MonoX support board

Start the conversation, ask questions and share tips and solutions with fellow developers.

Non-registered users can only browse through our support boards. Please register now if you want to post your questions. It takes a second and it is completely free. Alternatively, you can log in without registration using your credentials at major sites such as Google, Microsoft Live, OpenId, Facebook, LinkedIn or Yahoo.

External forms authentication  (Mono Support )

Viewed 15947 time(s), 13 post(s) 9/3/2013 1:20:46 PMby inanc
inanc

inanc

9/3/2013 1:20:46 PM
  Hello,
        In my organization we have an external database and webservice running on this database for the form authentication of several web based applications. In that external database we have the tables that storing data on
which users have which priviligies on which forms with specific urls. And I've have an application built on monox. My wish is to entegrate my monox based app with that authentication service so users can pass the 
monox based application with the credentials stored in that external database via web service. Where should i start from?
Regards.
Inanc   
This content has not been rated yet. 
469 Reputation 60 Total posts
khorvat

khorvat

9/5/2013 6:48:24 AM
Hi,

the best way to approach this is to go with the implementation of new ASP.NET Membership provider. In your custom provider you should handle the access to your authentication service.

Some useful links
Implementing a Membership Provider
How to: Sample Membership Provider Implementation

Let us know if you need more information.

Regards
This content has not been rated yet. 
15993 Reputation 2214 Total posts
inanc

inanc

9/5/2013 7:26:12 AM
Thank you Khorvat,
I'll give it a try.
Regards
This content has not been rated yet. 
469 Reputation 60 Total posts
inanc

inanc

9/6/2013 7:57:08 AM
Hello,
As described on 
http://channel9.msdn.com/Blogs/ASP-NET-Site-Videos/how-do-i-create-a-custom-membership-provider

I've tried to create a new custom membership class. And I've changed the web.config as 
<connectionStrings>
    <remove name="LocalSqlServer"/>
    <add name="LocalSqlServer" connectionString="Data Source=(local);uid=sa;pwd=!a1478963a!;database=Monox48;Connect Timeout=300;" providerName="System.Data.SqlClient"/>
    <add name="HDIConnectionString" providerName="System.Data.SqlClient" connectionString="data source=.;UID=sa;PWD=!a1478963a!;initial catalog=HDIMembershipProvider"/>
    <add name="ADConnectionString" connectionString="LDAP://server.domain"/>
  </connectionStrings>




<!--
    <membership defaultProvider="AspNetSqlMembershipProvider" hashAlgorithmType="SHA1">
      <providers>
        <remove name="AspNetSqlMembershipProvider"/>
        <add connectionStringName="LocalSqlServer" enablePasswordRetrieval="true" enablePasswordReset="true" requiresQuestionAndAnswer="false" applicationName="MonoX" requiresUniqueEmail="false" passwordFormat="Clear" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="7" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10" passwordStrengthRegularExpression="" name="AspNetSqlMembershipProvider" type="MonoSoftware.MonoX.MonoXMembershipProvider, MonoX"/>
        -->
         
        <!-- <add name="ActiveDirectoryMembershipProvider" type="MonoSoftware.MonoX.ActiveDirectoryMembershipProvider" connectionStringName="ADConnectionString" attributeMapUsername="sAMAccountName" applicationName="MonoX"
         connectionUsername="username@yourdomain"
         connectionPassword="pwd" /> -->
    <!-- 
    </providers>
    </membership>
-->
 
 
    <membership  defaultProvider="HDIMembershipProvider" userIsOnlineTimeWindow="15">
 
    <providers>
      <!--<clear/>-->
      <remove name="HDIMembershipProvider"/>
      <add
        name="HDIMembershipProvider"
        type="HDI.AspNet.Membership.HDIMembershipProvider"
        connectionStringName="HDIConnectionString"
        enablePasswordRetrieval="true"
        enablePasswordReset="true"
        requiresQuestionAndAnswer="true"
        writeExceptionsToEventLog="false" />
    </providers>
    </membership>

 but  now I have an error message like 



Server Error in '/' Application.
--------------------------------------------------------------------------------
 
 
The INSERT statement conflicted with the FOREIGN KEY constraint "FK_Page_aspnet_Applications". The conflict occurred in database "Monox48", table "dbo.aspnet_Applications", column 'ApplicationId'.
The statement has been terminated.
  Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.
 
 Exception Details: System.Data.SqlClient.SqlException: The INSERT statement conflicted with the FOREIGN KEY constraint "FK_Page_aspnet_Applications". The conflict occurred in database "Monox48", table "dbo.aspnet_Applications", column 'ApplicationId'.
The statement has been terminated.
 
Source Error:
 
 
 An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below. 
 
Stack Trace:
 
 
 
[SqlException (0x80131904): The INSERT statement conflicted with the FOREIGN KEY constraint "FK_Page_aspnet_Applications". The conflict occurred in database "Monox48", table "dbo.aspnet_Applications", column 'ApplicationId'.
The statement has been terminated.]
   System.Data.SqlClient.SqlConnection.OnError(SqlException exception, Boolean breakConnection, Action`1 wrapCloseInAction) +1768986
   System.Data.SqlClient.SqlInternalConnection.OnError(SqlException exception, Boolean breakConnection, Action`1 wrapCloseInAction) +5352738
   System.Data.SqlClient.TdsParser.ThrowExceptionAndWarning(TdsParserStateObject stateObj, Boolean callerHasConnectionLock, Boolean asyncClose) +244
   System.Data.SqlClient.TdsParser.TryRun(RunBehavior runBehavior, SqlCommand cmdHandler, SqlDataReader dataStream, BulkCopySimpleResultSet bulkCopyHandler, TdsParserStateObject stateObj, Boolean& dataReady) +1691
   System.Data.SqlClient.SqlCommand.FinishExecuteReader(SqlDataReader ds, RunBehavior runBehavior, String resetOptionsString) +269
   System.Data.SqlClient.SqlCommand.RunExecuteReaderTds(CommandBehavior cmdBehavior, RunBehavior runBehavior, Boolean returnStream, Boolean async, Int32 timeout, Task& task, Boolean asyncWrite, SqlDataReader ds) +1406
   System.Data.SqlClient.SqlCommand.RunExecuteReader(CommandBehavior cmdBehavior, RunBehavior runBehavior, Boolean returnStream, String method, TaskCompletionSource`1 completion, Int32 timeout, Task& task, Boolean asyncWrite) +177
   System.Data.SqlClient.SqlCommand.InternalExecuteNonQuery(TaskCompletionSource`1 completion, String methodName, Boolean sendToPipe, Int32 timeout, Boolean asyncWrite) +205
   System.Data.SqlClient.SqlCommand.ExecuteNonQuery() +160
   SD.LLBLGen.Pro.ORMSupportClasses.ActionQuery.Execute() +766
 
[ORMQueryExecutionException: An exception was caught during the execution of an action query: The INSERT statement conflicted with the FOREIGN KEY constraint "FK_Page_aspnet_Applications". The conflict occurred in database "Monox48", table "dbo.aspnet_Applications", column 'ApplicationId'.
The statement has been terminated.. Check InnerException, QueryExecuted and Parameters of this exception to examine the cause of this exception.]
   SD.LLBLGen.Pro.ORMSupportClasses.ActionQuery.Execute() +1186
   SD.LLBLGen.Pro.ORMSupportClasses.BatchActionQuery.Execute() +120
   SD.LLBLGen.Pro.ORMSupportClasses.DataAccessAdapterBase.ExecuteActionQuery(IActionQuery queryToExecute) +106
   SD.LLBLGen.Pro.ORMSupportClasses.DataAccessAdapterBase.PersistQueue(List`1 queueToPersist, Boolean insertActions, Int32& totalAmountSaved) +1811
   SD.LLBLGen.Pro.ORMSupportClasses.DataAccessAdapterBase.SaveEntity(IEntity2 entityToSave, Boolean refetchAfterSave, IPredicateExpression updateRestriction, Boolean recurse) +1429
   SD.LLBLGen.Pro.ORMSupportClasses.DataAccessAdapterBase.SaveEntity(IEntity2 entityToSave, Boolean refetchAfterSave) +91
   MonoSoftware.LLBLGen.Repository.SaveEntity(IEntity2 entityToSave, Boolean refetchAfterSave) +97
   MonoSoftware.MonoX.Repositories.PageRepository.CreatePage(String url, String template) +569
   MonoSoftware.MonoX.Repositories.PageRepository.CreatePage(String url) +127
   MonoSoftware.MonoX.Utilities.PageUtility.GetPageProperties(String appRelativeCurrentExecutionFilePath) +426
   MonoSoftware.MonoX.BasePage.GetPageProperties() +108
   MonoSoftware.MonoX.BasePage.get_PageProperties() +75
   MonoSoftware.MonoX.BasePage.OnPreInit(EventArgs e) +98
   System.Web.UI.Page.PerformPreInit() +37
   System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +1912
 

   
 
 
--------------------------------------------------------------------------------
Version Information: Microsoft .NET Framework Version:4.0.30319; ASP.NET Version:4.0.30319.18213
I think Monox is trying to insert a new row into the table aspnet_Applications..and there is no 'ApplicationID' column in my 'Users' table...
any idea?
Thank you..
This content has not been rated yet. 
469 Reputation 60 Total posts
khorvat

khorvat

9/6/2013 12:21:04 PM
Hi,

can you let me know if "HDIMembershipProvider" is your old database with existing data or new one that contains your user information and it doesn't have MonoX Scheme ?

Regards
This content has not been rated yet. 
15993 Reputation 2214 Total posts
inanc

inanc

9/6/2013 12:42:03 PM
Hi Khorvat,
Thank you for your answer.."HDIMembershipProvider" is a sample class overriding the ASP.NET MembershipProvider only for test puposes.No, "HDIMembershipProvider" doesn't have the MonoX Scheme.<br /> You can see the whole structure below including the user table.

//Adapted from: http://msdn2.microsoft.com/en-us/library/6tc47t75(VS.80).aspx
using System;
using System.Configuration;
using System.Collections.Specialized;
using System.Configuration.Provider;
using System.Data;
using System.Data.SqlClient;
using System.Security.Cryptography;
using System.Text;
using System.Web.Configuration;
using System.Web.Security;

// This provider works with the following schema for the table of user data.
// 
//CREATE TABLE [dbo].[Users](
// [UserID] [uniqueidentifier] NOT NULL,
// [Username] [nvarchar](255) NOT NULL,
// [ApplicationName] [nvarchar](255) NOT NULL,
// [Email] [nvarchar](128) NOT NULL,
// [Comment] [nvarchar](255) NULL,
// [Password] [nvarchar](128) NOT NULL,
// [PasswordQuestion] [nvarchar](255) NULL,
// [PasswordAnswer] [nvarchar](255) NULL,
// [IsApproved] [bit] NULL,
// [LastActivityDate] [datetime] NULL,
// [LastLoginDate] [datetime] NULL,
// [LastPasswordChangedDate] [datetime] NULL,
// [CreationDate] [datetime] NULL,
// [IsOnLine] [bit] NULL,
// [IsLockedOut] [bit] NULL,
// [LastLockedOutDate] [datetime] NULL,
// [FailedPasswordAttemptCount] [int] NULL,
// [FailedPasswordAttemptWindowStart] [datetime] NULL,
// [FailedPasswordAnswerAttemptCount] [int] NULL,
// [FailedPasswordAnswerAttemptWindowStart] [datetime] NULL,
//PRIMARY KEY CLUSTERED 
//(
// [UserID] ASC
//)WITH (PAD_INDEX  = OFF, STATISTICS_NORECOMPUTE  = OFF, IGNORE_DUP_KEY = OFF, ALLOW_ROW_LOCKS  = ON, ALLOW_PAGE_LOCKS  = ON) ON [PRIMARY]
//) ON [PRIMARY]
// 

namespace HDI.AspNet.Membership
{

  public sealed class HDIMembershipProvider : MembershipProvider
  {

    #region Class Variables

    private int newPasswordLength = 8;
    private string connectionString;
      private Guid applicationID;
    private string applicationName;
    private bool enablePasswordReset;
    private bool enablePasswordRetrieval;
    private bool requiresQuestionAndAnswer;
    private bool requiresUniqueEmail;
    private int maxInvalidPasswordAttempts;
    private int passwordAttemptWindow;
    private MembershipPasswordFormat passwordFormat;
    private int minRequiredNonAlphanumericCharacters;
    private int minRequiredPasswordLength;
    private string passwordStrengthRegularExpression;
    private MachineKeySection machineKey; //Used when determining encryption key values.

    #endregion

    #region Enums

    private enum FailureType
    {
      Password = 1,
      PasswordAnswer = 2
    }

    #endregion

    #region Properties


    //public override Guid ApplicationId
    //{
    //    get
    //    {
    //        return applicationID;
    //    }
    //    set
    //    {
    //        applicationID = value;
    //    }
    //}


    public override string ApplicationName
    {
      get
      {
        return applicationName;
      }
      set
      {
        applicationName = value;
      }
    }

    public override bool EnablePasswordReset
    {
      get
      {
        return enablePasswordReset;
      }
    }

    public override bool EnablePasswordRetrieval
    {
      get
      {
        return enablePasswordRetrieval;
      }
    }

    public override bool RequiresQuestionAndAnswer
    {
      get
      {
        return requiresQuestionAndAnswer;
      }
    }

    public override bool RequiresUniqueEmail
    {
      get
      {
        return requiresUniqueEmail;
      }
    }

    public override int MaxInvalidPasswordAttempts
    {
      get
      {
        return maxInvalidPasswordAttempts;
      }
    }

    public override int PasswordAttemptWindow
    {
      get
      {
        return passwordAttemptWindow;
      }
    }

    public override MembershipPasswordFormat PasswordFormat
    {
      get
      {
        return passwordFormat;
      }
    }

    public override int MinRequiredNonAlphanumericCharacters
    {
      get
      {
        return minRequiredNonAlphanumericCharacters;
      }
    }

    public override int MinRequiredPasswordLength
    {
      get
      {
        return minRequiredPasswordLength;
      }
    }

    public override string PasswordStrengthRegularExpression
    {
      get
      {
        return passwordStrengthRegularExpression;
      }
    }

    #endregion

    #region Initialization

    public override void Initialize(string name, NameValueCollection config)
    {
      if (config == null)
      {
        throw new ArgumentNullException("config");
      }

      if (name == null || name.Length == 0)
      {
        name = "HDIMembershipProvider";
      }

      if (String.IsNullOrEmpty(config["description"]))
      {
        config.Remove("description");
        config.Add("description", "How Do I: Sample Membership provider");
      }

      //Initialize the abstract base class.
      base.Initialize(name, config);
      applicationID = new Guid(GetConfigValue(config["applicationID"], "67c919e2-8df4-476a-b312-c26f82a36cfb"));
      applicationName = GetConfigValue(config["applicationName"], System.Web.Hosting.HostingEnvironment.ApplicationVirtualPath);
      maxInvalidPasswordAttempts = Convert.ToInt32(GetConfigValue(config["maxInvalidPasswordAttempts"], "5"));
      passwordAttemptWindow = Convert.ToInt32(GetConfigValue(config["passwordAttemptWindow"], "10"));
      minRequiredNonAlphanumericCharacters = Convert.ToInt32(GetConfigValue(config["minRequiredAlphaNumericCharacters"], "1"));
      minRequiredPasswordLength = Convert.ToInt32(GetConfigValue(config["minRequiredPasswordLength"], "7"));
      passwordStrengthRegularExpression = Convert.ToString(GetConfigValue(config["passwordStrengthRegularExpression"], String.Empty));
      enablePasswordReset = Convert.ToBoolean(GetConfigValue(config["enablePasswordReset"], "true"));
      enablePasswordRetrieval = Convert.ToBoolean(GetConfigValue(config["enablePasswordRetrieval"], "true"));
      requiresQuestionAndAnswer = Convert.ToBoolean(GetConfigValue(config["requiresQuestionAndAnswer"], "false"));
      requiresUniqueEmail = Convert.ToBoolean(GetConfigValue(config["requiresUniqueEmail"], "true"));

      string temp_format = config["passwordFormat"];
      if (temp_format == null)
      {
        temp_format = "Hashed";
      }

      switch (temp_format)
      {
        case "Hashed":
          passwordFormat = MembershipPasswordFormat.Hashed;
          break;
        case "Encrypted":
          passwordFormat = MembershipPasswordFormat.Encrypted;
          break;
        case "Clear":
          passwordFormat = MembershipPasswordFormat.Clear;
          break;
        default:
          throw new ProviderException("Password format not supported.");
      }

      ConnectionStringSettings ConnectionStringSettings = ConfigurationManager.ConnectionStrings[config["connectionStringName"]];

      if ((ConnectionStringSettings == null) || (ConnectionStringSettings.ConnectionString.Trim() == String.Empty))
      {
        throw new ProviderException("Connection string cannot be blank.");
      }

      connectionString = ConnectionStringSettings.ConnectionString;

      //Get encryption and decryption key information from the configuration.
      System.Configuration.Configuration cfg = WebConfigurationManager.OpenWebConfiguration(System.Web.Hosting.HostingEnvironment.ApplicationVirtualPath);
      machineKey = cfg.GetSection("system.web/machineKey") as MachineKeySection;

      if (machineKey.ValidationKey.Contains("AutoGenerate"))
      {
        if (PasswordFormat != MembershipPasswordFormat.Clear)
        {
          throw new ProviderException("Hashed or Encrypted passwords are not supported with auto-generated keys.");
        }
      }
    }

    private string GetConfigValue(string configValue, string defaultValue)
    {
      if (String.IsNullOrEmpty(configValue))
      {
        return defaultValue;
      }

      return configValue;
    }

    #endregion

    #region Implemented Abstract Methods from MembershipProvider

    /// <summary>
    /// Change the user password.
    /// </summary>
    /// <param name="username">UserName</param>
    /// <param name="oldPwd">Old password.</param>
    /// <param name="newPwd">New password.</param>
    /// <returns>T/F if password was changed.</returns>
    public override bool ChangePassword(string username, string oldPwd, string newPwd)
    {

      if (!ValidateUser(username, oldPwd))
      {
        return false;
      }

      ValidatePasswordEventArgs args = new ValidatePasswordEventArgs(username, newPwd, true);

      OnValidatingPassword(args);

      if (args.Cancel)
      {
        if (args.FailureInformation != null)
        {
          throw args.FailureInformation;
        }
        else
        {
          throw new Exception("Change password canceled due to new password validation failure.");
        }
      }

      SqlConnection sqlConnection = new SqlConnection(connectionString);
      SqlCommand sqlCommand = new SqlCommand("User_ChangePassword", sqlConnection);

      sqlCommand.CommandType = CommandType.StoredProcedure;
      sqlCommand.Parameters.Add("@password", SqlDbType.NVarChar, 255).Value = EncodePassword(newPwd);
      sqlCommand.Parameters.Add("@username", SqlDbType.NVarChar, 255).Value = username;
      sqlCommand.Parameters.Add("@applicationName", SqlDbType.NVarChar, 255).Value = applicationName;

      try
      {
        sqlConnection.Open();
        sqlCommand.ExecuteNonQuery();
      }
      catch (SqlException e)
      {
        //Add exception handling here.
        return false;
      }
      finally
      {
        sqlConnection.Close();
      }

      return true;

    }

    /// <summary>
    /// Change the question and answer for a password validation.
    /// </summary>
    /// <param name="username">User name.</param>
    /// <param name="password">Password.</param>
    /// <param name="newPwdQuestion">New question text.</param>
    /// <param name="newPwdAnswer">New answer text.</param>
    /// <returns></returns>
    /// <remarks></remarks>
    public override bool ChangePasswordQuestionAndAnswer(
    string username,
      string password,
     string newPwdQuestion,
      string newPwdAnswer)
    {

      if (!ValidateUser(username, password))
      {
        return false;
      }

      SqlConnection sqlConnection = new SqlConnection(connectionString);
      SqlCommand sqlCommand = new SqlCommand("User_ChangePasswordQuestionAnswer", sqlConnection);

      sqlCommand.CommandType = CommandType.StoredProcedure;
      sqlCommand.Parameters.Add("@returnValue", SqlDbType.Int, 0).Direction = ParameterDirection.ReturnValue;
      sqlCommand.Parameters.Add("@question", SqlDbType.NVarChar, 255).Value = newPwdQuestion;
      sqlCommand.Parameters.Add("@answer", SqlDbType.NVarChar, 255).Value = EncodePassword(newPwdAnswer);
      sqlCommand.Parameters.Add("@username", SqlDbType.NVarChar, 255).Value = username; ;
      sqlCommand.Parameters.Add("@applicationName", SqlDbType.NVarChar, 255).Value = applicationName;

      try
      {
        sqlConnection.Open();
        sqlCommand.ExecuteNonQuery();
        if ((int)sqlCommand.Parameters["@returnValue"].Value != 0)
        {
          return false;
        }
      }
      catch (SqlException e)
      {
        //Add exception handling here.
        return false;
      }
      finally
      {
        sqlConnection.Close();
      }

      return true;

    }
    /// <summary>
    /// Create a new user.
    /// </summary>
    /// <param name="username">User name.</param>
    /// <param name="password">Password.</param>
    /// <param name="email">Email address.</param>
    /// <param name="passwordQuestion">Security quesiton for password.</param>
    /// <param name="passwordAnswer">Security quesiton answer for password.</param>
    /// <param name="isApproved"></param>
    /// <param name="userID">User ID</param>
    /// <param name="status"></param>
    /// <returns>MembershipUser</returns>

    public override MembershipUser CreateUser(string username, string password, string email, string passwordQuestion, string passwordAnswer, bool isApproved, object providerUserKey, out MembershipCreateStatus status)
    {

      ValidatePasswordEventArgs args = new ValidatePasswordEventArgs(username, password, true);

      OnValidatingPassword(args);

      if (args.Cancel)
      {
        status = MembershipCreateStatus.InvalidPassword;
        return null;
      }

      if ((RequiresUniqueEmail && (GetUserNameByEmail(email) != String.Empty)))
      {
        status = MembershipCreateStatus.DuplicateEmail;
        return null;
      }

      MembershipUser membershipUser = GetUser(username, false);

      if (membershipUser == null)
      {
        System.DateTime createDate = DateTime.Now;

        SqlConnection sqlConnection = new SqlConnection(connectionString);
        SqlCommand sqlCommand = new SqlCommand("User_Ins", sqlConnection);

        sqlCommand.CommandType = CommandType.StoredProcedure;
        sqlCommand.Parameters.Add("@returnValue", SqlDbType.Int, 0).Direction = ParameterDirection.ReturnValue;
        sqlCommand.Parameters.Add("@username", SqlDbType.NVarChar, 255).Value = username; ;
        sqlCommand.Parameters.Add("@applicationName", SqlDbType.NVarChar, 255).Value = applicationName;
        sqlCommand.Parameters.Add("@password", SqlDbType.NVarChar, 255).Value = EncodePassword(password);
        sqlCommand.Parameters.Add("@email", SqlDbType.NVarChar, 128).Value = email;
        sqlCommand.Parameters.Add("@passwordQuestion", SqlDbType.NVarChar, 255).Value = passwordQuestion;
        sqlCommand.Parameters.Add("@passwordAnswer", SqlDbType.NVarChar, 255).Value = EncodePassword(passwordAnswer);
        sqlCommand.Parameters.Add("@isApproved", SqlDbType.Bit).Value = isApproved;
        sqlCommand.Parameters.Add("@comment", SqlDbType.NVarChar, 255).Value = String.Empty;

        try
        {
          sqlConnection.Open();

          sqlCommand.ExecuteNonQuery();
          if ((int)sqlCommand.Parameters["@returnValue"].Value == 0)
          {

            status = MembershipCreateStatus.Success;
          }
          else
          {
            status = MembershipCreateStatus.UserRejected;
          }
        }
        catch (SqlException e)
        {
          //Add exception handling here.

          status = MembershipCreateStatus.ProviderError;
        }
        finally
        {
          sqlConnection.Close();
        }

        return GetUser(username, false);
      }
      else
      {
        status = MembershipCreateStatus.DuplicateUserName;
      }

      return null;
    }
    /// <summary>
    /// Delete a user.
    /// </summary>
    /// <param name="username">User name.</param>
    /// <param name="deleteAllRelatedData">Whether to delete all related data.</param>
    /// <returns>T/F if the user was deleted.</returns>
    public override bool DeleteUser(
     string username,
     bool deleteAllRelatedData
    )
    {

      SqlConnection sqlConnection = new SqlConnection(connectionString);
      SqlCommand sqlCommand = new SqlCommand("User_Del", sqlConnection);

      sqlCommand.CommandType = CommandType.StoredProcedure;
      sqlCommand.Parameters.Add("@returnValue", SqlDbType.Int, 0).Direction = ParameterDirection.ReturnValue;
      sqlCommand.Parameters.Add("@username", SqlDbType.NVarChar, 255).Value = username; ;
      sqlCommand.Parameters.Add("@applicationName", SqlDbType.NVarChar, 255).Value = applicationName;

      try
      {
        sqlConnection.Open();
        sqlCommand.ExecuteNonQuery();
        if ((int)sqlCommand.Parameters["@returnValue"].Value == 0)
        {
          if (deleteAllRelatedData)
          {
            //Process commands to delete all data for the user in the database.
          }
        }
        else
        {
          return false;
        }
      }
      catch (SqlException e)
      {
        //Add exception handling here.
      }
      finally
      {
        sqlConnection.Close();
      }

      return true;

    }
    /// <summary>
    /// Get a collection of users.
    /// </summary>
    /// <param name="pageIndex">Page index.</param>
    /// <param name="pageSize">Page size.</param>
    /// <param name="totalRecords">Total # of records to retrieve.</param>
    /// <returns>Collection of MembershipUser objects.</returns>

    public override MembershipUserCollection GetAllUsers(int pageIndex, int pageSize, out int totalRecords)
    {

      SqlConnection sqlConnection = new SqlConnection(connectionString);
      SqlCommand sqlCommand = new SqlCommand("Users_Sel", sqlConnection);

      sqlCommand.CommandType = CommandType.StoredProcedure;
      sqlCommand.Parameters.Add("@applicationName", SqlDbType.NVarChar, 255).Value = applicationName;

      MembershipUserCollection users = new MembershipUserCollection();

      SqlDataReader sqlDataReader = null;
      totalRecords = 0;

      try
      {
        sqlConnection.Open();
        sqlDataReader = sqlCommand.ExecuteReader(CommandBehavior.CloseConnection);

        int counter = 0;
        int startIndex = pageSize * pageIndex;
        int endIndex = startIndex + pageSize - 1;

        while (sqlDataReader.Read())
        {
          if (counter >= startIndex)
          {
            users.Add(GetUserFromReader(sqlDataReader));
          }

          if (counter >= endIndex) { sqlCommand.Cancel(); }
          counter += 1;
        }
      }
      catch (SqlException e)
      {
        //Add exception handling here.
      }
      finally
      {
        if (sqlDataReader != null)
        {
          sqlDataReader.Close();
        }
      }

      return users;

    }
    /// <summary>
    /// Gets the number of users currently on-line.
    /// </summary>
    /// <returns>  /// # of users on-line.</returns>
    public override int GetNumberOfUsersOnline()
    {

      TimeSpan onlineSpan = new TimeSpan(0, System.Web.Security.Membership.UserIsOnlineTimeWindow, 0);
      DateTime compareTime = DateTime.Now.Subtract(onlineSpan);

      SqlConnection sqlConnection = new SqlConnection(connectionString);
      SqlCommand sqlCommand = new SqlCommand("Users_NumberOnline", sqlConnection);

      sqlCommand.CommandType = CommandType.StoredProcedure;
      sqlCommand.Parameters.Add("@applicationName", SqlDbType.NVarChar, 255).Value = applicationName;
      sqlCommand.Parameters.Add("@compareDate", SqlDbType.DateTime).Value = compareTime;

      int numOnline = 0;

      try
      {
        sqlConnection.Open();

        numOnline = Convert.ToInt32(sqlCommand.ExecuteScalar());
      }
      catch (SqlException e)
      {
        //Add exception handling here.
      }
      finally
      {
        sqlConnection.Close();
      }

      return numOnline;

    }
    /// <summary>
    /// Get the password for a user.
    /// </summary>
    /// <param name="username">User name.</param>
    /// <param name="answer">Answer to security question.</param>
    /// <returns>Password for the user.</returns>
    public override string GetPassword(
     string username,
     string answer
    )
    {

      if (!EnablePasswordRetrieval)
      {
        throw new ProviderException("Password Retrieval Not Enabled.");
      }

      if (PasswordFormat == MembershipPasswordFormat.Hashed)
      {
        throw new ProviderException("Cannot retrieve Hashed passwords.");
      }

      SqlConnection sqlConnection = new SqlConnection(connectionString);
      SqlCommand sqlCommand = new SqlCommand("User_GetPassword", sqlConnection);

      sqlCommand.CommandType = CommandType.StoredProcedure;
      sqlCommand.Parameters.Add("@username", SqlDbType.NVarChar, 255).Value = username;
      sqlCommand.Parameters.Add("@applicationName", SqlDbType.NVarChar, 255).Value = applicationName;

      string password = String.Empty;
      string passwordAnswer = String.Empty;
      SqlDataReader sqlDataReader = null;

      try
      {
        sqlConnection.Open();

        sqlDataReader = sqlCommand.ExecuteReader(CommandBehavior.SingleRow & CommandBehavior.CloseConnection);

        if (sqlDataReader.HasRows)
        {
          sqlDataReader.Read();

          if (sqlDataReader.GetBoolean(2))
          {
            throw new MembershipPasswordException("The supplied user is locked out.");
          }

          password = sqlDataReader.GetString(0);
          passwordAnswer = sqlDataReader.GetString(1);
        }
        else
        {
          throw new MembershipPasswordException("The supplied user name is not found.");
        }
      }
      catch (SqlException e)
      {
        //Add exception handling here.
      }
      finally
      {
        if (sqlDataReader != null) { sqlDataReader.Close(); }
      }

      if (RequiresQuestionAndAnswer && !CheckPassword(answer, passwordAnswer))
      {
        UpdateFailureCount(username, FailureType.PasswordAnswer);

        throw new MembershipPasswordException("Incorrect password answer.");
      }

      if (PasswordFormat == MembershipPasswordFormat.Encrypted)
      {
        password = UnEncodePassword(password);
      }

      return password;
    }

    public override MembershipUser GetUser(
    string username,
     bool userIsOnline
    )
    {

      SqlConnection sqlConnection = new SqlConnection(connectionString);
      SqlCommand sqlCommand = new SqlCommand("User_Sel", sqlConnection);

      sqlCommand.CommandType = CommandType.StoredProcedure;
      sqlCommand.Parameters.Add("@username", SqlDbType.NVarChar, 255).Value = username;
      sqlCommand.Parameters.Add("@applicationName", SqlDbType.NVarChar, 255).Value = applicationName;

      MembershipUser membershipUser = null;
      SqlDataReader sqlDataReader = null;

      try
      {
        sqlConnection.Open();

        sqlDataReader = sqlCommand.ExecuteReader(CommandBehavior.CloseConnection);

        if (sqlDataReader.HasRows)
        {
          sqlDataReader.Read();
          membershipUser = GetUserFromReader(sqlDataReader);

          if (userIsOnline)
          {
            SqlCommand sqlUpdateCommand = new SqlCommand("User_UpdateActivityDate_ByUserName", sqlConnection);

            sqlUpdateCommand.CommandType = CommandType.StoredProcedure;
            sqlUpdateCommand.Parameters.Add("@username", SqlDbType.NVarChar, 255).Value = username;
            sqlUpdateCommand.Parameters.Add("@applicationName", SqlDbType.NVarChar, 255).Value = applicationName;
            sqlUpdateCommand.ExecuteNonQuery();
          }
        }
      }
      catch (SqlException e)
      {
        //Add exception handling here.
      }
      finally
      {
        if (sqlDataReader != null) { sqlDataReader.Close(); }
      }

      return membershipUser;
    }
    /// <summary>
    /// Get a user based upon provider key and if they are on-line.
    /// </summary>
    /// <param name="userID">Provider key.</param>
    /// <param name="userIsOnline">T/F whether the user is on-line.</param>
    /// <returns></returns>
    public override MembershipUser GetUser(
     object userID,
     bool userIsOnline
    )
    {

      SqlConnection sqlConnection = new SqlConnection(connectionString);
      SqlCommand sqlCommand = new SqlCommand("User_SelByUserID", sqlConnection);

      sqlCommand.CommandType = CommandType.StoredProcedure;
      sqlCommand.Parameters.Add("@userID", SqlDbType.UniqueIdentifier).Value = userID;

      MembershipUser membershipUser = null;
      SqlDataReader sqlDataReader = null;

      try
      {
        sqlConnection.Open();

        sqlDataReader = sqlCommand.ExecuteReader(CommandBehavior.CloseConnection);

        if (sqlDataReader.HasRows)
        {
          sqlDataReader.Read();
          membershipUser = GetUserFromReader(sqlDataReader);

          if (userIsOnline)
          {
            SqlCommand sqlUpdateCommand = new SqlCommand("User_UpdateActivityDate_ByUserID", sqlConnection);

            sqlUpdateCommand.CommandType = CommandType.StoredProcedure;
            sqlUpdateCommand.Parameters.Add("@userID", SqlDbType.NVarChar, 255).Value = userID;
            sqlUpdateCommand.Parameters.Add("@applicationName", SqlDbType.NVarChar, 255).Value = applicationName;
            sqlUpdateCommand.ExecuteNonQuery();
          }
        }
      }
      catch (SqlException e)
      {
        //Add exception handling here.
      }
      finally
      {
        if (sqlDataReader != null) { sqlDataReader.Close(); }
      }

      return membershipUser;

    }

    /// <summary>
    /// Unlock a user.
    /// </summary>
    /// <param name="username">User name.</param>
    /// <returns>T/F if unlocked.</returns>
    public override bool UnlockUser(
     string username
    )
    {

      SqlConnection sqlConnection = new SqlConnection(connectionString);
      SqlCommand sqlCommand = new SqlCommand("User_Unlock", sqlConnection);

      sqlCommand.CommandType = CommandType.StoredProcedure;
      sqlCommand.Parameters.Add("@returnValue", SqlDbType.Int, 0).Direction = ParameterDirection.ReturnValue;
      sqlCommand.Parameters.Add("@username", SqlDbType.NVarChar, 255).Value = username;
      sqlCommand.Parameters.Add("@applicationName", SqlDbType.NVarChar, 255).Value = applicationName;

      int rowsAffected = 0;

      try
      {
        sqlConnection.Open();

        sqlCommand.ExecuteNonQuery();
        if ((int)sqlCommand.Parameters["@returnValue"].Value == 0)
        {
          return false;
        }
      }
      catch (SqlException e)
      {
        //Add exception handling here.
        return false;
      }
      finally
      {
        sqlConnection.Close();
      }

      return true;

    }


    public override string GetUserNameByEmail(string email)
    {
      SqlConnection sqlConnection = new SqlConnection(connectionString);
      SqlCommand sqlCommand = new SqlCommand("UserName_Sel_ByEmail", sqlConnection);

      sqlCommand.CommandType = CommandType.StoredProcedure;
      sqlCommand.Parameters.Add("@email", SqlDbType.NVarChar, 128).Value = email;
      sqlCommand.Parameters.Add("@applicationName", SqlDbType.NVarChar, 255).Value = applicationName;

      string username = String.Empty;

      try
      {
        sqlConnection.Open();
        username = Convert.ToString(sqlCommand.ExecuteScalar());
      }
      catch (SqlException e)
      {
        //Add exception handling here.
      }
      finally
      {
        sqlConnection.Close();
      }

      if (username == null)
      {
        return String.Empty;
      }
      else
      {
        username.Trim();
      }

      return username;

    }
    /// <summary>
    /// Reset the user password.
    /// </summary>
    /// <param name="username">User name.</param>
    /// <param name="answer">Answer to security question.</param>
    /// <returns></returns>
    /// <remarks></remarks>
    public override string ResetPassword(
     string username,
     string answer
    )
    {

      if (!EnablePasswordReset)
      {
        throw new NotSupportedException("Password Reset is not enabled.");
      }

      if ((answer == null) && (RequiresQuestionAndAnswer))
      {
        UpdateFailureCount(username, FailureType.PasswordAnswer);

        throw new ProviderException("Password answer required for password Reset.");
      }

      string newPassword =
        System.Web.Security.Membership.GeneratePassword(
        newPasswordLength,
        MinRequiredNonAlphanumericCharacters
        );

      ValidatePasswordEventArgs args = new ValidatePasswordEventArgs(username, newPassword, true);

      OnValidatingPassword(args);

      if (args.Cancel)
      {
        if (args.FailureInformation != null)
        {
          throw args.FailureInformation;
        }
        else
        {
          throw new MembershipPasswordException("Reset password canceled due to password validation failure.");
        }
      }

      SqlConnection sqlConnection = new SqlConnection(connectionString);
      SqlCommand sqlCommand = new SqlCommand("User_GetPasswordAnswer", sqlConnection);

      sqlCommand.CommandType = CommandType.StoredProcedure;
      sqlCommand.Parameters.Add("@username", SqlDbType.NVarChar, 255).Value = username;
      sqlCommand.Parameters.Add("@applicationName", SqlDbType.NVarChar, 255).Value = applicationName;

      int rowsAffected = 0;
      string passwordAnswer = String.Empty;
      SqlDataReader sqlDataReader = null;

      try
      {
        sqlConnection.Open();

        sqlDataReader = sqlCommand.ExecuteReader(CommandBehavior.SingleRow & CommandBehavior.CloseConnection);

        if (sqlDataReader.HasRows)
        {
          sqlDataReader.Read();

          if (sqlDataReader.GetBoolean(1))
          {
            throw new MembershipPasswordException("The supplied user is locked out.");
          }

          passwordAnswer = sqlDataReader.GetString(0);
        }
        else
        {
          throw new MembershipPasswordException("The supplied user name is not found.");
        }

        if (RequiresQuestionAndAnswer && (!CheckPassword(answer, passwordAnswer)))
        {
          UpdateFailureCount(username, FailureType.PasswordAnswer);

          throw new MembershipPasswordException("Incorrect password answer.");
        }

        SqlCommand sqlUpdateCommand = new SqlCommand("User_UpdatePassword", sqlConnection);

        sqlUpdateCommand.CommandType = CommandType.StoredProcedure;
        sqlUpdateCommand.Parameters.Add("@password", SqlDbType.NVarChar, 255).Value = EncodePassword(newPassword);
        sqlUpdateCommand.Parameters.Add("@username", SqlDbType.NVarChar, 255).Value = username;
        sqlUpdateCommand.Parameters.Add("@applicationName", SqlDbType.NVarChar, 255).Value = applicationName;
        rowsAffected = sqlUpdateCommand.ExecuteNonQuery();
      }
      catch (SqlException e)
      {
        //Add exception handling here.
      }
      finally
      {
        if (sqlDataReader != null) { sqlDataReader.Close(); }
      }

      if (rowsAffected > 0)
      {
        return newPassword;
      }
      else
      {
        throw new MembershipPasswordException("User not found, or user is locked out. Password not Reset.");
      }
    }

    /// <summary>
    /// Update the user information.
    /// </summary>
    /// <param name="_membershipUser">MembershipUser object containing data.</param>
    public override void UpdateUser(MembershipUser membershipUser)
    {

      SqlConnection sqlConnection = new SqlConnection(connectionString);
      SqlCommand sqlCommand = new SqlCommand("User_Upd", sqlConnection);

      sqlCommand.CommandType = CommandType.StoredProcedure;
      sqlCommand.Parameters.Add("@email", SqlDbType.NVarChar, 128).Value = membershipUser.Email;
      sqlCommand.Parameters.Add("@comment", SqlDbType.NVarChar, 255).Value = membershipUser.Comment;
      sqlCommand.Parameters.Add("@isApproved", SqlDbType.Bit).Value = membershipUser.IsApproved;
      sqlCommand.Parameters.Add("@username", SqlDbType.NVarChar, 255).Value = membershipUser.UserName;
      sqlCommand.Parameters.Add("@applicationName", SqlDbType.NVarChar, 255).Value = applicationName;

      try
      {
        sqlConnection.Open();
        sqlCommand.ExecuteNonQuery();
      }
      catch (SqlException e)
      {
        //Add exception handling here.
      }
      finally
      {
        sqlConnection.Close();
      }
    }

    /// <summary>
    /// Validate the user based upon username and password.
    /// </summary>
    /// <param name="username">User name.</param>
    /// <param name="password">Password.</param>
    /// <returns>T/F if the user is valid.</returns>
    public override bool ValidateUser(
     string username,
     string password
    )
    {

      bool isValid = false;

      SqlConnection sqlConnection = new SqlConnection(connectionString);
      SqlCommand sqlCommand = new SqlCommand("User_Validate", sqlConnection);

      sqlCommand.CommandType = CommandType.StoredProcedure;
      sqlCommand.Parameters.Add("@username", SqlDbType.NVarChar, 255).Value = username;
      sqlCommand.Parameters.Add("@applicationName", SqlDbType.NVarChar, 255).Value = applicationName;

      SqlDataReader sqlDataReader = null;
      bool isApproved = false;
      string storedPassword = String.Empty;

      try
      {
        sqlConnection.Open();
        sqlDataReader = sqlCommand.ExecuteReader(CommandBehavior.SingleRow);

        if (sqlDataReader.HasRows)
        {
          sqlDataReader.Read();
          storedPassword = sqlDataReader.GetString(0);
          isApproved = sqlDataReader.GetBoolean(1);
        }
        else
        {
          return false;
        }

        sqlDataReader.Close();

        if (CheckPassword(password, storedPassword))
        {
          if (isApproved)
          {
            isValid = true;

            SqlCommand sqlUpdateCommand = new SqlCommand("User_UpdateLoginDate", sqlConnection);

            sqlUpdateCommand.CommandType = CommandType.StoredProcedure;
            sqlUpdateCommand.Parameters.Add("@username", SqlDbType.NVarChar, 255).Value = username;
            sqlUpdateCommand.Parameters.Add("@applicationName", SqlDbType.NVarChar, 255).Value = applicationName;
            sqlUpdateCommand.ExecuteNonQuery();
          }
        }
        else
        {
          sqlConnection.Close();
          UpdateFailureCount(username, FailureType.Password);
        }
      }
      catch (SqlException e)
      {
        //Add exception handling here.
      }
      finally
      {
        if (sqlDataReader != null) { sqlDataReader.Close(); }
        if ((sqlConnection != null) && (sqlConnection.State == ConnectionState.Open)) { sqlConnection.Close(); }
      }

      return isValid;
    }
    /// <summary>
    /// Find all users matching a search string.
    /// </summary>
    /// <param name="usernameToMatch">Search string of user name to match.</param>
    /// <param name="pageIndex"></param>
    /// <param name="pageSize"></param>
    /// <param name="totalRecords">Total records found.</param>
    /// <returns>Collection of MembershipUser objects.</returns>

    public override MembershipUserCollection FindUsersByName(string usernameToMatch, int pageIndex, int pageSize, out int totalRecords)
    {
      SqlConnection sqlConnection = new SqlConnection(connectionString);
      SqlCommand sqlCommand = new SqlCommand("Users_Sel_ByUserName", sqlConnection);

      sqlCommand.CommandType = CommandType.StoredProcedure;
      sqlCommand.Parameters.Add("@username", SqlDbType.NVarChar, 255).Value = usernameToMatch;
      sqlCommand.Parameters.Add("@applicationName", SqlDbType.NVarChar, 255).Value = applicationName;

      MembershipUserCollection membershipUsers = new MembershipUserCollection();
      SqlDataReader sqlDataReader = null;
      int counter = 0;

      try
      {
        sqlConnection.Open();
        sqlDataReader = sqlCommand.ExecuteReader(CommandBehavior.CloseConnection);

        int startIndex = pageSize * pageIndex;
        int endIndex = startIndex + pageSize - 1;

        while (sqlDataReader.Read())
        {
          if (counter >= startIndex)
          {
            MembershipUser membershipUser = GetUserFromReader(sqlDataReader);
            membershipUsers.Add(membershipUser);
          }

          if (counter >= endIndex) { sqlCommand.Cancel(); }

          counter += 1;
        }
      }
      catch (SqlException e)
      {
        //Add exception handling here.
      }
      finally
      {
        if (sqlDataReader != null) { sqlDataReader.Close(); }
      }

      totalRecords = counter;

      return membershipUsers;
    }

    /// <summary>
    /// Find all users matching a search string of their email.
    /// </summary>
    /// <param name="emailToMatch">Search string of email to match.</param>
    /// <param name="pageIndex"></param>
    /// <param name="pageSize"></param>
    /// <param name="totalRecords">Total records found.</param>
    /// <returns>Collection of MembershipUser objects.</returns>

    public override MembershipUserCollection FindUsersByEmail(string emailToMatch, int pageIndex, int pageSize, out int totalRecords)
    {
      SqlConnection sqlConnection = new SqlConnection(connectionString);
      SqlCommand sqlCommand = new SqlCommand("Users_Sel_ByUserName", sqlConnection);

      sqlCommand.CommandType = CommandType.StoredProcedure;
      sqlCommand.Parameters.Add("@email", SqlDbType.NVarChar, 255).Value = emailToMatch;
      sqlCommand.Parameters.Add("@applicationName", SqlDbType.NVarChar, 255).Value = applicationName;

      MembershipUserCollection membershipUsers = new MembershipUserCollection();
      SqlDataReader sqlDataReader = null;
      int counter = 0;

      try
      {
        sqlConnection.Open();
        sqlDataReader = sqlCommand.ExecuteReader(CommandBehavior.CloseConnection);

        int startIndex = pageSize * pageIndex;
        int endIndex = startIndex + pageSize - 1;

        while (sqlDataReader.Read())
        {
          if (counter >= startIndex)
          {
            MembershipUser membershipUser = GetUserFromReader(sqlDataReader);
            membershipUsers.Add(membershipUser);
          }

          if (counter >= endIndex) { sqlCommand.Cancel(); }

          counter += 1;
        }
      }
      catch (SqlException e)
      {
        //Add exception handling here.
      }
      finally
      {
        if (sqlDataReader != null) { sqlDataReader.Close(); }
      }

      totalRecords = counter;

      return membershipUsers;
    }

    #endregion

    #region "Utility Functions"
    /// <summary>
    /// Create a MembershipUser object from a data reader.
    /// </summary>
    /// <param name="sqlDataReader">Data reader.</param>
    /// <returns>MembershipUser object.</returns>
    private MembershipUser GetUserFromReader(
  SqlDataReader sqlDataReader
    )
    {

      object userID = sqlDataReader.GetValue(0);
      string username = sqlDataReader.GetString(1);
      string email = sqlDataReader.GetString(2);

      string passwordQuestion = String.Empty;
      if (sqlDataReader.GetValue(3) != DBNull.Value)
      {
        passwordQuestion = sqlDataReader.GetString(3);
      }

      string comment = String.Empty;
      if (sqlDataReader.GetValue(4) != DBNull.Value)
      {
        comment = sqlDataReader.GetString(4);
      }

      bool isApproved = sqlDataReader.GetBoolean(5);
      bool isLockedOut = sqlDataReader.GetBoolean(6);
      DateTime creationDate = sqlDataReader.GetDateTime(7);

      DateTime lastLoginDate = new DateTime();
      if (sqlDataReader.GetValue(8) != DBNull.Value)
      {
        lastLoginDate = sqlDataReader.GetDateTime(8);
      }

      DateTime lastActivityDate = sqlDataReader.GetDateTime(9);
      DateTime lastPasswordChangedDate = sqlDataReader.GetDateTime(10);

      DateTime lastLockedOutDate = new DateTime();
      if (sqlDataReader.GetValue(11) != DBNull.Value)
      {
        lastLockedOutDate = sqlDataReader.GetDateTime(11);
      }

      MembershipUser membershipUser = new MembershipUser(
        this.Name,
       username,
       userID,
       email,
       passwordQuestion,
       comment,
       isApproved,
       isLockedOut,
       creationDate,
       lastLoginDate,
       lastActivityDate,
       lastPasswordChangedDate,
       lastLockedOutDate
        );

      return membershipUser;

    }

    /// <summary>
    /// Converts a hexadecimal string to a byte array. Used to convert encryption key values from the configuration
    /// </summary>
    /// <param name="hexString"></param>
    /// <returns></returns>
    /// <remarks></remarks>
    private byte[] HexToByte(string hexString)
    {
      byte[] returnBytes = new byte[hexString.Length / 2];
      for (int i = 0; i < returnBytes.Length; i++)
        returnBytes[i] = Convert.ToByte(hexString.Substring(i * 2, 2), 16);
      return returnBytes;
    }

    /// <summary>
    /// Update password and answer failure information.
    /// </summary>
    /// <param name="username">User name.</param>
    /// <param name="failureType">Type of failure</param>
    /// <remarks></remarks>
    private void UpdateFailureCount(string username, FailureType failureType)
    {

      SqlConnection sqlConnection = new SqlConnection(connectionString);
      SqlCommand sqlCommand = new SqlCommand("Users_Sel_ByUserName", sqlConnection);

      sqlCommand.CommandType = CommandType.StoredProcedure;
      sqlCommand.Parameters.Add("@failureType", SqlDbType.Int, 0).Value = failureType;
      sqlCommand.Parameters.Add("@passwordAttempWindow", SqlDbType.DateTime, 0).Value = passwordAttemptWindow;
      sqlCommand.Parameters.Add("@maxInvalidPasswordAttempts", SqlDbType.Int, 0).Value = maxInvalidPasswordAttempts;
      sqlCommand.Parameters.Add("@userName", SqlDbType.NVarChar, 255).Value = username;
      sqlCommand.Parameters.Add("@applicationName", SqlDbType.NVarChar, 255).Value = applicationName;

      try
      {
        sqlConnection.Open();
        sqlCommand.ExecuteNonQuery();
      }
      catch (Exception ex)
      {
        //Add exception handling here.
      }

    }
    /// <summary>
    /// Check the password format based upon the MembershipPasswordFormat.
    /// </summary>
    /// <param name="password">Password</param>
    /// <param name="dbpassword"></param>
    /// <returns></returns>
    /// <remarks></remarks>
    private bool CheckPassword(string password, string dbpassword)
    {
      string pass1 = password;
      string pass2 = dbpassword;

      switch (PasswordFormat)
      {
        case MembershipPasswordFormat.Encrypted:
          pass2 = UnEncodePassword(dbpassword);
          break;
        case MembershipPasswordFormat.Hashed:
          pass1 = EncodePassword(password);
          break;
        default:
          break;
      }

      if (pass1 == pass2)
      {
        return true;
      }

      return false;
    }

    /// <summary>
    /// Encode password.
    /// </summary>
    /// <param name="password">Password.</param>
    /// <returns>Encoded password.</returns>
    private string EncodePassword(string password)
    {
      string encodedPassword = password;

      switch (PasswordFormat)
      {
        case MembershipPasswordFormat.Clear:
          break;
        case MembershipPasswordFormat.Encrypted:
          encodedPassword =
            Convert.ToBase64String(EncryptPassword(Encoding.Unicode.GetBytes(password)));
          break;
        case MembershipPasswordFormat.Hashed:
          HMACSHA1 hash = new HMACSHA1();
          hash.Key = HexToByte(machineKey.ValidationKey);
          encodedPassword =
            Convert.ToBase64String(hash.ComputeHash(Encoding.Unicode.GetBytes(password)));
          break;
        default:
          throw new ProviderException("Unsupported password format.");
      }

      return encodedPassword;
    }

    /// <summary>
    /// UnEncode password.
    /// </summary>
    /// <param name="encodedPassword">Password.</param>
    /// <returns>Unencoded password.</returns>
    private string UnEncodePassword(string encodedPassword)
    {
      string password = encodedPassword;

      switch (PasswordFormat)
      {
        case MembershipPasswordFormat.Clear:
          break;
        case MembershipPasswordFormat.Encrypted:
          password =
            Encoding.Unicode.GetString(DecryptPassword(Convert.FromBase64String(password)));
          break;
        case MembershipPasswordFormat.Hashed:
          throw new ProviderException("Cannot unencode a hashed password.");
        default:
          throw new ProviderException("Unsupported password format.");
      }

      return password;
    }

    #endregion

  }
}


Thank you


This content has not been rated yet. 
469 Reputation 60 Total posts
khorvat

khorvat

9/6/2013 1:09:34 PM
I think that the problem lies in resolving the application name. You can read the application name from MonoX db and return that name from membership provider, right now I suspect your are returning something for application name and that isn't the value saved in the MonoX db.

In the future please attach the file rather then embedding long code.

Let me know if you need more information.

Regards
This content has not been rated yet. 
15993 Reputation 2214 Total posts
inanc

inanc

9/6/2013 1:53:47 PM
Yessssss...you are right..as usual!
It is ok now.
Should I handle the "roleprovider" issue in a similar manner?

Thank you very much..
Regards
This content has not been rated yet. 
469 Reputation 60 Total posts
khorvat

khorvat

9/6/2013 2:35:20 PM
Yes I suppose you have the same problem there.
This content has not been rated yet. 
15993 Reputation 2214 Total posts
inanc

inanc

9/9/2013 1:18:33 PM
And another problem here,
MonoX inserts automatically a new row to the table aspnet_users table with '00000000-0000-0000-0000-000000000000'
UserId when login with external membership provider. And the other users logged in have the same UserId as '00000000-0000-0000-0000-000000000000'. This is a problem when using discussion forums. On the forums all topics seems to be written by the same user.
This content has not been rated yet. 
469 Reputation 60 Total posts
1 2