheckPararm call to the top of the method.
496 2006-04-12 Chris Toshok <toshok@ximian.com>
498 * SqlMembershipProvider.cs: commit initial pass at
499 SqlMembershipProvider work. lots of stuff untested in here.
501 2006-04-11 Chris Toshok <toshok@ximian.com>
503 * MembershipUser.cs (.ctor): per Shackow's book, all DateTime's
504 are converted using ToUniversalTime when passed into this class.
505 (UpdateSelf): update ourselves from the passed in MembershipUser,
506 swallowing NotSupportedExceptions.
507 (UpdateUser): fetch a new MembershipUser from the db and call
509 (ChangePassword): call UpdateUser after changing the password.
510 (ChangePasswordQuestionAndAnswer): same.
511 (ResetPassword): same.
512 (UnlockUser): same. Also, don't explicitly set isLockedOut.
513 It'll be updated in UpdateSelf.
514 (CreationDate): getter calls ToLocalTime, setter calls
516 (LastActivityDate): same.
517 (LastLoginDate): same.
518 (LastPasswordChangedDate): same.
519 (LastLockoutDate): same.
521 * Membership.cs (.cctor): use
522 ProvidersHelper.InstantitateProviders, and remove some unnecessary
525 2006-03-29 Chris Toshok <toshok@ximian.com>
527 * SqlRoleProvider.cs: do the LOWER's in SQL, not in C#.
529 2006-03-23 Chris Toshok <toshok@ximian.com>
531 * Roles.cs: make this 2.0 configuration aware.
533 * SqlRoleProvider.cs: flesh out all the operations. the only
534 things that need dealing with are the Initialize method's handling
535 of a few parameters, and the ApplicationName property.
537 2006-03-23 Chris Toshok <toshok@ximian.com>
539 * DefaultAuthenticationModule.cs (OnDefaultAuthentication): always
540 set Thread.CurrentPrincipal, not just if we set it to the
543 2006-03-22 Chris Toshok <toshok@ximian.com>
545 * RoleManagerModule.cs: implement using info in Shackow's book.
547 * RolePrincipal.cs: flesh this out a bit more.
549 * DefaultAuthenticationModule.cs (OnDefaultAuthentication):
550 according to Shackow's book, this sets Thread.CurrentPrincipal as
551 well as HttpContext.Current.User.
553 2006-02-28 Chris Toshok <toshok@ximian.com>
555 * FormsAuthentication.cs: corcompare work.
557 * MembershipCreateUserException.cs: same.
559 * MembershipPasswordException.cs: same.
561 * AnonymousIdentificationModule.cs: same.
563 2006-02-01 Chris Toshok <toshok@ximian.com>
565 * FormsAuthentication.cs, Membership.cs,
566 FormsAuthenticationModule.cs, UrlAuthorizationModule.cs: oops,
567 replace GetWebApplicationSection with GetSection.
569 2006-02-01 Chris Toshok <toshok@ximian.com>
571 * FormsAuthentication.cs: CONFIGURATION_2_0 => NET_2_0.
572 simplifies the ifdef mess quite a bit.
574 * Membership.cs: same.
576 * FormsAuthenticationModule.cs: same.
578 * UrlAuthorizationModule.cs: same.
580 2006-01-04 Chris Toshok <toshok@ximian.com>
582 * FormsAuthentication.cs (Authenticate): add CONFIGURATION_2_0
589 2006-01-04 Chris Toshok <toshok@ximian.com>
591 * Membership.cs (.cctor): enable the code here under
594 2006-01-03 Chris Toshok <toshok@ximian.com>
596 * UrlAuthorizationModule.cs (OnAuthorizeRequest): add
597 CONFIGURATION_2_0 code here.
599 2005-12-22 Gonzalo Paniagua Javier <gonzalo@ximian.com>
601 * FormsAuthentication.cs: don't end the request in
602 RedirectFromLoginPage.
604 2005-12-22 Gonzalo Paniagua Javier <gonzalo@ximian.com>
606 * FormsAuthenticationModule.cs: expire the cookie. Fixes bug #77043.
607 Patch by Cyrille Colin.
609 2005-12-13 Gonzalo Paniagua Javier <gonzalo@ximian.com>
611 * FormsAuthenticationModule.cs: ignore any exception thrown when mapping
612 the provided virtual path to the physical one. Patch by Cyrille Colin.
614 2005-11-28 Chris Toshok <toshok@ximian.com>
616 * FormsAuthenticationModule.cs (OnAuthenticateRequest):
617 CONFIGURATION_2_0 work.
618 (OnEndRequest): same.
620 2005-09-09 Sebastien Pouliot <sebastien@ximian.com>
622 * DefaultAuthenticationEventArgs.cs: Added LinkDemand for Minimal.
623 * DefaultAuthenticationModule.cs: Added LinkDemand for Minimal. Added
624 Demand for UnmanagedCode on constructor.
625 * FileAuthorizationModule.cs: Added LinkDemand for Minimal. Added
626 Demand for UnmanagedCode on constructor.
627 * FormsAuthentication.cs: Added LinkDemand for Minimal.
628 * FormsAuthenticationEventArgs.cs: Added LinkDemand for Minimal.
629 * FormsAuthenticationModule.cs: Added LinkDemand for Minimal. Added
630 Demand for UnmanagedCode on constructor.
631 * FormsAuthenticationTicket.cs: Added LinkDemand for Minimal.
632 * FormsIdentity.cs: Added LinkDemand for Minimal.
633 * PassportAuthenticationEventArgs.cs: Added LinkDemand for Minimal.
634 * PassportAuthenticationModule.cs: Added LinkDemand for Minimal. Added
635 Demand for UnmanagedCode on constructor.
636 * PassportIdentity.cs: Added LinkDemand for Minimal. Added Demand for
637 UnmanagedCode on constructor.
638 * UrlAuthorizationModule.cs: Added LinkDemand for Minimal. Added
639 Demand for UnmanagedCode on constructor.
640 * WindowsAuthenticationEventArgs.cs: Added LinkDemand for Minimal.
641 * WindowsAuthenticationModule.cs: Added LinkDemand for Minimal. Added
642 Demand for UnmanagedCode on constructor.
644 2005-09-01 Sebastien Pouliot <sebastien@ximian.com>
646 * FormsAuthenticationEventArgs.cs: Ensure the setter for User is
647 protected by a demand for ControlPrincipal.
648 * PassportAuthenticationEventArgs.cs: Ensure the setter for User is
649 protected by a demand for ControlPrincipal.
650 * WindowsAuthenticationEventArgs.cs: Ensure the setter for User is
651 protected by a demand for ControlPrincipal.
653 2005-08-25 Sebastien Pouliot <sebastien@ximian.com>
655 * FormsAuthentication.cs: With 2.0 we can get the default properties
656 and call Initialize without a NRE.
658 2005-08-25 Sebastien Pouliot <sebastien@ximian.com>
660 * ActiveDirectoryConnectionProtection.cs: New (2.0) enum.
661 * ActiveDirectoryMembershipProvider.cs: Fixed 2.0 API.
662 * AnonymousIdentificationEventArgs.cs: Fixed AnonymousID property case.
663 * AnonymousIdentificationModule.cs: Fixed 2.0 API.
664 * FileAuthorizationModule.cs: Added static CheckFileAccessForUser in
666 * FormsAuthentication.cs: Added missing 2.0 properties with their
668 * MembershipCreateStatus.cs: Fixed enum values/names.
669 * MembershipProvider.cs: Added stub for [Decrypt|Encrypt]Password. Both
670 methods don't seems to work without an active provider.
671 * PassportIdentity.cs: Added IDispose for 2.0 profile.
672 * Roles.cs: Added missing beta2 bits and default values (which are the
673 only things working without a role provider (web.config).
674 * RolePrincipal.cs: Fixed 2.0 API. Implemented a few bits.
675 * SqlRoleProvider.cs: Fixed 2.0 API.
676 * UrlAuthorizationModule.cs: Added static CheckUrlAccessForPrincipal in
679 2005-08-24 Sebastien Pouliot <sebastien@ximian.com>
681 * MembershipUserCollection.cs: Fix exceptions.
683 2005-08-22 Sebastien Pouliot <sebastien@ximian.com>
685 * FormsAuthentication.cs: Add some 2.0 stuff required for Login*
688 2005-08-18 Sebastien Pouliot <sebastien@ximian.com>
690 * Membership.cs: Commented unworking parts of the .cctor to allow
691 testing the Login control.
692 * MembershipProviderCollection.cs: Fixed exception handling.
693 * SqlMembershipProvider.cs: Don't throw NotImplementedException
694 everywhere so Membership's .cctor (somewhat) works. Removed
695 Description property (not in beta2).
697 2005-07-28 Gonzalo Paniagua Javier <gonzalo@ximian.com>
699 * FormsAuthentication.cs: allow hardware acceleration support if
700 available. Sebastien dixit.
702 2005-07-26 Gonzalo Paniagua Javier <gonzalo@ximian.com>
704 * FormsAuthentication.cs: the init_vector must be the same accross
705 restarts, otherwise the cookie does not work even when a decryption
706 key is provided. Initialize it to the bytes of the cookie name. Fixes
709 2005-07-25 Eyal Alaluf <eyala@mainsoft.com>
711 * FormsAuthenticationModule.cs: Check for null config
713 2005-07-25 Miguel de Icaza <miguel@novell.com>
715 * FormsAuthentication.cs (SignOut): Force the cookie to have it
718 2005-07-25 Gonzalo Paniagua Javier <gonzalo@ximian.com>
720 * FormsAuthentication.cs: my previous patch missed a "small" detail: it
721 didn't include the verification key when computing/checking the
722 validation hash. Now this is really a MAC or HMAC or...
724 2005-07-25 Gonzalo Paniagua Javier <gonzalo@ximian.com>
726 * FormsAuthentication.cs:
727 * FormsAuthenticationTicket.cs: added support for validation and
728 encryption of the auth. cookie and improved serialization of the ticket.
730 2005-07-01 Lluis Sanchez Gual <lluis@novell.com>
732 * Membership.cs: Read provider info from the config file.
734 2005-06-10 Lluis Sanchez Gual <lluis@novell.com>
736 * MembershipUserCollection.cs:
737 * MembershipPasswordException.cs:
738 * RoleProviderCollection.cs:
739 * ActiveDirectoryMembershipProvider.cs:
740 * SqlMembershipProvider.cs:
741 * MembershipProvider.cs:
742 * SqlRoleProvider.cs:
745 * MembershipProviderCollection.cs:
747 * RoleProvider.cs: Track api changes in ASP.NET 2.0. Implemented
748 some missing methods.
750 * AccessRoleProvider.cs:
751 * AccessMembershipProvider.cs: Removed.
753 * MembershipCreateUserException.cs:
754 * MembershipValidatePasswordEventHandler.cs:
755 * ValidatePasswordEventArgs.cs: Implemented.
757 2005-05-21 Sebastien Pouliot <sebastien@ximian.com>
759 * FormsAuthentication.cs: Hash the UTF8 representation of the password
760 strings (to be compatible with Microsoft implementation).
762 2005-04-20 Gonzalo Paniagua Javier <gonzalo@ximian.com>
764 * FormsAuthentication.cs:
765 * PassportAuthenticationModule.cs:
766 * WindowsAuthenticationModule.cs: removed warnings.
768 2005-03-11 Gonzalo Paniagua Javier <gonzalo@ximian.com>
770 * FormsAuthenticationModule.cs: fix for bug 73545, which caused
771 authentication not to work when the cookie was not persistent.
772 Patch by Ilya Kharmatsky (Mainsoft).
774 2005-02-23 Gonzalo Paniagua Javier <gonzalo@ximian.com>
776 * FormsAuthentication.cs: make the string to be stored in a config.
777 file uppercase... See bug #72557.
779 2005-02-06 Gonzalo Paniagua Javier <gonzalo@ximian.com>
781 * FormsAuthentication.cs: fixed typo when getting the hash for the
782 password in SHA1 and MD5. Thanks to Tadas Dailyda.
783 Lock on a static object instead of typeof(FormsAuthentication).
785 2004-11-18 Lluis Sanchez Gual <lluis@novell.com>
787 * RoleProvider.cs, Roles.cs, SqlRoleProvider.cs, RoleProviderCollection.cs,
788 AccessRoleProvider.cs: IRoleProvider has been renamed to ProviderBase.
789 * IMembershipProvider.cs: Deleted.
790 * MembershipProvider.cs, AccessMembershipProvider.cs, MembershipUser.cs,
791 Membership.cs, ADMembershipProvider.cs, SqlMembershipProvider.cs
792 MembershipProviderCollection.cs: MembershipProvider has been deleted
793 and replaced by the abstract class MembershipProvider.
794 * MembershipProviderCollection.cs: Minor fixes.
795 * ADMembershipProvider.cs: Renamed to ActiveDirectoryMembershipProvider.cs.
797 2004-11-15 Lluis Sanchez Gual <lluis@novell.com>
799 * RoleProviderCollection.cs, MembershipProviderCollection.cs:
802 2004-08-23 Gonzalo Paniagua Javier <gonzalo@ximian.com>
804 * FormsAuthentication.cs: patch by Jim Pease to fix the date on renewal.
806 2004-08-22 Gonzalo Paniagua Javier <gonzalo@ximian.com>
808 * FormsAuthenticationModule.cs: don't renew expired cookies. Only renew
809 the cookie if SlidingExpiration is set. Thanks to Jim Pease.
811 2004-08-03 Sanjay Gupta <gsanjay@novell.com>
813 * MembershipSortOptions.cs:
814 * MembershipPasswordFormat.cs:
815 * MembershipOnlineStatus.cs:
816 * MembershipCreateStatus.cs:
817 * CookieProtection.cs: minor modifications.
819 2004-06-12 Pedro Martnez Juli <yoros@wanadoo.es>
821 * FormsAuthentication.cs: Undo last change.
823 2004-06-12 Pedro Martnez Juli <yoros@wanadoo.es>
825 * FormsAuthentication.cs: go to loginUrl from web.config settings
826 before try with the default ones.
828 2004-06-11 Gonzalo Paniagua Javier <gonzalo@ximian.com>
830 * DefaultAuthenticationModule.cs: set the IPrincipal for this thread
831 once we have a user. Fixes bug #59683.
833 2004-04-21 Gonzalo Paniagua Javier <gonzalo@ximian.com>
835 * FormsAuthenticationModule.cs: re-read configuration files if needed
836 when determining if forms auth. is used.
838 2004-01-23 Gonzalo Paniagua Javier <gonzalo@ximian.com>
840 * FormsAuthentication.cs: added RequireSSL and SlidingExpiration.
842 2004-01-11 Andreas Nahr <ClassDevelopment@A-SoftTech.com>
844 * PassportIdentity.cs: Added v 1.1 members
846 2003-11-25 Ben Maurer <bmaurer@users.sourceforge.net>
848 * AccessMembershipProvider.cs: New v2 file
849 * AccessRoleProvider.cs: New v2 file
850 * ADMembershipProvider.cs: New v2 file
851 * AnonymousIdentificationEventArgs.cs: New v2 file
852 * AnonymousIdentificationEventHandler.cs: New v2 file
853 * AnonymousIdentificationModule.cs: New v2 file
854 * CookieProtection.cs: New v2 file
855 * IMembershipProvider.cs: New v2 file
856 * IRoleProvider.cs: New v2 file
857 * Membership.cs: New v2 file
858 * MembershipCreateStatus.cs: New v2 file
859 * MembershipCreateUserException.cs: New v2 file
860 * MembershipOnlineStatus.cs: New v2 file
861 * MembershipPasswordException.cs: New v2 file
862 * MembershipPasswordFormat.cs: New v2 file
863 * MembershipProviderCollection.cs: New v2 file
864 * MembershipSortOptions.cs: New v2 file
865 * MembershipUser.cs: New v2 file
866 * MembershipUserCollection.cs: New v2 file
867 * RoleManagerEventArgs.cs: New v2 file
868 * RoleManagerEventHandler.cs: New v2 file
869 * RoleManagerModule.cs: New v2 file
870 * RolePrincipal.cs: New v2 file
871 * RoleProviderCollection.cs: New v2 file
872 * Roles.cs: New v2 file
873 * SqlMembershipProvider.cs: New v2 file
874 * SqlRoleProvider.cs: New v2 file
876 2003-11-05 Gonzalo Paniagua Javier <gonzalo@ximian.com>
878 * FormsAuthentication.cs: encoding updates.
880 2003-10-04 Gonzalo Paniagua Javier <gonzalo@ximian.com>
882 * FormsAuthenticationModule.cs: fixed for applications other than /.
884 2003-08-27 Gonzalo Paniagua Javier <gonzalo@ximian.com>
886 * UrlAuthorizationModule.cs: fixed description for status code.
888 2003-07-31 Gonzalo Paniagua Javier <gonzalo@ximian.com>
890 * FormsAuthenticationModule.cs: really renew the ticket. Thanks to
891 Jens Thiel <Jens@Thiel.DE>.
893 2003-02-13 Gonzalo Paniagua Javier <gonzalo@ximian.com>
895 * UrlAuthorizationModule.cs: tell the application not to run any other
896 step apart from EndRequest.
898 2003-02-12 Gonzalo Paniagua Javier <gonzalo@ximian.com>
900 * FormsAuthentication.cs: implemented RedirectFromLoginPage and
903 * FormsAuthenticationModule.cs: redirect to the login page when a 401
906 * UrlAuthorizationModule.cs: check for valid user or render error page.
908 2003-01-04 Gonzalo Paniagua Javier <gonzalo@ximian.com>
910 * DefaultAuthenticationModule.cs: implemented. It just create a default
911 unauthenticated user when no one else provided one.
913 * FormsAuthenticationModule.cs: removed debug output.
915 2002-12-20 Gonzalo Paniagua Javier <gonzalo@ximian.com>
917 * FormsAuthenticationModule.cs: remove debug lines.
919 2002-12-19 Gonzalo Paniagua Javier <gonzalo@ximian.com>
921 * FormsAuthentication.cs: return a null ticket when an exception is
922 thrown creating it. Implemented RenewTicketIfOld.
924 * FormsAuthenticationModule.cs: implemented event handlers for
925 AuthenticateRequest and EndRequest.
927 * FormsAuthenticationTicket.cs: implemented SetDates and Clone methods.
929 2002-12-18 Gonzalo Paniagua Javier <gonzalo@ximian.com>
931 * FormsAuthentication.cs: implemented GetAuthCookie, SetAuthCookie,
932 SignOut, FormsCookieName and FormsCookiePath.
934 2002-12-17 Gonzalo Paniagua Javier <gonzalo@ximian.com>
936 * FormsAuthentication.cs: implemented Authenticate, unencrypted Encrypt
937 and Decrypt, HashPasswordForStoringInConfigFile and Initialize.
939 * FormsAuthenticationTicket.cs: set cookiePath to the default when no
942 2002-08-26 Gonzalo Paniagua Javier <gonzalo@ximian.com>
944 * DefaultAuthenticationEventHandler.cs:
945 * DefaultAuthenticationModule.cs:
946 * FileAuthorizationModule.cs:
947 * FormsAuthentication.cs:
948 * FormsAuthenticationEventArgs.cs:
949 * FormsAuthenticationEventHandler.cs:
950 * FormsAuthenticationModule.cs:
951 * FormsAuthenticationTicket.cs:
953 * PassportAuthenticationEventArgs.cs:
954 * PassportAuthenticationEventHandler.cs:
955 * PassportAuthenticationModule.cs:
956 * PassportIdentity.cs:
957 * UrlAuthorizationModule.cs:
958 * WindowsAuthenticationEventArgs.cs:
959 * WindowsAuthenticationEventHandler.cs:
960 * WindowsAuthenticationModule.cs: new files. Some of them implemented,
961 some others stubbed out.
963 2002-06-03 Gonzalo Paniagua Javier <gonzalo@ximian.com>
965 * DefaultAuthenticationEventArgs.cs: added file.