967 lines
32 KiB
Plaintext
967 lines
32 KiB
Plaintext
2010-06-19 Marek Habersack <mhabersack@novell.com>
|
|
|
|
* FormsAuthentication.cs: Authenticate must compare stored and
|
|
newly hashed passwords case-insensitively. Fixes bug #601727
|
|
|
|
2010-04-29 Marek Habersack <mhabersack@novell.com>
|
|
|
|
* FormsAuthentication.cs: set authentication/expiry cookie
|
|
domain. Fixes bug #600740. Patch from Stuart Siegrist
|
|
<stuart@cbtnuggets.com>, thanks!
|
|
|
|
2010-04-28 Marek Habersack <mhabersack@novell.com>
|
|
|
|
* RolePrincipal.cs: class is not sealed in 4.0
|
|
|
|
* MembershipUser.cs: type forwarded to
|
|
System.Web.ApplicationServices in 4.0.
|
|
In the 4.0 profile, a MembershipHelper instance is created using
|
|
reflection, so that the Membership class and password
|
|
encryption/decryption services can be accessed without referencing
|
|
System.Web
|
|
|
|
* MembershipProvider.cs: type forwarded to
|
|
System.Web.ApplicationServices in 4.0.
|
|
{Encrypt,Decrypt}Password implementations moved to
|
|
MembershipHelper.
|
|
Added new EncryptPassword overload for 4.0
|
|
|
|
* MembershipHelper.cs: a helper class to handle password
|
|
encryption/decryption and to forward requests for certain
|
|
Membership properties in 4.0. It is used also in 2.0 to keep code
|
|
cleaner. System.Web.ApplicationServices uses it to access the
|
|
Membership class without having to reference System.Web
|
|
|
|
* MembershipCreateStatus.cs, MembershipCreateUserException.cs,
|
|
MembershipPasswordException.cs, MembershipPasswordFormat.cs,
|
|
MembershipProviderCollection.cs, MembershipUserCollection.cs,
|
|
MembershipValidatePasswordEventHandler.cs, RoleProvider.cs,
|
|
ValidatePasswordEventArgs.cs:
|
|
types forwarded to System.Web.ApplicationServices in 4.0
|
|
|
|
* FormsIdentity.cs: class is not sealed in 4.0
|
|
|
|
2010-02-11 Marek Habersack <mhabersack@novell.com>
|
|
|
|
* Roles.cs: IsUserInRole checks if username is null or empty
|
|
before attempting to use it. Patch from Tiaan Geldenhuys
|
|
<tagdev@gmail.com>. thanks!
|
|
|
|
2009-09-22 Sebastien Pouliot <sebastien@ximian.com>
|
|
|
|
* MembershipProvider.cs: Ensure password decryption is always
|
|
possible.
|
|
[Fix bug #538406]
|
|
|
|
2009-07-09 Gonzalo Paniagua Javier <gonzalo@novell.com>
|
|
|
|
* SqliteMembershipProvider.cs:
|
|
* UrlAuthorizationModule.cs: use GetSection instead of
|
|
OpenWebConfiguration+GetSection.
|
|
|
|
2009-05-28 Marek Habersack <mhabersack@novell.com>
|
|
|
|
* FormsAuthenticationModule.cs: if forms authentication login URL
|
|
is not rooted, make it relative to the application root, so that
|
|
MapPath maps it correctly.
|
|
Use String.Compare for checking whether requested URL matches the
|
|
login URL - be case-insensitive when running on Windows or with
|
|
IOMAP in effect.
|
|
|
|
2009-03-10 Marek Habersack <mhabersack@novell.com>
|
|
|
|
* UrlAuthorizationModule.cs: OnAuthorizeRequest must use the
|
|
configuration from <location> elements in the config. Fixes bug
|
|
#467221
|
|
|
|
2009-02-28 Gonzalo Paniagua Javier <gonzalo@novell.com>
|
|
|
|
* FormsAuthentication.cs: use GetWebApplication instead of GetSection
|
|
for application level configuration.
|
|
|
|
2009-01-12 Marek Habersack <mhabersack@novell.com>
|
|
|
|
* MembershipUserCollection.cs: CopyTo overloads use store.Values
|
|
as the copy source. Fixes bug #464783. Patch from Christian
|
|
Prochnow <cproch@seculogix.de>
|
|
|
|
2008-12-25 Gonzalo Paniagua Javier <gonzalo@novell.com>
|
|
|
|
* SqlRoleProvider.cs:
|
|
* SqlMembershipProvider.cs: use IndexOf (char) instead of
|
|
IndexOf (string).
|
|
|
|
2008-08-20 Marek Habersack <mhabersack@novell.com>
|
|
|
|
* Membership.cs: implemented the HashAlgorithmType property. Fixes
|
|
bug #418458
|
|
|
|
2008-06-30 Marek Habersack <mhabersack@novell.com>
|
|
|
|
* SqliteMembershipProvider.cs, SqliteRoleProvider.cs: remove
|
|
unused method
|
|
|
|
* SqlRoleProvider.cs, AspNetDBSchemaChecker.cs: hush the warnings
|
|
|
|
2008-05-30 Marek Habersack <mhabersack@novell.com>
|
|
|
|
* AnonymousIdentificationModule.cs, FormsAuthenticationModule.cs,
|
|
DefaultAuthenticationModule.cs, MembershipProvider.cs,
|
|
WindowsAuthenticationModule.cs, PassportAuthenticationModule.cs,
|
|
RoleManagerModule.cs: do not use synthetized event accessors (to
|
|
avoid locks).
|
|
|
|
2008-05-07 Marek Habersack <mhabersack@novell.com>
|
|
|
|
* RolePrincipal.cs: fix:
|
|
- Reloading the roles cache from the provider when expired
|
|
- Update issue & expiry date for expired tickets
|
|
- Incrementing the cookie expiry date
|
|
- Obey Roles.MaxCachedResults
|
|
Fixes bug #385877. Patch from Ivan Hamilton
|
|
<ivan@chimerical.com.au>, thanks!
|
|
|
|
2008-03-10 Marek Habersack <mhabersack@novell.com>
|
|
|
|
* RoleManagerModule.cs: initialize _config before adding event
|
|
handlers and account for the fact that _config might still be null
|
|
in the methods that use it.
|
|
|
|
2007-12-30 Vladimir Krasnov <vladimirk@mainsoft.com>
|
|
|
|
* SqliteMembershipProvider.cs, SqlRoleProvider.cs: added chema checking
|
|
* added AspNetDBSchemaChecker.cs: schema checker helper class
|
|
|
|
2007-12-11 Vladimir Krasnov <vladimirk@mainsoft.com>
|
|
|
|
* Roles.cs: fixed Providers property to be thread safe
|
|
|
|
2007-12-08 Marek Habersack <mhabersack@novell.com>
|
|
|
|
* SqliteRoleProvider.cs: added - a Role Provider for
|
|
Sqlite, based on PostgreSQL Role Provider code from Daniel
|
|
Nauck <dna@informatik.uni-kiel.de>
|
|
|
|
* SqliteMembershipProvider.cs: added - a Membership Provider for
|
|
Sqlite, based on PostgreSQL Membership Provider code from Daniel
|
|
Nauck <dna@informatik.uni-kiel.de>
|
|
|
|
2007-11-28 Marek Habersack <mhabersack@novell.com>
|
|
|
|
* SqlMembershipProvider.cs: handle situation when there is no
|
|
connection string configured for the SQL Membership Provider.
|
|
|
|
2007-11-01 Marek Habersack <mhabersack@novell.com>
|
|
|
|
* RolePrincipal.cs, MembershipProvider.cs: use the new
|
|
MachineKeySectionUtils class wherever necessary.
|
|
|
|
* FormsAuthentication.cs: use the new MachineKeySectionUtils class
|
|
wherever necessary.
|
|
GetHexString is a private method again.
|
|
|
|
2007-10-31 Marek Habersack <mhabersack@novell.com>
|
|
|
|
* FormsAuthentication.cs: made GetHexString an internal method -
|
|
it is used in the AssemblyResourceLoader.cs
|
|
|
|
2007-08-14 Marek Habersack <mhabersack@novell.com>
|
|
|
|
* Roles.cs: remove unused field.
|
|
|
|
* SqlMembershipProvider.cs: remove unused variable.
|
|
|
|
2007-08-13 Vladimir Krasnov <vladimirk@mainsoft.com>
|
|
|
|
* SqlRoleProvider.cs: fixed ApplicationName initialization
|
|
|
|
2007-06-24 Vladimir Krasnov <vladimirk@mainsoft.com>
|
|
|
|
* FormsAuthentication.cs: improved performance of GetHexString()
|
|
|
|
2007-05-17 Vladimir Krasnov <vladimirk@mainsoft.com>
|
|
|
|
* SqlMembershipProvider.cs: fixed DeleteUser, fixed parameter name
|
|
|
|
2007-05-14 Igor Zelmanovich <igorz@mainsoft.com>
|
|
|
|
* SqlMembershipProvider.cs: Fix parameter binding to stored procedures.
|
|
|
|
2007-05-09 Igor Zelmanovich <igorz@mainsoft.com>
|
|
|
|
* PassportIdentity.cs:
|
|
added MonoNotSupported attribute.
|
|
|
|
2007-05-02 Marek Habersack <mhabersack@novell.com>
|
|
|
|
* FormsAuthentication.cs: user names are stored in lowercase in
|
|
the credentials database.
|
|
|
|
2007-04-29 Igor Zelmanovich <igorz@mainsoft.com>
|
|
|
|
* FormsAuthenticationModule.cs:
|
|
Redirect to login page doesn't cause thread abort.
|
|
|
|
2007-04-19 Igor Zelmanovich <igorz@mainsoft.com>
|
|
|
|
* SqlMembershipProvider.cs:
|
|
ChangePassword throws exception if new password has invalid format.
|
|
|
|
2007-04-17 Igor Zelmanovich <igorz@mainsoft.com>
|
|
|
|
* Membership.cs:
|
|
* Roles.cs:
|
|
if default provider was not found ConfigurationErrorsException is thrown.
|
|
|
|
2007-04-12 Marek Habersack <mhabersack@novell.com>
|
|
|
|
* RoleManagerModule.cs: do not try to decrypt encryption tickets
|
|
from cookies with empty values.
|
|
|
|
2007-04-04 Juraj Skripsky <js@hotfeet.ch>
|
|
|
|
* FormsAuthenticationModule.cs: Move initialization of _config out
|
|
of Init() as app.Context is null in that method when a session is
|
|
about to be terminated.
|
|
|
|
2007-03-21 Vladimir Krasnov <vladimirk@mainsoft.com>
|
|
|
|
* AnonymousIdentificationModule.cs: optimized Config property
|
|
|
|
2007-03-21 Vladimir Krasnov <vladimirk@mainsoft.com>
|
|
|
|
* AnonymousIdentificationModule.cs: added configuration section caching
|
|
to AppDomain for TARGET_JVM
|
|
* RoleManagerModule.cs:
|
|
* UrlAuthorizationModule.cs:
|
|
* FormsAuthenticationModule.cs: refactored configuration section to be
|
|
a member of a class
|
|
|
|
2007-03-20 Marek Habersack <mhabersack@novell.com>
|
|
|
|
* FormsAuthentication.cs, Roles.cs: remove roles cookie on sign
|
|
out. Fixes bug #81195. Patch from Mike Morano <mmorano@mikeandwan.us>.
|
|
|
|
2007-03-12 Marek Habersack <mhabersack@novell.com>
|
|
|
|
* RolePrincipal.cs: decrypt the roles ticket properly. Makes role
|
|
caching in cookies work. Fixes bug #81117. Patch from Mike Morano
|
|
<mmorano@mikeandwan.us>
|
|
|
|
2007-03-02 Marek Habersack <mhabersack@novell.com>
|
|
|
|
* SqlMembershipProvider.cs: cast PasswordFormat to int, so that
|
|
the parameter code can infer the sql type. Makes user creation,
|
|
password reset etc. work.
|
|
|
|
2007-02-28 Andreia Gaita <avidigal@novell.com>
|
|
|
|
* SqlRoleProvider.cs: Fix parameter binding to stored procedures.
|
|
* SqlMembershipProvider.cs: Fix parameter binding to stored procedures.
|
|
CreateUser() doesn't use transactions in MS asp.net, so removed the
|
|
transaction calls.
|
|
|
|
2007-02-19 Vladimir Krasnov <vladimirk@mainsoft.com>
|
|
|
|
* RoleManagerModule.cs: fixed role chaching in OnEndRequest and
|
|
OnPostAuthenticateRequest
|
|
* RolePrincipal.cs: implemented ToEncryptedTicket, implemented caching
|
|
role functionality
|
|
* Roles.cs: implemented DeleteCookie, fixed CookieProtectionValue to
|
|
get it's value from configuration
|
|
|
|
2007-02-08 Marek Habersack <grendello@gmail.com>
|
|
|
|
* FormsAuthenticationModule.cs: Expire auth tickets properly.
|
|
|
|
* MembershipProvider.cs: Do not clear the password before
|
|
encrypting it.
|
|
|
|
2007-01-20 Miguel de Icaza <miguel@novell.com>
|
|
|
|
* SqlRoleProvider.cs: comment out unused code.
|
|
|
|
* SqlMembershipProvider.cs: Removed unused variables.
|
|
Remove unused variable.
|
|
|
|
* AnonymousIdentificationModule.cs (ClearAnonymousIdentifier):
|
|
remove unused variable. This might be a real bug.
|
|
|
|
2007-01-16 Vladimir Krasnov <vladimirk@mainsoft.com>
|
|
|
|
* RoleManagerModule.cs: fixed OnPostAuthenticateRequest,
|
|
CacheRolesInCookie not supported yet
|
|
* Roles.cs: fixed DeleteCookie, CacheRolesInCookie not supported yet
|
|
|
|
2007-01-11 Adar Wesley <adarw@mainsoft.com>
|
|
|
|
* MembershipProvider.cs: fixed EncryptPassword to use password buffer length
|
|
|
|
2007-01-04 Vladimir Krasnov <vladimirk@mainsoft.com>
|
|
|
|
* AnonymousIdentificationModule.cs: fixed OnEnter, fixed failure on
|
|
incorrect cookie value that browser may hold
|
|
|
|
2006-12-27 Vladimir Krasnov <vladimirk@mainsoft.com>
|
|
|
|
* FormsAuthentication.cs: added internal ReturnUrl property,
|
|
GetRedirectUrl added usage of ReturnUrl
|
|
|
|
2006-12-12 Vladimir Krasnov <vladimirk@mainsoft.com>
|
|
|
|
* FormsAuthentication.cs: TARGET_J2EE define for static members
|
|
|
|
2006-12-06 Vladimir Krasnov <vladimirk@mainsoft.com>
|
|
|
|
* FormsAuthenticationModule.cs: fixed OnAuthenticateRequest, suppress
|
|
exception on wrong ticket
|
|
|
|
2006-12-03 Igor Zelmanovich <igorz@mainsoft.com>
|
|
|
|
* FormsAuthenticationModule.cs:
|
|
set SkipAuthorization=true for WebResource.axd
|
|
|
|
2006-11-27 Vladimir Krasnov <vladimirk@mainsoft.com>
|
|
|
|
* SqlMembershipProvider.cs: typo bug
|
|
|
|
2006-11-21 Vladimir Krasnov <vladimirk@mainsoft.com>
|
|
|
|
* SqlMembershipProvider.cs: fixed fixed exception type in GetPassword
|
|
checks user lockout
|
|
|
|
2006-11-20 Igor Zelmanovich <igorz@mainsoft.com>
|
|
|
|
* SqlMembershipProvider.cs: fixed: UpdateUser works properly.
|
|
|
|
2006-11-15 Igor Zelmanovich <igorz@mainsoft.com>
|
|
|
|
* SqlMembershipProvider.cs: fixed: name is used for ReturnValue parameter.
|
|
|
|
2006-11-05 Vladimir Krasnov <vladimirk@mainsoft.com>
|
|
|
|
* AnonymousIdentificationModule.cs: fixed anonymous id cookie
|
|
|
|
2006-11-05 Vladimir Krasnov <vladimirk@mainsoft.com>
|
|
|
|
* MembershipProvider.cs, SqlMembershipProvider.cs:
|
|
refactoring of DecryptPassword and EncryptPassword methods according
|
|
to documentation
|
|
|
|
2006-09-10 Konstantin Triger <kostat@mainsoft.com>
|
|
|
|
* SqlRoleProvider.cs: throw on empty connection string.
|
|
|
|
2006-09-26 Vladimir Krasnov <vladimirk@mainsoft.com>
|
|
|
|
* Membership.cs: fixed GetAllUsers, typo bug
|
|
* SqlRoleProvider.cs, SqlMembershipProvider.cs: refactored to use
|
|
aspnetdb built in stored procedures,
|
|
fixed application name and membership relation,
|
|
improved exception handling
|
|
|
|
2006-09-03 Igor Zelmanovich <igorz@mainsoft.com>
|
|
|
|
* RolePrincipal.cs: refactoring: instance can be serialized.
|
|
|
|
2006-09-03 Igor Zelmanovich <igorz@mainsoft.com>
|
|
|
|
* SqlMembershipProvider.cs: fixed GetUser,
|
|
when username is String.Empty methods returns null.
|
|
|
|
2006-08-31 Konstantin Triger <kostat@mainsoft.com>
|
|
|
|
* SqlRoleProvider.cs: fixed initialization.
|
|
|
|
2006-08-31 Igor Zelmanovich <igorz@mainsoft.com>
|
|
|
|
* SqlMembershipProvider.cs: fixed CreateUser,
|
|
password is checked, properties MinRequiredPasswordLength and
|
|
MinRequiredNonAlphanumericCharacters are considered.
|
|
|
|
2006-08-29 Konstantin Triger <kostat@mainsoft.com>
|
|
|
|
* SqlMembershipProvider.cs: fix dispose order of reader vs connection.
|
|
|
|
2006-08-28 Igor Zelmanovich <igorz@mainsoft.com>
|
|
|
|
* SqlMembershipProvider.cs: fixed CreateUser, parameter isApproved is
|
|
considered.
|
|
|
|
2006-08-28 Konstantin Triger <kostat@mainsoft.com>
|
|
|
|
* SqlMembershipProvider.cs: ensure GetUser() returns null if it cannot
|
|
retrieve user information.
|
|
|
|
2006-08-28 Konstantin Triger <kostat@mainsoft.com>
|
|
|
|
* SqlRoleProvider.cs, SqlMembershipProvider.cs:
|
|
"use SqlClientFactory in case the ProviderName is not specified.
|
|
|
|
2006-08-27 Konstantin Triger <kostat@mainsoft.com>
|
|
|
|
* SqlRoleProvider.cs: enable concurrent usage, refactoring.
|
|
|
|
2006-08-27 Konstantin Triger <kostat@mainsoft.com>
|
|
|
|
* SqlMembershipProvider.cs: enable concurrent usage, refactoring.
|
|
|
|
2006-08-27 Vladimir Krasnov <vladimirk@mainsoft.com>
|
|
|
|
* SqlMembershipProvider.cs: fixed ValidateUser, bug when user
|
|
not exists
|
|
|
|
2006-08-14 Gonzalo Paniagua Javier <gonzalo@ximian.com>
|
|
|
|
* FormsAuthentication.cs: set the Secure attribute of the authentication
|
|
cookie when required.
|
|
|
|
2006-07-06 Konstantin Triger <kostat@mainsoft.com>
|
|
|
|
* FormsAuthentication.cs: Ensure initialized, fix url mapping.
|
|
|
|
2006-05-03 Chris Toshok <toshok@ximian.com>
|
|
|
|
* SqlMembershipProvider.cs (GetAlg): move this here for the time
|
|
being, as it's the only class that uses it.
|
|
(HashAndBase64Encode): nuke.
|
|
(EncryptAndBase64Encode): nuke.
|
|
(Base64DecodeAndDecrypt): nuke.
|
|
(DecryptPassword): new function.
|
|
(EncryptPassword): new function.
|
|
(ChangePassword): replace the switch with a call to
|
|
EncodePassword.
|
|
(ChangePasswordQuestionAndAnswer): same.
|
|
(CreateUser): same.
|
|
(ResetPassword): same.
|
|
(ValidateUsingPassword): same.
|
|
(ValidateUsingPasswordAnswer): same.
|
|
(GetPassword): same, and throw MembershipPasswordException if the
|
|
password answer is incorrect.
|
|
|
|
* MembershipProvider.cs (InitVector): nuke this. it's actually
|
|
the salt from the database (for the sql provider, anyway).
|
|
(EncodePassword): based on the password format, password, and
|
|
salt, encode it. Makes use of EncryptPassword.
|
|
(DecodePassword): likewise for decoding, makes use of
|
|
DecryptPassword.
|
|
(DecryptPassword): revert this to throwing
|
|
NotImplementedException, as the sql provideroverrides it to
|
|
perform the actual decryption.
|
|
(EncryptPassword): same.
|
|
|
|
2006-05-02 Chris Toshok <toshok@ximian.com>
|
|
|
|
* SqlMembershipProvider.cs: 85% complete, maybe more. The major
|
|
functionality should work. Password retrieval (and encrypted
|
|
passwords in general) is untested.
|
|
|
|
2006-05-01 Chris Toshok <toshok@ximian.com>
|
|
|
|
* Membership.cs (GeneratePassword): don't include quotes (',",`)
|
|
in the set of characters in the generated passwords.
|
|
|
|
2006-05-01 Chris Toshok <toshok@ximian.com>
|
|
|
|
* MembershipProvider.cs (GetAlg): switch from Exception to
|
|
ProviderException to match MS behavior (and fix the unit test.)
|
|
|
|
* Membership.cs (GeneratePassword): implement.
|
|
|
|
2006-05-01 Chris Toshok <toshok@ximian.com>
|
|
|
|
* SqlMembershipProvider.cs: lots more work. checking this in in
|
|
its present state because I don't want to lose it. It still needs
|
|
work.
|
|
|
|
* Membership.cs (.cctor): remove the fallback.
|
|
(ValidatingPassword): remove the MonoTODO.
|
|
|
|
* MembershipProvider.cs (DecryptPassword): implement.
|
|
(EncryptPassword): implement.
|
|
(GetAlg): helper function for Decrypt/EncryptPassword.
|
|
(InitVector): same.
|
|
|
|
2006-04-27 Chris Toshok <toshok@ximian.com>
|
|
|
|
* SqlMembershipProvider.cs (GeneratePassword): call
|
|
Membership.GeneratePassword with the configured minimum strength
|
|
requirements.
|
|
|
|
2006-04-27 Chris Toshok <toshok@ximian.com>
|
|
|
|
* SqlMembershipProvider.cs (UnlockUser): fix sql query, and move
|
|
the CheckPararm call to the top of the method.
|
|
|
|
2006-04-12 Chris Toshok <toshok@ximian.com>
|
|
|
|
* SqlMembershipProvider.cs: commit initial pass at
|
|
SqlMembershipProvider work. lots of stuff untested in here.
|
|
|
|
2006-04-11 Chris Toshok <toshok@ximian.com>
|
|
|
|
* MembershipUser.cs (.ctor): per Shackow's book, all DateTime's
|
|
are converted using ToUniversalTime when passed into this class.
|
|
(UpdateSelf): update ourselves from the passed in MembershipUser,
|
|
swallowing NotSupportedExceptions.
|
|
(UpdateUser): fetch a new MembershipUser from the db and call
|
|
UpdateSelf with it.
|
|
(ChangePassword): call UpdateUser after changing the password.
|
|
(ChangePasswordQuestionAndAnswer): same.
|
|
(ResetPassword): same.
|
|
(UnlockUser): same. Also, don't explicitly set isLockedOut.
|
|
It'll be updated in UpdateSelf.
|
|
(CreationDate): getter calls ToLocalTime, setter calls
|
|
ToUniversalTime.
|
|
(LastActivityDate): same.
|
|
(LastLoginDate): same.
|
|
(LastPasswordChangedDate): same.
|
|
(LastLockoutDate): same.
|
|
|
|
* Membership.cs (.cctor): use
|
|
ProvidersHelper.InstantitateProviders, and remove some unnecessary
|
|
#if NET_2_0's.
|
|
|
|
2006-03-29 Chris Toshok <toshok@ximian.com>
|
|
|
|
* SqlRoleProvider.cs: do the LOWER's in SQL, not in C#.
|
|
|
|
2006-03-23 Chris Toshok <toshok@ximian.com>
|
|
|
|
* Roles.cs: make this 2.0 configuration aware.
|
|
|
|
* SqlRoleProvider.cs: flesh out all the operations. the only
|
|
things that need dealing with are the Initialize method's handling
|
|
of a few parameters, and the ApplicationName property.
|
|
|
|
2006-03-23 Chris Toshok <toshok@ximian.com>
|
|
|
|
* DefaultAuthenticationModule.cs (OnDefaultAuthentication): always
|
|
set Thread.CurrentPrincipal, not just if we set it to the
|
|
GenericPrincipal.
|
|
|
|
2006-03-22 Chris Toshok <toshok@ximian.com>
|
|
|
|
* RoleManagerModule.cs: implement using info in Shackow's book.
|
|
|
|
* RolePrincipal.cs: flesh this out a bit more.
|
|
|
|
* DefaultAuthenticationModule.cs (OnDefaultAuthentication):
|
|
according to Shackow's book, this sets Thread.CurrentPrincipal as
|
|
well as HttpContext.Current.User.
|
|
|
|
2006-02-28 Chris Toshok <toshok@ximian.com>
|
|
|
|
* FormsAuthentication.cs: corcompare work.
|
|
|
|
* MembershipCreateUserException.cs: same.
|
|
|
|
* MembershipPasswordException.cs: same.
|
|
|
|
* AnonymousIdentificationModule.cs: same.
|
|
|
|
2006-02-01 Chris Toshok <toshok@ximian.com>
|
|
|
|
* FormsAuthentication.cs, Membership.cs,
|
|
FormsAuthenticationModule.cs, UrlAuthorizationModule.cs: oops,
|
|
replace GetWebApplicationSection with GetSection.
|
|
|
|
2006-02-01 Chris Toshok <toshok@ximian.com>
|
|
|
|
* FormsAuthentication.cs: CONFIGURATION_2_0 => NET_2_0.
|
|
simplifies the ifdef mess quite a bit.
|
|
|
|
* Membership.cs: same.
|
|
|
|
* FormsAuthenticationModule.cs: same.
|
|
|
|
* UrlAuthorizationModule.cs: same.
|
|
|
|
2006-01-04 Chris Toshok <toshok@ximian.com>
|
|
|
|
* FormsAuthentication.cs (Authenticate): add CONFIGURATION_2_0
|
|
code.
|
|
(Decrypt2): same.
|
|
(Decrypt): same.
|
|
(Encrypt): same.
|
|
(Initialize): same.
|
|
|
|
2006-01-04 Chris Toshok <toshok@ximian.com>
|
|
|
|
* Membership.cs (.cctor): enable the code here under
|
|
CONFIGURATION_2_0.
|
|
|
|
2006-01-03 Chris Toshok <toshok@ximian.com>
|
|
|
|
* UrlAuthorizationModule.cs (OnAuthorizeRequest): add
|
|
CONFIGURATION_2_0 code here.
|
|
|
|
2005-12-22 Gonzalo Paniagua Javier <gonzalo@ximian.com>
|
|
|
|
* FormsAuthentication.cs: don't end the request in
|
|
RedirectFromLoginPage.
|
|
|
|
2005-12-22 Gonzalo Paniagua Javier <gonzalo@ximian.com>
|
|
|
|
* FormsAuthenticationModule.cs: expire the cookie. Fixes bug #77043.
|
|
Patch by Cyrille Colin.
|
|
|
|
2005-12-13 Gonzalo Paniagua Javier <gonzalo@ximian.com>
|
|
|
|
* FormsAuthenticationModule.cs: ignore any exception thrown when mapping
|
|
the provided virtual path to the physical one. Patch by Cyrille Colin.
|
|
|
|
2005-11-28 Chris Toshok <toshok@ximian.com>
|
|
|
|
* FormsAuthenticationModule.cs (OnAuthenticateRequest):
|
|
CONFIGURATION_2_0 work.
|
|
(OnEndRequest): same.
|
|
|
|
2005-09-09 Sebastien Pouliot <sebastien@ximian.com>
|
|
|
|
* DefaultAuthenticationEventArgs.cs: Added LinkDemand for Minimal.
|
|
* DefaultAuthenticationModule.cs: Added LinkDemand for Minimal. Added
|
|
Demand for UnmanagedCode on constructor.
|
|
* FileAuthorizationModule.cs: Added LinkDemand for Minimal. Added
|
|
Demand for UnmanagedCode on constructor.
|
|
* FormsAuthentication.cs: Added LinkDemand for Minimal.
|
|
* FormsAuthenticationEventArgs.cs: Added LinkDemand for Minimal.
|
|
* FormsAuthenticationModule.cs: Added LinkDemand for Minimal. Added
|
|
Demand for UnmanagedCode on constructor.
|
|
* FormsAuthenticationTicket.cs: Added LinkDemand for Minimal.
|
|
* FormsIdentity.cs: Added LinkDemand for Minimal.
|
|
* PassportAuthenticationEventArgs.cs: Added LinkDemand for Minimal.
|
|
* PassportAuthenticationModule.cs: Added LinkDemand for Minimal. Added
|
|
Demand for UnmanagedCode on constructor.
|
|
* PassportIdentity.cs: Added LinkDemand for Minimal. Added Demand for
|
|
UnmanagedCode on constructor.
|
|
* UrlAuthorizationModule.cs: Added LinkDemand for Minimal. Added
|
|
Demand for UnmanagedCode on constructor.
|
|
* WindowsAuthenticationEventArgs.cs: Added LinkDemand for Minimal.
|
|
* WindowsAuthenticationModule.cs: Added LinkDemand for Minimal. Added
|
|
Demand for UnmanagedCode on constructor.
|
|
|
|
2005-09-01 Sebastien Pouliot <sebastien@ximian.com>
|
|
|
|
* FormsAuthenticationEventArgs.cs: Ensure the setter for User is
|
|
protected by a demand for ControlPrincipal.
|
|
* PassportAuthenticationEventArgs.cs: Ensure the setter for User is
|
|
protected by a demand for ControlPrincipal.
|
|
* WindowsAuthenticationEventArgs.cs: Ensure the setter for User is
|
|
protected by a demand for ControlPrincipal.
|
|
|
|
2005-08-25 Sebastien Pouliot <sebastien@ximian.com>
|
|
|
|
* FormsAuthentication.cs: With 2.0 we can get the default properties
|
|
and call Initialize without a NRE.
|
|
|
|
2005-08-25 Sebastien Pouliot <sebastien@ximian.com>
|
|
|
|
* ActiveDirectoryConnectionProtection.cs: New (2.0) enum.
|
|
* ActiveDirectoryMembershipProvider.cs: Fixed 2.0 API.
|
|
* AnonymousIdentificationEventArgs.cs: Fixed AnonymousID property case.
|
|
* AnonymousIdentificationModule.cs: Fixed 2.0 API.
|
|
* FileAuthorizationModule.cs: Added static CheckFileAccessForUser in
|
|
2.0 profile (TODO).
|
|
* FormsAuthentication.cs: Added missing 2.0 properties with their
|
|
default values.
|
|
* MembershipCreateStatus.cs: Fixed enum values/names.
|
|
* MembershipProvider.cs: Added stub for [Decrypt|Encrypt]Password. Both
|
|
methods don't seems to work without an active provider.
|
|
* PassportIdentity.cs: Added IDispose for 2.0 profile.
|
|
* Roles.cs: Added missing beta2 bits and default values (which are the
|
|
only things working without a role provider (web.config).
|
|
* RolePrincipal.cs: Fixed 2.0 API. Implemented a few bits.
|
|
* SqlRoleProvider.cs: Fixed 2.0 API.
|
|
* UrlAuthorizationModule.cs: Added static CheckUrlAccessForPrincipal in
|
|
2.0 profile (TODO).
|
|
|
|
2005-08-24 Sebastien Pouliot <sebastien@ximian.com>
|
|
|
|
* MembershipUserCollection.cs: Fix exceptions.
|
|
|
|
2005-08-22 Sebastien Pouliot <sebastien@ximian.com>
|
|
|
|
* FormsAuthentication.cs: Add some 2.0 stuff required for Login*
|
|
controls to compile.
|
|
|
|
2005-08-18 Sebastien Pouliot <sebastien@ximian.com>
|
|
|
|
* Membership.cs: Commented unworking parts of the .cctor to allow
|
|
testing the Login control.
|
|
* MembershipProviderCollection.cs: Fixed exception handling.
|
|
* SqlMembershipProvider.cs: Don't throw NotImplementedException
|
|
everywhere so Membership's .cctor (somewhat) works. Removed
|
|
Description property (not in beta2).
|
|
|
|
2005-07-28 Gonzalo Paniagua Javier <gonzalo@ximian.com>
|
|
|
|
* FormsAuthentication.cs: allow hardware acceleration support if
|
|
available. Sebastien dixit.
|
|
|
|
2005-07-26 Gonzalo Paniagua Javier <gonzalo@ximian.com>
|
|
|
|
* FormsAuthentication.cs: the init_vector must be the same accross
|
|
restarts, otherwise the cookie does not work even when a decryption
|
|
key is provided. Initialize it to the bytes of the cookie name. Fixes
|
|
bug #75635.
|
|
|
|
2005-07-25 Eyal Alaluf <eyala@mainsoft.com>
|
|
|
|
* FormsAuthenticationModule.cs: Check for null config
|
|
|
|
2005-07-25 Miguel de Icaza <miguel@novell.com>
|
|
|
|
* FormsAuthentication.cs (SignOut): Force the cookie to have it
|
|
expire in the past.
|
|
|
|
2005-07-25 Gonzalo Paniagua Javier <gonzalo@ximian.com>
|
|
|
|
* FormsAuthentication.cs: my previous patch missed a "small" detail: it
|
|
didn't include the verification key when computing/checking the
|
|
validation hash. Now this is really a MAC or HMAC or...
|
|
|
|
2005-07-25 Gonzalo Paniagua Javier <gonzalo@ximian.com>
|
|
|
|
* FormsAuthentication.cs:
|
|
* FormsAuthenticationTicket.cs: added support for validation and
|
|
encryption of the auth. cookie and improved serialization of the ticket.
|
|
|
|
2005-07-01 Lluis Sanchez Gual <lluis@novell.com>
|
|
|
|
* Membership.cs: Read provider info from the config file.
|
|
|
|
2005-06-10 Lluis Sanchez Gual <lluis@novell.com>
|
|
|
|
* MembershipUserCollection.cs:
|
|
* MembershipPasswordException.cs:
|
|
* RoleProviderCollection.cs:
|
|
* ActiveDirectoryMembershipProvider.cs:
|
|
* SqlMembershipProvider.cs:
|
|
* MembershipProvider.cs:
|
|
* SqlRoleProvider.cs:
|
|
* Membership.cs:
|
|
* MembershipUser.cs:
|
|
* MembershipProviderCollection.cs:
|
|
* Roles.cs:.
|
|
* RoleProvider.cs: Track api changes in ASP.NET 2.0. Implemented
|
|
some missing methods.
|
|
|
|
* AccessRoleProvider.cs:
|
|
* AccessMembershipProvider.cs: Removed.
|
|
|
|
* MembershipCreateUserException.cs:
|
|
* MembershipValidatePasswordEventHandler.cs:
|
|
* ValidatePasswordEventArgs.cs: Implemented.
|
|
|
|
2005-05-21 Sebastien Pouliot <sebastien@ximian.com>
|
|
|
|
* FormsAuthentication.cs: Hash the UTF8 representation of the password
|
|
strings (to be compatible with Microsoft implementation).
|
|
|
|
2005-04-20 Gonzalo Paniagua Javier <gonzalo@ximian.com>
|
|
|
|
* FormsAuthentication.cs:
|
|
* PassportAuthenticationModule.cs:
|
|
* WindowsAuthenticationModule.cs: removed warnings.
|
|
|
|
2005-03-11 Gonzalo Paniagua Javier <gonzalo@ximian.com>
|
|
|
|
* FormsAuthenticationModule.cs: fix for bug 73545, which caused
|
|
authentication not to work when the cookie was not persistent.
|
|
Patch by Ilya Kharmatsky (Mainsoft).
|
|
|
|
2005-02-23 Gonzalo Paniagua Javier <gonzalo@ximian.com>
|
|
|
|
* FormsAuthentication.cs: make the string to be stored in a config.
|
|
file uppercase... See bug #72557.
|
|
|
|
2005-02-06 Gonzalo Paniagua Javier <gonzalo@ximian.com>
|
|
|
|
* FormsAuthentication.cs: fixed typo when getting the hash for the
|
|
password in SHA1 and MD5. Thanks to Tadas Dailyda.
|
|
Lock on a static object instead of typeof(FormsAuthentication).
|
|
|
|
2004-11-18 Lluis Sanchez Gual <lluis@novell.com>
|
|
|
|
* RoleProvider.cs, Roles.cs, SqlRoleProvider.cs, RoleProviderCollection.cs,
|
|
AccessRoleProvider.cs: IRoleProvider has been renamed to ProviderBase.
|
|
* IMembershipProvider.cs: Deleted.
|
|
* MembershipProvider.cs, AccessMembershipProvider.cs, MembershipUser.cs,
|
|
Membership.cs, ADMembershipProvider.cs, SqlMembershipProvider.cs
|
|
MembershipProviderCollection.cs: MembershipProvider has been deleted
|
|
and replaced by the abstract class MembershipProvider.
|
|
* MembershipProviderCollection.cs: Minor fixes.
|
|
* ADMembershipProvider.cs: Renamed to ActiveDirectoryMembershipProvider.cs.
|
|
|
|
2004-11-15 Lluis Sanchez Gual <lluis@novell.com>
|
|
|
|
* RoleProviderCollection.cs, MembershipProviderCollection.cs:
|
|
Fixed warnings.
|
|
|
|
2004-08-23 Gonzalo Paniagua Javier <gonzalo@ximian.com>
|
|
|
|
* FormsAuthentication.cs: patch by Jim Pease to fix the date on renewal.
|
|
|
|
2004-08-22 Gonzalo Paniagua Javier <gonzalo@ximian.com>
|
|
|
|
* FormsAuthenticationModule.cs: don't renew expired cookies. Only renew
|
|
the cookie if SlidingExpiration is set. Thanks to Jim Pease.
|
|
|
|
2004-08-03 Sanjay Gupta <gsanjay@novell.com>
|
|
|
|
* MembershipSortOptions.cs:
|
|
* MembershipPasswordFormat.cs:
|
|
* MembershipOnlineStatus.cs:
|
|
* MembershipCreateStatus.cs:
|
|
* CookieProtection.cs: minor modifications.
|
|
|
|
2004-06-12 Pedro Martnez Juli <yoros@wanadoo.es>
|
|
|
|
* FormsAuthentication.cs: Undo last change.
|
|
|
|
2004-06-12 Pedro Martnez Juli <yoros@wanadoo.es>
|
|
|
|
* FormsAuthentication.cs: go to loginUrl from web.config settings
|
|
before try with the default ones.
|
|
|
|
2004-06-11 Gonzalo Paniagua Javier <gonzalo@ximian.com>
|
|
|
|
* DefaultAuthenticationModule.cs: set the IPrincipal for this thread
|
|
once we have a user. Fixes bug #59683.
|
|
|
|
2004-04-21 Gonzalo Paniagua Javier <gonzalo@ximian.com>
|
|
|
|
* FormsAuthenticationModule.cs: re-read configuration files if needed
|
|
when determining if forms auth. is used.
|
|
|
|
2004-01-23 Gonzalo Paniagua Javier <gonzalo@ximian.com>
|
|
|
|
* FormsAuthentication.cs: added RequireSSL and SlidingExpiration.
|
|
|
|
2004-01-11 Andreas Nahr <ClassDevelopment@A-SoftTech.com>
|
|
|
|
* PassportIdentity.cs: Added v 1.1 members
|
|
|
|
2003-11-25 Ben Maurer <bmaurer@users.sourceforge.net>
|
|
|
|
* AccessMembershipProvider.cs: New v2 file
|
|
* AccessRoleProvider.cs: New v2 file
|
|
* ADMembershipProvider.cs: New v2 file
|
|
* AnonymousIdentificationEventArgs.cs: New v2 file
|
|
* AnonymousIdentificationEventHandler.cs: New v2 file
|
|
* AnonymousIdentificationModule.cs: New v2 file
|
|
* CookieProtection.cs: New v2 file
|
|
* IMembershipProvider.cs: New v2 file
|
|
* IRoleProvider.cs: New v2 file
|
|
* Membership.cs: New v2 file
|
|
* MembershipCreateStatus.cs: New v2 file
|
|
* MembershipCreateUserException.cs: New v2 file
|
|
* MembershipOnlineStatus.cs: New v2 file
|
|
* MembershipPasswordException.cs: New v2 file
|
|
* MembershipPasswordFormat.cs: New v2 file
|
|
* MembershipProviderCollection.cs: New v2 file
|
|
* MembershipSortOptions.cs: New v2 file
|
|
* MembershipUser.cs: New v2 file
|
|
* MembershipUserCollection.cs: New v2 file
|
|
* RoleManagerEventArgs.cs: New v2 file
|
|
* RoleManagerEventHandler.cs: New v2 file
|
|
* RoleManagerModule.cs: New v2 file
|
|
* RolePrincipal.cs: New v2 file
|
|
* RoleProviderCollection.cs: New v2 file
|
|
* Roles.cs: New v2 file
|
|
* SqlMembershipProvider.cs: New v2 file
|
|
* SqlRoleProvider.cs: New v2 file
|
|
|
|
2003-11-05 Gonzalo Paniagua Javier <gonzalo@ximian.com>
|
|
|
|
* FormsAuthentication.cs: encoding updates.
|
|
|
|
2003-10-04 Gonzalo Paniagua Javier <gonzalo@ximian.com>
|
|
|
|
* FormsAuthenticationModule.cs: fixed for applications other than /.
|
|
|
|
2003-08-27 Gonzalo Paniagua Javier <gonzalo@ximian.com>
|
|
|
|
* UrlAuthorizationModule.cs: fixed description for status code.
|
|
|
|
2003-07-31 Gonzalo Paniagua Javier <gonzalo@ximian.com>
|
|
|
|
* FormsAuthenticationModule.cs: really renew the ticket. Thanks to
|
|
Jens Thiel <Jens@Thiel.DE>.
|
|
|
|
2003-02-13 Gonzalo Paniagua Javier <gonzalo@ximian.com>
|
|
|
|
* UrlAuthorizationModule.cs: tell the application not to run any other
|
|
step apart from EndRequest.
|
|
|
|
2003-02-12 Gonzalo Paniagua Javier <gonzalo@ximian.com>
|
|
|
|
* FormsAuthentication.cs: implemented RedirectFromLoginPage and
|
|
GetRedirectUrl.
|
|
|
|
* FormsAuthenticationModule.cs: redirect to the login page when a 401
|
|
error happens.
|
|
|
|
* UrlAuthorizationModule.cs: check for valid user or render error page.
|
|
|
|
2003-01-04 Gonzalo Paniagua Javier <gonzalo@ximian.com>
|
|
|
|
* DefaultAuthenticationModule.cs: implemented. It just create a default
|
|
unauthenticated user when no one else provided one.
|
|
|
|
* FormsAuthenticationModule.cs: removed debug output.
|
|
|
|
2002-12-20 Gonzalo Paniagua Javier <gonzalo@ximian.com>
|
|
|
|
* FormsAuthenticationModule.cs: remove debug lines.
|
|
|
|
2002-12-19 Gonzalo Paniagua Javier <gonzalo@ximian.com>
|
|
|
|
* FormsAuthentication.cs: return a null ticket when an exception is
|
|
thrown creating it. Implemented RenewTicketIfOld.
|
|
|
|
* FormsAuthenticationModule.cs: implemented event handlers for
|
|
AuthenticateRequest and EndRequest.
|
|
|
|
* FormsAuthenticationTicket.cs: implemented SetDates and Clone methods.
|
|
|
|
2002-12-18 Gonzalo Paniagua Javier <gonzalo@ximian.com>
|
|
|
|
* FormsAuthentication.cs: implemented GetAuthCookie, SetAuthCookie,
|
|
SignOut, FormsCookieName and FormsCookiePath.
|
|
|
|
2002-12-17 Gonzalo Paniagua Javier <gonzalo@ximian.com>
|
|
|
|
* FormsAuthentication.cs: implemented Authenticate, unencrypted Encrypt
|
|
and Decrypt, HashPasswordForStoringInConfigFile and Initialize.
|
|
|
|
* FormsAuthenticationTicket.cs: set cookiePath to the default when no
|
|
other provided.
|
|
|
|
2002-08-26 Gonzalo Paniagua Javier <gonzalo@ximian.com>
|
|
|
|
* DefaultAuthenticationEventHandler.cs:
|
|
* DefaultAuthenticationModule.cs:
|
|
* FileAuthorizationModule.cs:
|
|
* FormsAuthentication.cs:
|
|
* FormsAuthenticationEventArgs.cs:
|
|
* FormsAuthenticationEventHandler.cs:
|
|
* FormsAuthenticationModule.cs:
|
|
* FormsAuthenticationTicket.cs:
|
|
* FormsIdentity.cs:
|
|
* PassportAuthenticationEventArgs.cs:
|
|
* PassportAuthenticationEventHandler.cs:
|
|
* PassportAuthenticationModule.cs:
|
|
* PassportIdentity.cs:
|
|
* UrlAuthorizationModule.cs:
|
|
* WindowsAuthenticationEventArgs.cs:
|
|
* WindowsAuthenticationEventHandler.cs:
|
|
* WindowsAuthenticationModule.cs: new files. Some of them implemented,
|
|
some others stubbed out.
|
|
|
|
2002-06-03 Gonzalo Paniagua Javier <gonzalo@ximian.com>
|
|
|
|
* DefaultAuthenticationEventArgs.cs: added file.
|
|
|