MembershipProvider: trying to understand release notes
I'm trying to figure out how to use the UmbracoMembershipProvider, but have it encrypt the passwords, require security questions & answers, and allow for password retrieval (or, failing that, password reset).
Simply setting, for example, the provider entry in web.config to:
doesn't work. For example, with this configuration, no security questions get stored when you call the ASPNET method CreateUser().
So I'm thinking there's some other configuration information that needs to be provided. I saw the following cryptic/interesting note on download page for the source code for 4.0.2.1:
Magic
words in membership provider for last update, pw q/a and approved
status. These should be mapped using attributes on the Member element
in the web.config.
This makes me think that:
1) I need to store certain properties, like the question and answer and password retrieval/encryption flags in the default MemberType; and,
2) That the names of the MemberType properties must be specified as attributes somewhere in the web.config file.
The source code, for example, refers to umbracoPasswordRetrievalQuestionPropertyTypeAlias, which is probably the attribute that I'd use to specify the property in the default MemberType which holds the retrieval question.
But I'm not sure where those attributes go in web.config. Does anyone know?
You know, that's what I look about the Umbraco community: you ask a question, and not only do you get an answer, but you get brand new documentation!! :)
Thanks for doing that. What confused me was that Intellisense wasn't reporting those additional attributes as possible components of the <add> element. I think that's because there's some part of the section handler that's not yet implemented (but it's been a while since I wrote one, so I could be wrong).
MembershipProvider: trying to understand release notes
I'm trying to figure out how to use the UmbracoMembershipProvider, but have it encrypt the passwords, require security questions & answers, and allow for password retrieval (or, failing that, password reset).
Simply setting, for example, the provider entry in web.config to:
<add name="UmbracoMembershipProvider" type="umbraco.providers.members.UmbracoMembershipProvider" enablePasswordRetrieval="true" enablePasswordReset="false" requiresQuestionAndAnswer="true" defaultMemberTypeAlias="WebsiteUser" />
doesn't work. For example, with this configuration, no security questions get stored when you call the ASPNET method CreateUser().
So I'm thinking there's some other configuration information that needs to be provided. I saw the following cryptic/interesting note on download page for the source code for 4.0.2.1:
Magic words in membership provider for last update, pw q/a and approved status. These should be mapped using attributes on the Member element in the web.config.
This makes me think that:
1) I need to store certain properties, like the question and answer and password retrieval/encryption flags in the default MemberType; and,
2) That the names of the MemberType properties must be specified as attributes somewhere in the web.config file.
The source code, for example, refers to umbracoPasswordRetrievalQuestionPropertyTypeAlias, which is probably the attribute that I'd use to specify the property in the default MemberType which holds the retrieval question.
But I'm not sure where those attributes go in web.config. Does anyone know?
- Mark
I'd been procrastinating about getting this onto the wiki, but it's done now - http://our.umbraco.org/wiki/how-tos/membership-providers/umbracomembershipprovider-properties
You know, that's what I look about the Umbraco community: you ask a question, and not only do you get an answer, but you get brand new documentation!! :)
Thanks for doing that. What confused me was that Intellisense wasn't reporting those additional attributes as possible components of the <add> element. I think that's because there's some part of the section handler that's not yet implemented (but it's been a while since I wrote one, so I could be wrong).
Anyway, thanks for the quick response!
- Mark
They aren't reported because they are not part of the web.config XSD file so intellisense doesn't know about them
is working on a reply...