System.Web 2.0.0.0 System.Configuration.Provider.ProviderBase ASP.NET membership is designed to enable you to easily use a number of different membership providers for your ASP.NET applications. You can use the supplied membership providers that are included with the .NET Framework, or you can implement your own provider. If you are not familiar with the membership features of ASP.NET, see Introduction to Membership before continuing. For a list of other topics related to membership, see Managing Users By Using Membership. When implementing a custom membership provider, you are required to inherit the abstract class. There are two primary reasons for creating a custom membership provider. You need to store membership information in a data source that is not supported by the membership providers included with the .NET Framework, such as a FoxPro database, an Oracle database, or other data source. You need to manage membership information using a database schema that is different from the database schema used by the providers that ship with the .NET Framework. A common example of this would be membership data that already exists in a SQL Server database for a company or Web site. The abstract class inherits from the abstract class. implementations must also implement the required members of .

Defines the contract that ASP.NET implements to provide membership services using custom membership providers.

Constructor You are not required to implement a constructor for a class that inherits the abstract class. Initialization values for a implementation are passed to the method implementation.

Initializes a new instance of the class.

2.0.0.0 Property System.String To be added. The property value is stored in the data source with related user information to associate a user with a particular application. This property is read/write and defaults to the property value if not specified explicitly. Because membership providers store user information uniquely for each application, multiple ASP.NET applications can use the same data source without running into a conflict if duplicate user names are created. Alternatively, multiple ASP.NET applications can use the same user data source by specifying the same . In your membership provider implementation, you will need to ensure that your data schema includes the and that data source queries and updates also include the .

The name of the application using the custom membership provider.

2.0.0.0 Method System.Boolean To be added. To be added. To be added. Takes, as input, a user name, a current password, and a new password, and updates the password in the data source if the supplied user name and current password are valid.

Processes a request to update the password for a membership user.

true if the password was updated successfully; otherwise, false. 2.0.0.0 Method System.Boolean To be added. To be added. To be added. Takes, as input, a user name, a password, a password question and a password answer, and updates the password question and answer in the data source if the supplied user name and password are valid. If the supplied user name and password are not valid, false is returned.

Processes a request to update the password question and answer for a membership user.

true if the password question and answer are updated successfully; otherwise, false. The password for the specified user. 2.0.0.0 Method System.Web.Security.MembershipUser To be added. To be added. To be added. To be added. To be added. To be added. To be added. To be added.

To be added.

To be added. To be added. 2.0.0.0 Method System.Byte[] The method is a virtual method that is provided for membership provider implementations to use when supporting encrypted password formats.

Decrypts an encrypted password.

A byte array that contains the decrypted password. A byte array that contains the encrypted password to decrypt. 2.0.0.0 Method System.Boolean To be added. Takes, as input, the name of a user and deletes that user's information from the data source. If is true, then all user data stored in the database for the , , and personalization is also deleted.

Removes a user from the membership data source.

true if the user was successfully deleted; otherwise, false. true to delete data related to the user from the database; false to leave data related to the user in the database. 2.0.0.0 Property System.Boolean To be added. contains a Boolean value specified in the configuration file (Web.config) using the enablePasswordReset attribute. The value indicates whether users can use the method to overwrite their current password with a new, randomly generated password. This property is read-only.

Indicates whether the membership provider is configured to allow users to reset their passwords.

2.0.0.0 Property System.Boolean To be added. The property contains a Boolean value specified in the configuration file (Web.config) using the enablePasswordRetrieval attribute. The value indicates whether users can use the method to retrieve their current password from the data source. This property is read-only. If your custom membership provider supports hashed passwords, your method implementation should throw an exception if is set to true and the password format is set to Hashed. Hashed passwords cannot be retrieved.

Indicates whether the membership provider is configured to allow users to retrieve their passwords.

2.0.0.0 Method System.Byte[] The method is a virtual method that is provided for membership provider implementations to use when supporting encrypted password formats.

Encrypts a password.

A byte array that contains the encrypted password. A byte array that contains the password to encrypt. 2.0.0.0 Method System.Web.Security.MembershipUserCollection To be added. To be added. To be added. To be added.

To be added.

To be added. To be added. 2.0.0.0 Method System.Web.Security.MembershipUserCollection To be added. To be added. To be added. To be added.

To be added.

To be added. To be added. 2.0.0.0 Method System.Web.Security.MembershipUserCollection To be added. To be added. To be added.

To be added.

To be added. To be added. 2.0.0.0 Method System.Int32 Returns an integer value that is the count of all the users in the data source where the is greater than the current date and time minus the . The is a positive integer value specifying the number of minutes to use when determining whether a user is online.

Gets the number of users currently accessing the application.

The number of users currently accessing the application. 2.0.0.0 Method System.String To be added. Takes, as input, a user name and a password answer and retrieves the password for that user from the data source and returns the password as a string. The method ensures that the flag is set to true before performing any action. If is false, a exception is thrown. also checks the value of the property. If is true, checks the value of the supplied answer parameter against the stored password answer in the data source. If they do not match, a exception is thrown. If your custom membership provider supports hashed passwords, the method should throw an exception if the property is set to true and the password format is set to Hashed. Hashed passwords cannot be retrieved.

Gets the password for the specified user name from the data source.

The password for the specified user name. The password answer for the user. 2.0.0.0 Method System.Web.Security.MembershipUser Takes, as input, a unique identifier for a user record and a Boolean value indicating whether to update the value for the user to show that the user is currently online. The method returns a object populated with current values from the data source for the specified user. If the user name is not found in the data source, returns null.

Gets user information from the data source based on the unique identifier for the membership user. Provides an option to update the last-activity date/time stamp for the user.

A object populated with the specified user's information from the data source. The unique identifier for the membership user to get information for. true to update the last-activity date/time stamp for the user; false to return user information without updating the last-activity date/time stamp for the user. 2.0.0.0 Method System.Web.Security.MembershipUser To be added. Takes, as input, a user name and a Boolean value indicating whether to update the property value for the user to show that the user is currently online. returns a object populated with current values from the data source for the specified user. If the user name is not found in the data source, returns null.

Gets information from the data source for a user. Provides an option to update the last-activity date/time stamp for the user.

A object populated with the specified user's information from the data source. true to update the last-activity date/time stamp for the user; false to return user information without updating the last-activity date/time stamp for the user. 2.0.0.0 Method System.String Takes, as input, an e-mail address and returns the first user name from the data source where the e-mail address matches the supplied parameter value. If no user name is found with a matching e-mail address, null is returned. If multiple user names are found that match a particular e-mail address, only the first user name found should be returned. You can implement a custom mechanism for ensuring a unique e-mail address for each user name such as the property supported by the provider.

Gets the user name associated with the specified e-mail address.

The user name associated with the specified e-mail address. If no match is found, return null. The e-mail address to search for. 2.0.0.0 Property System.Int32 To be added. The property works in conjunction with the property to guard against an unwanted source guessing the password or password answer of a membership user through repeated attempts. If the number of invalid passwords or password questions supplied for a membership user is greater than or equal to the property value within the number of minutes identified by the , then the membership user is locked out by setting the property to true until the user is unlocked by a call to the method. If a valid password or password answer is supplied before the value is reached, the counter that tracks the number of invalid attempts is reset to zero. Invalid password and password-answer attempts accumulate independently of one another. For example, if the property is set to 5, and three invalid password attempts are made followed by two invalid password-answer attempts, two more invalid password attempts (or three more invalid password-answer attempts) must be made within the for the membership user to be locked out. If the property is set to false, invalid password-answer attempts are not tracked. Invalid password and password-answer attempts are tracked in the , , , , and methods.

Gets the number of invalid password or password-answer attempts allowed before the membership user is locked out.

2.0.0.0 Property System.Int32 To be added. The property returns the minimum number of special, non-alphabetic characters that must be entered to create a valid password for the object. The property value is set in the application configuration using the minRequiredNonalphanumericCharacters attribute of the membership configuration element. A non-alphanumeric character is a character for which the method returns false.

Gets the minimum number of special characters that must be present in a valid password.

2.0.0.0 Property System.Int32 To be added. The property gets the minimum number of characters that must be entered to create a valid password for the object. The property value is set in the application configuration using the minRequiredPasswordLength attribute of the membership configuration element.

Gets the minimum length required for a password.

2.0.0.0 Method System.Void To be added. The virtual method is used during the , , and methods to raise the event if a has been specified. The parameter is used to pass a object to the event handler. When the event has completed, the properties of the object supplied as the parameter can be examined to determine whether the current action should be canceled and if a particular , stored in the property, should be thrown.

Raises the event if an event handler has been defined.

2.0.0.0 Property System.Int32 To be added. The property works in conjunction with the property to guard against an unwanted source guessing the password or password answer of a membership user through repeated attempts. If the number of invalid passwords or password questions supplied for a membership user exceeds the within the number of minutes identified by the , then the membership user is locked out by setting the property to true until the user is unlocked by a call to the method. If a valid password or password answer is supplied before the is reached, the counter that tracks the number of invalid attempts is reset to zero. Invalid password and password-answer attempts accumulate independently of one another. For example, if the property is set to 5, and three invalid password attempts are made followed by two invalid password-answer attempts, two more invalid password attempts (or three more invalid password-answer attempts) must be made within the value for the membership user to be locked out. If the property is set to false, invalid password-answer attempts are not tracked. Invalid password and password-answer attempts are tracked in the , , , , and methods.

Gets the number of minutes in which a maximum number of invalid password or password-answer attempts are allowed before the membership user is locked out.

2.0.0.0 Property System.Web.Security.MembershipPasswordFormat To be added. The property indicates the format that passwords are stored in. Passwords can be stored in Clear, Encrypted, and Hashed password formats. Clear passwords are stored in plain text, which improves the performance of password storage and retrieval but is less secure, as passwords are easily read if your data source is compromised. Encrypted passwords are encrypted when stored and can be decrypted for password comparison or password retrieval. This requires additional processing for password storage and retrieval, but is more secure, as passwords are not easily determined if the data source is compromised. Hashed passwords are hashed using a one-way hash algorithm and a randomly generated salt value when stored in the database. When a password is validated, it is hashed with the salt value in the database for verification. Hashed passwords cannot be retrieved. You can use the and virtual methods of the class to encrypt and decrypt password values, or you can supply your own encryption code. If you use the and virtual methods of the class, Encrypted passwords are encrypted using the key information supplied in the machineKey element in your configuration.

Gets a value indicating the format for storing passwords in the membership data store.

2.0.0.0 Property System.String To be added. The property gets the regular expression used to evaluate password complexity for the object. The property is set in the application configuration using the passwordStrengthRegularExpression attribute of the membership configuration element.

Gets the regular expression used to evaluate a password.

2.0.0.0 Property System.Boolean To be added. A Boolean value specified in the configuration file (Web.config). The property indicates whether users must supply a password answer in order to retrieve their password using the method, or reset their password using the method. This property is read-only.

Gets a value indicating whether the membership provider is configured to require the user to answer a password question for password reset and retrieval.

2.0.0.0 Property System.Boolean To be added. The property indicates whether users must supply a unique e-mail address value when creating a user. If a user already exists in the data source for the current , then the method returns null and a status value of .

Gets a value indicating whether the membership provider is configured to require a unique e-mail address for each user name.

2.0.0.0 Method System.String To be added. Takes, as input, a user name and a password answer and generates a new, random password for the specified user. The random password created by the method is not guaranteed to pass the regular expression in the property. However, the random password will meet the criteria established by the and properties The method updates the user information in the data source with the new password value and returns the new password as a string. A convenient mechanism for generating a random password is the method. ensures that the flag is set to true before performing any action. If is false, a exception is thrown. also checks the value of the property. If is true, checks the value of the supplied answer parameter against the stored password answer in the data source. If they do not match, a exception is thrown.

Resets a user's password to a new, automatically generated password.

The new password for the specified user. The password answer for the specified user. 2.0.0.0 Method System.Boolean Takes, as input, a user name, and updates the field in the data source that stores the property to false. The method returns true if the record for the membership user is updated successfully; otherwise, false.

Clears a lock so that the membership user can be validated.

true if the membership user was successfully unlocked; otherwise, false. The membership user whose lock status you want to clear. 2.0.0.0 Method System.Void Takes, as input, a object populated with user information and updates the data source with the supplied values.

Updates information about a user in the data source.

A object that represents the user to update and the updated information for the user. 2.0.0.0 Method System.Boolean To be added. Takes, as input, a user name and a password and verifies that the values match those in the data source. returns true for a successful user name and password match; otherwise, false. For successful validations, updates the for the specified user.

Verifies that the specified user name and password exist in the data source.

true if the specified username and password are valid; otherwise, false. The password for the specified user. 2.0.0.0 Event System.Web.Security.MembershipValidatePasswordEventHandler The event is raised during the , , and methods. The event occurs before the action requested and enables the user to continue or cancel the requested action. If the action is canceled, the user can specify an exception to be thrown. Users use a event handler to specify a handler for the event. Provider implementers can use the virtual method to raise the event.

Occurs when a user is created, a password is changed, or a password is reset.

2.0.0.0