967 lines
32 KiB
Plaintext
Raw Normal View History

2010-06-19 Marek Habersack <mhabersack@novell.com>
* FormsAuthentication.cs: Authenticate must compare stored and
newly hashed passwords case-insensitively. Fixes bug #601727
2010-04-29 Marek Habersack <mhabersack@novell.com>
* FormsAuthentication.cs: set authentication/expiry cookie
domain. Fixes bug #600740. Patch from Stuart Siegrist
<stuart@cbtnuggets.com>, thanks!
2010-04-28 Marek Habersack <mhabersack@novell.com>
* RolePrincipal.cs: class is not sealed in 4.0
* MembershipUser.cs: type forwarded to
System.Web.ApplicationServices in 4.0.
In the 4.0 profile, a MembershipHelper instance is created using
reflection, so that the Membership class and password
encryption/decryption services can be accessed without referencing
System.Web
* MembershipProvider.cs: type forwarded to
System.Web.ApplicationServices in 4.0.
{Encrypt,Decrypt}Password implementations moved to
MembershipHelper.
Added new EncryptPassword overload for 4.0
* MembershipHelper.cs: a helper class to handle password
encryption/decryption and to forward requests for certain
Membership properties in 4.0. It is used also in 2.0 to keep code
cleaner. System.Web.ApplicationServices uses it to access the
Membership class without having to reference System.Web
* MembershipCreateStatus.cs, MembershipCreateUserException.cs,
MembershipPasswordException.cs, MembershipPasswordFormat.cs,
MembershipProviderCollection.cs, MembershipUserCollection.cs,
MembershipValidatePasswordEventHandler.cs, RoleProvider.cs,
ValidatePasswordEventArgs.cs:
types forwarded to System.Web.ApplicationServices in 4.0
* FormsIdentity.cs: class is not sealed in 4.0
2010-02-11 Marek Habersack <mhabersack@novell.com>
* Roles.cs: IsUserInRole checks if username is null or empty
before attempting to use it. Patch from Tiaan Geldenhuys
<tagdev@gmail.com>. thanks!
2009-09-22 Sebastien Pouliot <sebastien@ximian.com>
* MembershipProvider.cs: Ensure password decryption is always
possible.
[Fix bug #538406]
2009-07-09 Gonzalo Paniagua Javier <gonzalo@novell.com>
* SqliteMembershipProvider.cs:
* UrlAuthorizationModule.cs: use GetSection instead of
OpenWebConfiguration+GetSection.
2009-05-28 Marek Habersack <mhabersack@novell.com>
* FormsAuthenticationModule.cs: if forms authentication login URL
is not rooted, make it relative to the application root, so that
MapPath maps it correctly.
Use String.Compare for checking whether requested URL matches the
login URL - be case-insensitive when running on Windows or with
IOMAP in effect.
2009-03-10 Marek Habersack <mhabersack@novell.com>
* UrlAuthorizationModule.cs: OnAuthorizeRequest must use the
configuration from <location> elements in the config. Fixes bug
#467221
2009-02-28 Gonzalo Paniagua Javier <gonzalo@novell.com>
* FormsAuthentication.cs: use GetWebApplication instead of GetSection
for application level configuration.
2009-01-12 Marek Habersack <mhabersack@novell.com>
* MembershipUserCollection.cs: CopyTo overloads use store.Values
as the copy source. Fixes bug #464783. Patch from Christian
Prochnow <cproch@seculogix.de>
2008-12-25 Gonzalo Paniagua Javier <gonzalo@novell.com>
* SqlRoleProvider.cs:
* SqlMembershipProvider.cs: use IndexOf (char) instead of
IndexOf (string).
2008-08-20 Marek Habersack <mhabersack@novell.com>
* Membership.cs: implemented the HashAlgorithmType property. Fixes
bug #418458
2008-06-30 Marek Habersack <mhabersack@novell.com>
* SqliteMembershipProvider.cs, SqliteRoleProvider.cs: remove
unused method
* SqlRoleProvider.cs, AspNetDBSchemaChecker.cs: hush the warnings
2008-05-30 Marek Habersack <mhabersack@novell.com>
* AnonymousIdentificationModule.cs, FormsAuthenticationModule.cs,
DefaultAuthenticationModule.cs, MembershipProvider.cs,
WindowsAuthenticationModule.cs, PassportAuthenticationModule.cs,
RoleManagerModule.cs: do not use synthetized event accessors (to
avoid locks).
2008-05-07 Marek Habersack <mhabersack@novell.com>
* RolePrincipal.cs: fix:
- Reloading the roles cache from the provider when expired
- Update issue & expiry date for expired tickets
- Incrementing the cookie expiry date
- Obey Roles.MaxCachedResults
Fixes bug #385877. Patch from Ivan Hamilton
<ivan@chimerical.com.au>, thanks!
2008-03-10 Marek Habersack <mhabersack@novell.com>
* RoleManagerModule.cs: initialize _config before adding event
handlers and account for the fact that _config might still be null
in the methods that use it.
2007-12-30 Vladimir Krasnov <vladimirk@mainsoft.com>
* SqliteMembershipProvider.cs, SqlRoleProvider.cs: added chema checking
* added AspNetDBSchemaChecker.cs: schema checker helper class
2007-12-11 Vladimir Krasnov <vladimirk@mainsoft.com>
* Roles.cs: fixed Providers property to be thread safe
2007-12-08 Marek Habersack <mhabersack@novell.com>
* SqliteRoleProvider.cs: added - a Role Provider for
Sqlite, based on PostgreSQL Role Provider code from Daniel
Nauck <dna@informatik.uni-kiel.de>
* SqliteMembershipProvider.cs: added - a Membership Provider for
Sqlite, based on PostgreSQL Membership Provider code from Daniel
Nauck <dna@informatik.uni-kiel.de>
2007-11-28 Marek Habersack <mhabersack@novell.com>
* SqlMembershipProvider.cs: handle situation when there is no
connection string configured for the SQL Membership Provider.
2007-11-01 Marek Habersack <mhabersack@novell.com>
* RolePrincipal.cs, MembershipProvider.cs: use the new
MachineKeySectionUtils class wherever necessary.
* FormsAuthentication.cs: use the new MachineKeySectionUtils class
wherever necessary.
GetHexString is a private method again.
2007-10-31 Marek Habersack <mhabersack@novell.com>
* FormsAuthentication.cs: made GetHexString an internal method -
it is used in the AssemblyResourceLoader.cs
2007-08-14 Marek Habersack <mhabersack@novell.com>
* Roles.cs: remove unused field.
* SqlMembershipProvider.cs: remove unused variable.
2007-08-13 Vladimir Krasnov <vladimirk@mainsoft.com>
* SqlRoleProvider.cs: fixed ApplicationName initialization
2007-06-24 Vladimir Krasnov <vladimirk@mainsoft.com>
* FormsAuthentication.cs: improved performance of GetHexString()
2007-05-17 Vladimir Krasnov <vladimirk@mainsoft.com>
* SqlMembershipProvider.cs: fixed DeleteUser, fixed parameter name
2007-05-14 Igor Zelmanovich <igorz@mainsoft.com>
* SqlMembershipProvider.cs: Fix parameter binding to stored procedures.
2007-05-09 Igor Zelmanovich <igorz@mainsoft.com>
* PassportIdentity.cs:
added MonoNotSupported attribute.
2007-05-02 Marek Habersack <mhabersack@novell.com>
* FormsAuthentication.cs: user names are stored in lowercase in
the credentials database.
2007-04-29 Igor Zelmanovich <igorz@mainsoft.com>
* FormsAuthenticationModule.cs:
Redirect to login page doesn't cause thread abort.
2007-04-19 Igor Zelmanovich <igorz@mainsoft.com>
* SqlMembershipProvider.cs:
ChangePassword throws exception if new password has invalid format.
2007-04-17 Igor Zelmanovich <igorz@mainsoft.com>
* Membership.cs:
* Roles.cs:
if default provider was not found ConfigurationErrorsException is thrown.
2007-04-12 Marek Habersack <mhabersack@novell.com>
* RoleManagerModule.cs: do not try to decrypt encryption tickets
from cookies with empty values.
2007-04-04 Juraj Skripsky <js@hotfeet.ch>
* FormsAuthenticationModule.cs: Move initialization of _config out
of Init() as app.Context is null in that method when a session is
about to be terminated.
2007-03-21 Vladimir Krasnov <vladimirk@mainsoft.com>
* AnonymousIdentificationModule.cs: optimized Config property
2007-03-21 Vladimir Krasnov <vladimirk@mainsoft.com>
* AnonymousIdentificationModule.cs: added configuration section caching
to AppDomain for TARGET_JVM
* RoleManagerModule.cs:
* UrlAuthorizationModule.cs:
* FormsAuthenticationModule.cs: refactored configuration section to be
a member of a class
2007-03-20 Marek Habersack <mhabersack@novell.com>
* FormsAuthentication.cs, Roles.cs: remove roles cookie on sign
out. Fixes bug #81195. Patch from Mike Morano <mmorano@mikeandwan.us>.
2007-03-12 Marek Habersack <mhabersack@novell.com>
* RolePrincipal.cs: decrypt the roles ticket properly. Makes role
caching in cookies work. Fixes bug #81117. Patch from Mike Morano
<mmorano@mikeandwan.us>
2007-03-02 Marek Habersack <mhabersack@novell.com>
* SqlMembershipProvider.cs: cast PasswordFormat to int, so that
the parameter code can infer the sql type. Makes user creation,
password reset etc. work.
2007-02-28 Andreia Gaita <avidigal@novell.com>
* SqlRoleProvider.cs: Fix parameter binding to stored procedures.
* SqlMembershipProvider.cs: Fix parameter binding to stored procedures.
CreateUser() doesn't use transactions in MS asp.net, so removed the
transaction calls.
2007-02-19 Vladimir Krasnov <vladimirk@mainsoft.com>
* RoleManagerModule.cs: fixed role chaching in OnEndRequest and
OnPostAuthenticateRequest
* RolePrincipal.cs: implemented ToEncryptedTicket, implemented caching
role functionality
* Roles.cs: implemented DeleteCookie, fixed CookieProtectionValue to
get it's value from configuration
2007-02-08 Marek Habersack <grendello@gmail.com>
* FormsAuthenticationModule.cs: Expire auth tickets properly.
* MembershipProvider.cs: Do not clear the password before
encrypting it.
2007-01-20 Miguel de Icaza <miguel@novell.com>
* SqlRoleProvider.cs: comment out unused code.
* SqlMembershipProvider.cs: Removed unused variables.
Remove unused variable.
* AnonymousIdentificationModule.cs (ClearAnonymousIdentifier):
remove unused variable. This might be a real bug.
2007-01-16 Vladimir Krasnov <vladimirk@mainsoft.com>
* RoleManagerModule.cs: fixed OnPostAuthenticateRequest,
CacheRolesInCookie not supported yet
* Roles.cs: fixed DeleteCookie, CacheRolesInCookie not supported yet
2007-01-11 Adar Wesley <adarw@mainsoft.com>
* MembershipProvider.cs: fixed EncryptPassword to use password buffer length
2007-01-04 Vladimir Krasnov <vladimirk@mainsoft.com>
* AnonymousIdentificationModule.cs: fixed OnEnter, fixed failure on
incorrect cookie value that browser may hold
2006-12-27 Vladimir Krasnov <vladimirk@mainsoft.com>
* FormsAuthentication.cs: added internal ReturnUrl property,
GetRedirectUrl added usage of ReturnUrl
2006-12-12 Vladimir Krasnov <vladimirk@mainsoft.com>
* FormsAuthentication.cs: TARGET_J2EE define for static members
2006-12-06 Vladimir Krasnov <vladimirk@mainsoft.com>
* FormsAuthenticationModule.cs: fixed OnAuthenticateRequest, suppress
exception on wrong ticket
2006-12-03 Igor Zelmanovich <igorz@mainsoft.com>
* FormsAuthenticationModule.cs:
set SkipAuthorization=true for WebResource.axd
2006-11-27 Vladimir Krasnov <vladimirk@mainsoft.com>
* SqlMembershipProvider.cs: typo bug
2006-11-21 Vladimir Krasnov <vladimirk@mainsoft.com>
* SqlMembershipProvider.cs: fixed fixed exception type in GetPassword
checks user lockout
2006-11-20 Igor Zelmanovich <igorz@mainsoft.com>
* SqlMembershipProvider.cs: fixed: UpdateUser works properly.
2006-11-15 Igor Zelmanovich <igorz@mainsoft.com>
* SqlMembershipProvider.cs: fixed: name is used for ReturnValue parameter.
2006-11-05 Vladimir Krasnov <vladimirk@mainsoft.com>
* AnonymousIdentificationModule.cs: fixed anonymous id cookie
2006-11-05 Vladimir Krasnov <vladimirk@mainsoft.com>
* MembershipProvider.cs, SqlMembershipProvider.cs:
refactoring of DecryptPassword and EncryptPassword methods according
to documentation
2006-09-10 Konstantin Triger <kostat@mainsoft.com>
* SqlRoleProvider.cs: throw on empty connection string.
2006-09-26 Vladimir Krasnov <vladimirk@mainsoft.com>
* Membership.cs: fixed GetAllUsers, typo bug
* SqlRoleProvider.cs, SqlMembershipProvider.cs: refactored to use
aspnetdb built in stored procedures,
fixed application name and membership relation,
improved exception handling
2006-09-03 Igor Zelmanovich <igorz@mainsoft.com>
* RolePrincipal.cs: refactoring: instance can be serialized.
2006-09-03 Igor Zelmanovich <igorz@mainsoft.com>
* SqlMembershipProvider.cs: fixed GetUser,
when username is String.Empty methods returns null.
2006-08-31 Konstantin Triger <kostat@mainsoft.com>
* SqlRoleProvider.cs: fixed initialization.
2006-08-31 Igor Zelmanovich <igorz@mainsoft.com>
* SqlMembershipProvider.cs: fixed CreateUser,
password is checked, properties MinRequiredPasswordLength and
MinRequiredNonAlphanumericCharacters are considered.
2006-08-29 Konstantin Triger <kostat@mainsoft.com>
* SqlMembershipProvider.cs: fix dispose order of reader vs connection.
2006-08-28 Igor Zelmanovich <igorz@mainsoft.com>
* SqlMembershipProvider.cs: fixed CreateUser, parameter isApproved is
considered.
2006-08-28 Konstantin Triger <kostat@mainsoft.com>
* SqlMembershipProvider.cs: ensure GetUser() returns null if it cannot
retrieve user information.
2006-08-28 Konstantin Triger <kostat@mainsoft.com>
* SqlRoleProvider.cs, SqlMembershipProvider.cs:
"use SqlClientFactory in case the ProviderName is not specified.
2006-08-27 Konstantin Triger <kostat@mainsoft.com>
* SqlRoleProvider.cs: enable concurrent usage, refactoring.
2006-08-27 Konstantin Triger <kostat@mainsoft.com>
* SqlMembershipProvider.cs: enable concurrent usage, refactoring.
2006-08-27 Vladimir Krasnov <vladimirk@mainsoft.com>
* SqlMembershipProvider.cs: fixed ValidateUser, bug when user
not exists
2006-08-14 Gonzalo Paniagua Javier <gonzalo@ximian.com>
* FormsAuthentication.cs: set the Secure attribute of the authentication
cookie when required.
2006-07-06 Konstantin Triger <kostat@mainsoft.com>
* FormsAuthentication.cs: Ensure initialized, fix url mapping.
2006-05-03 Chris Toshok <toshok@ximian.com>
* SqlMembershipProvider.cs (GetAlg): move this here for the time
being, as it's the only class that uses it.
(HashAndBase64Encode): nuke.
(EncryptAndBase64Encode): nuke.
(Base64DecodeAndDecrypt): nuke.
(DecryptPassword): new function.
(EncryptPassword): new function.
(ChangePassword): replace the switch with a call to
EncodePassword.
(ChangePasswordQuestionAndAnswer): same.
(CreateUser): same.
(ResetPassword): same.
(ValidateUsingPassword): same.
(ValidateUsingPasswordAnswer): same.
(GetPassword): same, and throw MembershipPasswordException if the
password answer is incorrect.
* MembershipProvider.cs (InitVector): nuke this. it's actually
the salt from the database (for the sql provider, anyway).
(EncodePassword): based on the password format, password, and
salt, encode it. Makes use of EncryptPassword.
(DecodePassword): likewise for decoding, makes use of
DecryptPassword.
(DecryptPassword): revert this to throwing
NotImplementedException, as the sql provideroverrides it to
perform the actual decryption.
(EncryptPassword): same.
2006-05-02 Chris Toshok <toshok@ximian.com>
* SqlMembershipProvider.cs: 85% complete, maybe more. The major
functionality should work. Password retrieval (and encrypted
passwords in general) is untested.
2006-05-01 Chris Toshok <toshok@ximian.com>
* Membership.cs (GeneratePassword): don't include quotes (',",`)
in the set of characters in the generated passwords.
2006-05-01 Chris Toshok <toshok@ximian.com>
* MembershipProvider.cs (GetAlg): switch from Exception to
ProviderException to match MS behavior (and fix the unit test.)
* Membership.cs (GeneratePassword): implement.
2006-05-01 Chris Toshok <toshok@ximian.com>
* SqlMembershipProvider.cs: lots more work. checking this in in
its present state because I don't want to lose it. It still needs
work.
* Membership.cs (.cctor): remove the fallback.
(ValidatingPassword): remove the MonoTODO.
* MembershipProvider.cs (DecryptPassword): implement.
(EncryptPassword): implement.
(GetAlg): helper function for Decrypt/EncryptPassword.
(InitVector): same.
2006-04-27 Chris Toshok <toshok@ximian.com>
* SqlMembershipProvider.cs (GeneratePassword): call
Membership.GeneratePassword with the configured minimum strength
requirements.
2006-04-27 Chris Toshok <toshok@ximian.com>
* SqlMembershipProvider.cs (UnlockUser): fix sql query, and move
the CheckPararm call to the top of the method.
2006-04-12 Chris Toshok <toshok@ximian.com>
* SqlMembershipProvider.cs: commit initial pass at
SqlMembershipProvider work. lots of stuff untested in here.
2006-04-11 Chris Toshok <toshok@ximian.com>
* MembershipUser.cs (.ctor): per Shackow's book, all DateTime's
are converted using ToUniversalTime when passed into this class.
(UpdateSelf): update ourselves from the passed in MembershipUser,
swallowing NotSupportedExceptions.
(UpdateUser): fetch a new MembershipUser from the db and call
UpdateSelf with it.
(ChangePassword): call UpdateUser after changing the password.
(ChangePasswordQuestionAndAnswer): same.
(ResetPassword): same.
(UnlockUser): same. Also, don't explicitly set isLockedOut.
It'll be updated in UpdateSelf.
(CreationDate): getter calls ToLocalTime, setter calls
ToUniversalTime.
(LastActivityDate): same.
(LastLoginDate): same.
(LastPasswordChangedDate): same.
(LastLockoutDate): same.
* Membership.cs (.cctor): use
ProvidersHelper.InstantitateProviders, and remove some unnecessary
#if NET_2_0's.
2006-03-29 Chris Toshok <toshok@ximian.com>
* SqlRoleProvider.cs: do the LOWER's in SQL, not in C#.
2006-03-23 Chris Toshok <toshok@ximian.com>
* Roles.cs: make this 2.0 configuration aware.
* SqlRoleProvider.cs: flesh out all the operations. the only
things that need dealing with are the Initialize method's handling
of a few parameters, and the ApplicationName property.
2006-03-23 Chris Toshok <toshok@ximian.com>
* DefaultAuthenticationModule.cs (OnDefaultAuthentication): always
set Thread.CurrentPrincipal, not just if we set it to the
GenericPrincipal.
2006-03-22 Chris Toshok <toshok@ximian.com>
* RoleManagerModule.cs: implement using info in Shackow's book.
* RolePrincipal.cs: flesh this out a bit more.
* DefaultAuthenticationModule.cs (OnDefaultAuthentication):
according to Shackow's book, this sets Thread.CurrentPrincipal as
well as HttpContext.Current.User.
2006-02-28 Chris Toshok <toshok@ximian.com>
* FormsAuthentication.cs: corcompare work.
* MembershipCreateUserException.cs: same.
* MembershipPasswordException.cs: same.
* AnonymousIdentificationModule.cs: same.
2006-02-01 Chris Toshok <toshok@ximian.com>
* FormsAuthentication.cs, Membership.cs,
FormsAuthenticationModule.cs, UrlAuthorizationModule.cs: oops,
replace GetWebApplicationSection with GetSection.
2006-02-01 Chris Toshok <toshok@ximian.com>
* FormsAuthentication.cs: CONFIGURATION_2_0 => NET_2_0.
simplifies the ifdef mess quite a bit.
* Membership.cs: same.
* FormsAuthenticationModule.cs: same.
* UrlAuthorizationModule.cs: same.
2006-01-04 Chris Toshok <toshok@ximian.com>
* FormsAuthentication.cs (Authenticate): add CONFIGURATION_2_0
code.
(Decrypt2): same.
(Decrypt): same.
(Encrypt): same.
(Initialize): same.
2006-01-04 Chris Toshok <toshok@ximian.com>
* Membership.cs (.cctor): enable the code here under
CONFIGURATION_2_0.
2006-01-03 Chris Toshok <toshok@ximian.com>
* UrlAuthorizationModule.cs (OnAuthorizeRequest): add
CONFIGURATION_2_0 code here.
2005-12-22 Gonzalo Paniagua Javier <gonzalo@ximian.com>
* FormsAuthentication.cs: don't end the request in
RedirectFromLoginPage.
2005-12-22 Gonzalo Paniagua Javier <gonzalo@ximian.com>
* FormsAuthenticationModule.cs: expire the cookie. Fixes bug #77043.
Patch by Cyrille Colin.
2005-12-13 Gonzalo Paniagua Javier <gonzalo@ximian.com>
* FormsAuthenticationModule.cs: ignore any exception thrown when mapping
the provided virtual path to the physical one. Patch by Cyrille Colin.
2005-11-28 Chris Toshok <toshok@ximian.com>
* FormsAuthenticationModule.cs (OnAuthenticateRequest):
CONFIGURATION_2_0 work.
(OnEndRequest): same.
2005-09-09 Sebastien Pouliot <sebastien@ximian.com>
* DefaultAuthenticationEventArgs.cs: Added LinkDemand for Minimal.
* DefaultAuthenticationModule.cs: Added LinkDemand for Minimal. Added
Demand for UnmanagedCode on constructor.
* FileAuthorizationModule.cs: Added LinkDemand for Minimal. Added
Demand for UnmanagedCode on constructor.
* FormsAuthentication.cs: Added LinkDemand for Minimal.
* FormsAuthenticationEventArgs.cs: Added LinkDemand for Minimal.
* FormsAuthenticationModule.cs: Added LinkDemand for Minimal. Added
Demand for UnmanagedCode on constructor.
* FormsAuthenticationTicket.cs: Added LinkDemand for Minimal.
* FormsIdentity.cs: Added LinkDemand for Minimal.
* PassportAuthenticationEventArgs.cs: Added LinkDemand for Minimal.
* PassportAuthenticationModule.cs: Added LinkDemand for Minimal. Added
Demand for UnmanagedCode on constructor.
* PassportIdentity.cs: Added LinkDemand for Minimal. Added Demand for
UnmanagedCode on constructor.
* UrlAuthorizationModule.cs: Added LinkDemand for Minimal. Added
Demand for UnmanagedCode on constructor.
* WindowsAuthenticationEventArgs.cs: Added LinkDemand for Minimal.
* WindowsAuthenticationModule.cs: Added LinkDemand for Minimal. Added
Demand for UnmanagedCode on constructor.
2005-09-01 Sebastien Pouliot <sebastien@ximian.com>
* FormsAuthenticationEventArgs.cs: Ensure the setter for User is
protected by a demand for ControlPrincipal.
* PassportAuthenticationEventArgs.cs: Ensure the setter for User is
protected by a demand for ControlPrincipal.
* WindowsAuthenticationEventArgs.cs: Ensure the setter for User is
protected by a demand for ControlPrincipal.
2005-08-25 Sebastien Pouliot <sebastien@ximian.com>
* FormsAuthentication.cs: With 2.0 we can get the default properties
and call Initialize without a NRE.
2005-08-25 Sebastien Pouliot <sebastien@ximian.com>
* ActiveDirectoryConnectionProtection.cs: New (2.0) enum.
* ActiveDirectoryMembershipProvider.cs: Fixed 2.0 API.
* AnonymousIdentificationEventArgs.cs: Fixed AnonymousID property case.
* AnonymousIdentificationModule.cs: Fixed 2.0 API.
* FileAuthorizationModule.cs: Added static CheckFileAccessForUser in
2.0 profile (TODO).
* FormsAuthentication.cs: Added missing 2.0 properties with their
default values.
* MembershipCreateStatus.cs: Fixed enum values/names.
* MembershipProvider.cs: Added stub for [Decrypt|Encrypt]Password. Both
methods don't seems to work without an active provider.
* PassportIdentity.cs: Added IDispose for 2.0 profile.
* Roles.cs: Added missing beta2 bits and default values (which are the
only things working without a role provider (web.config).
* RolePrincipal.cs: Fixed 2.0 API. Implemented a few bits.
* SqlRoleProvider.cs: Fixed 2.0 API.
* UrlAuthorizationModule.cs: Added static CheckUrlAccessForPrincipal in
2.0 profile (TODO).
2005-08-24 Sebastien Pouliot <sebastien@ximian.com>
* MembershipUserCollection.cs: Fix exceptions.
2005-08-22 Sebastien Pouliot <sebastien@ximian.com>
* FormsAuthentication.cs: Add some 2.0 stuff required for Login*
controls to compile.
2005-08-18 Sebastien Pouliot <sebastien@ximian.com>
* Membership.cs: Commented unworking parts of the .cctor to allow
testing the Login control.
* MembershipProviderCollection.cs: Fixed exception handling.
* SqlMembershipProvider.cs: Don't throw NotImplementedException
everywhere so Membership's .cctor (somewhat) works. Removed
Description property (not in beta2).
2005-07-28 Gonzalo Paniagua Javier <gonzalo@ximian.com>
* FormsAuthentication.cs: allow hardware acceleration support if
available. Sebastien dixit.
2005-07-26 Gonzalo Paniagua Javier <gonzalo@ximian.com>
* FormsAuthentication.cs: the init_vector must be the same accross
restarts, otherwise the cookie does not work even when a decryption
key is provided. Initialize it to the bytes of the cookie name. Fixes
bug #75635.
2005-07-25 Eyal Alaluf <eyala@mainsoft.com>
* FormsAuthenticationModule.cs: Check for null config
2005-07-25 Miguel de Icaza <miguel@novell.com>
* FormsAuthentication.cs (SignOut): Force the cookie to have it
expire in the past.
2005-07-25 Gonzalo Paniagua Javier <gonzalo@ximian.com>
* FormsAuthentication.cs: my previous patch missed a "small" detail: it
didn't include the verification key when computing/checking the
validation hash. Now this is really a MAC or HMAC or...
2005-07-25 Gonzalo Paniagua Javier <gonzalo@ximian.com>
* FormsAuthentication.cs:
* FormsAuthenticationTicket.cs: added support for validation and
encryption of the auth. cookie and improved serialization of the ticket.
2005-07-01 Lluis Sanchez Gual <lluis@novell.com>
* Membership.cs: Read provider info from the config file.
2005-06-10 Lluis Sanchez Gual <lluis@novell.com>
* MembershipUserCollection.cs:
* MembershipPasswordException.cs:
* RoleProviderCollection.cs:
* ActiveDirectoryMembershipProvider.cs:
* SqlMembershipProvider.cs:
* MembershipProvider.cs:
* SqlRoleProvider.cs:
* Membership.cs:
* MembershipUser.cs:
* MembershipProviderCollection.cs:
* Roles.cs:.
* RoleProvider.cs: Track api changes in ASP.NET 2.0. Implemented
some missing methods.
* AccessRoleProvider.cs:
* AccessMembershipProvider.cs: Removed.
* MembershipCreateUserException.cs:
* MembershipValidatePasswordEventHandler.cs:
* ValidatePasswordEventArgs.cs: Implemented.
2005-05-21 Sebastien Pouliot <sebastien@ximian.com>
* FormsAuthentication.cs: Hash the UTF8 representation of the password
strings (to be compatible with Microsoft implementation).
2005-04-20 Gonzalo Paniagua Javier <gonzalo@ximian.com>
* FormsAuthentication.cs:
* PassportAuthenticationModule.cs:
* WindowsAuthenticationModule.cs: removed warnings.
2005-03-11 Gonzalo Paniagua Javier <gonzalo@ximian.com>
* FormsAuthenticationModule.cs: fix for bug 73545, which caused
authentication not to work when the cookie was not persistent.
Patch by Ilya Kharmatsky (Mainsoft).
2005-02-23 Gonzalo Paniagua Javier <gonzalo@ximian.com>
* FormsAuthentication.cs: make the string to be stored in a config.
file uppercase... See bug #72557.
2005-02-06 Gonzalo Paniagua Javier <gonzalo@ximian.com>
* FormsAuthentication.cs: fixed typo when getting the hash for the
password in SHA1 and MD5. Thanks to Tadas Dailyda.
Lock on a static object instead of typeof(FormsAuthentication).
2004-11-18 Lluis Sanchez Gual <lluis@novell.com>
* RoleProvider.cs, Roles.cs, SqlRoleProvider.cs, RoleProviderCollection.cs,
AccessRoleProvider.cs: IRoleProvider has been renamed to ProviderBase.
* IMembershipProvider.cs: Deleted.
* MembershipProvider.cs, AccessMembershipProvider.cs, MembershipUser.cs,
Membership.cs, ADMembershipProvider.cs, SqlMembershipProvider.cs
MembershipProviderCollection.cs: MembershipProvider has been deleted
and replaced by the abstract class MembershipProvider.
* MembershipProviderCollection.cs: Minor fixes.
* ADMembershipProvider.cs: Renamed to ActiveDirectoryMembershipProvider.cs.
2004-11-15 Lluis Sanchez Gual <lluis@novell.com>
* RoleProviderCollection.cs, MembershipProviderCollection.cs:
Fixed warnings.
2004-08-23 Gonzalo Paniagua Javier <gonzalo@ximian.com>
* FormsAuthentication.cs: patch by Jim Pease to fix the date on renewal.
2004-08-22 Gonzalo Paniagua Javier <gonzalo@ximian.com>
* FormsAuthenticationModule.cs: don't renew expired cookies. Only renew
the cookie if SlidingExpiration is set. Thanks to Jim Pease.
2004-08-03 Sanjay Gupta <gsanjay@novell.com>
* MembershipSortOptions.cs:
* MembershipPasswordFormat.cs:
* MembershipOnlineStatus.cs:
* MembershipCreateStatus.cs:
* CookieProtection.cs: minor modifications.
2004-06-12 Pedro Martnez Juli <yoros@wanadoo.es>
* FormsAuthentication.cs: Undo last change.
2004-06-12 Pedro Martnez Juli <yoros@wanadoo.es>
* FormsAuthentication.cs: go to loginUrl from web.config settings
before try with the default ones.
2004-06-11 Gonzalo Paniagua Javier <gonzalo@ximian.com>
* DefaultAuthenticationModule.cs: set the IPrincipal for this thread
once we have a user. Fixes bug #59683.
2004-04-21 Gonzalo Paniagua Javier <gonzalo@ximian.com>
* FormsAuthenticationModule.cs: re-read configuration files if needed
when determining if forms auth. is used.
2004-01-23 Gonzalo Paniagua Javier <gonzalo@ximian.com>
* FormsAuthentication.cs: added RequireSSL and SlidingExpiration.
2004-01-11 Andreas Nahr <ClassDevelopment@A-SoftTech.com>
* PassportIdentity.cs: Added v 1.1 members
2003-11-25 Ben Maurer <bmaurer@users.sourceforge.net>
* AccessMembershipProvider.cs: New v2 file
* AccessRoleProvider.cs: New v2 file
* ADMembershipProvider.cs: New v2 file
* AnonymousIdentificationEventArgs.cs: New v2 file
* AnonymousIdentificationEventHandler.cs: New v2 file
* AnonymousIdentificationModule.cs: New v2 file
* CookieProtection.cs: New v2 file
* IMembershipProvider.cs: New v2 file
* IRoleProvider.cs: New v2 file
* Membership.cs: New v2 file
* MembershipCreateStatus.cs: New v2 file
* MembershipCreateUserException.cs: New v2 file
* MembershipOnlineStatus.cs: New v2 file
* MembershipPasswordException.cs: New v2 file
* MembershipPasswordFormat.cs: New v2 file
* MembershipProviderCollection.cs: New v2 file
* MembershipSortOptions.cs: New v2 file
* MembershipUser.cs: New v2 file
* MembershipUserCollection.cs: New v2 file
* RoleManagerEventArgs.cs: New v2 file
* RoleManagerEventHandler.cs: New v2 file
* RoleManagerModule.cs: New v2 file
* RolePrincipal.cs: New v2 file
* RoleProviderCollection.cs: New v2 file
* Roles.cs: New v2 file
* SqlMembershipProvider.cs: New v2 file
* SqlRoleProvider.cs: New v2 file
2003-11-05 Gonzalo Paniagua Javier <gonzalo@ximian.com>
* FormsAuthentication.cs: encoding updates.
2003-10-04 Gonzalo Paniagua Javier <gonzalo@ximian.com>
* FormsAuthenticationModule.cs: fixed for applications other than /.
2003-08-27 Gonzalo Paniagua Javier <gonzalo@ximian.com>
* UrlAuthorizationModule.cs: fixed description for status code.
2003-07-31 Gonzalo Paniagua Javier <gonzalo@ximian.com>
* FormsAuthenticationModule.cs: really renew the ticket. Thanks to
Jens Thiel <Jens@Thiel.DE>.
2003-02-13 Gonzalo Paniagua Javier <gonzalo@ximian.com>
* UrlAuthorizationModule.cs: tell the application not to run any other
step apart from EndRequest.
2003-02-12 Gonzalo Paniagua Javier <gonzalo@ximian.com>
* FormsAuthentication.cs: implemented RedirectFromLoginPage and
GetRedirectUrl.
* FormsAuthenticationModule.cs: redirect to the login page when a 401
error happens.
* UrlAuthorizationModule.cs: check for valid user or render error page.
2003-01-04 Gonzalo Paniagua Javier <gonzalo@ximian.com>
* DefaultAuthenticationModule.cs: implemented. It just create a default
unauthenticated user when no one else provided one.
* FormsAuthenticationModule.cs: removed debug output.
2002-12-20 Gonzalo Paniagua Javier <gonzalo@ximian.com>
* FormsAuthenticationModule.cs: remove debug lines.
2002-12-19 Gonzalo Paniagua Javier <gonzalo@ximian.com>
* FormsAuthentication.cs: return a null ticket when an exception is
thrown creating it. Implemented RenewTicketIfOld.
* FormsAuthenticationModule.cs: implemented event handlers for
AuthenticateRequest and EndRequest.
* FormsAuthenticationTicket.cs: implemented SetDates and Clone methods.
2002-12-18 Gonzalo Paniagua Javier <gonzalo@ximian.com>
* FormsAuthentication.cs: implemented GetAuthCookie, SetAuthCookie,
SignOut, FormsCookieName and FormsCookiePath.
2002-12-17 Gonzalo Paniagua Javier <gonzalo@ximian.com>
* FormsAuthentication.cs: implemented Authenticate, unencrypted Encrypt
and Decrypt, HashPasswordForStoringInConfigFile and Initialize.
* FormsAuthenticationTicket.cs: set cookiePath to the default when no
other provided.
2002-08-26 Gonzalo Paniagua Javier <gonzalo@ximian.com>
* DefaultAuthenticationEventHandler.cs:
* DefaultAuthenticationModule.cs:
* FileAuthorizationModule.cs:
* FormsAuthentication.cs:
* FormsAuthenticationEventArgs.cs:
* FormsAuthenticationEventHandler.cs:
* FormsAuthenticationModule.cs:
* FormsAuthenticationTicket.cs:
* FormsIdentity.cs:
* PassportAuthenticationEventArgs.cs:
* PassportAuthenticationEventHandler.cs:
* PassportAuthenticationModule.cs:
* PassportIdentity.cs:
* UrlAuthorizationModule.cs:
* WindowsAuthenticationEventArgs.cs:
* WindowsAuthenticationEventHandler.cs:
* WindowsAuthenticationModule.cs: new files. Some of them implemented,
some others stubbed out.
2002-06-03 Gonzalo Paniagua Javier <gonzalo@ximian.com>
* DefaultAuthenticationEventArgs.cs: added file.