Id be tempted to go with the modification to the membership provider, but instead of modifying the core, just create a new class that extends the umbraco provider, and just override that method. That way it's an easy swap in the web.config once it's fixed and doesnt clutter your business logic with unnecesary code.
Does this also effect password revery?, i couldnt use the normal recovery control because it was emailing the password encrypted *(using decryption="encrypted")
The problem is when you call the getPassword, it's returning the password directly from Membership instead of decrypting it the password and then return the password. You can see why in this post.
For now you can:
1) The Fastest: Call the UnEncodePassord to decrypt the password (Less code, but can have problems when upgrading the umbraco when this bug corrected, basically, when corrected, your decrypt the password twice if you don't change your code.)
2) The Correct: Extend from Membership and override the method getPassword to decrypt the password (more code, but easy to change when the bug is corrected, just a change in the web.config, and it will work on future umbraco upgrades with any change on your code)
3) The Ninja: Get the code of umbraco, make the change, compile it, and deploy over your umbraco installation.
If you need more, I can post my code in here (1st solution)
I followed Matt's advice and created a sub class. The following is my attempt at using the absolute minimum amount of code to get the job done. Hope it helps others:
using System; using System.Web.Security; using umbraco.providers.members;
namespace MYASSEMBLY.Umbraco.Providers {
public class ExtendedMembershipProvider : UmbracoMembershipProvider {
Can anyone tell me if this has been fixed in the latest version? I am using passwordFormat="encrypted" and machine key in the web.config. Cannot change member password in Umbraco backoffice.
Membership GetPassword bug (with temporary solution)
Hi,
In my new site, I have a option for the users to recover password to their email. I changed the web.config Membership settings to the following
and added the following
The GetPassword method was still returning the password encrypted.
I found this topic with a solution, but for this i have recompile the core of umbraco.
So, for those of you that wan't this feature, and while the bug is not corrected, get the password to and decrypt it with the following (example):
Keep up the good work :D
Links used for these "solution":
UmbracoMembershipProvider: GetPassword() Bug
Modify EditMember.aspx to display password
Hi Berto
Id be tempted to go with the modification to the membership provider, but instead of modifying the core, just create a new class that extends the umbraco provider, and just override that method. That way it's an easy swap in the web.config once it's fixed and doesnt clutter your business logic with unnecesary code.
Matt
Now that's a good solution!
Next time (I hope that it won't be necessary) I'll do that ;)
Does this also effect password revery?, i couldnt use the normal recovery control because it was emailing the password encrypted *(using decryption="encrypted")
Short answer: Yes!
The problem is when you call the getPassword, it's returning the password directly from Membership instead of decrypting it the password and then return the password. You can see why in this post.
For now you can:
1) The Fastest: Call the UnEncodePassord to decrypt the password (Less code, but can have problems when upgrading the umbraco when this bug corrected, basically, when corrected, your decrypt the password twice if you don't change your code.)
2) The Correct: Extend from Membership and override the method getPassword to decrypt the password (more code, but easy to change when the bug is corrected, just a change in the web.config, and it will work on future umbraco upgrades with any change on your code)
3) The Ninja: Get the code of umbraco, make the change, compile it, and deploy over your umbraco installation.
If you need more, I can post my code in here (1st solution)
I followed Matt's advice and created a sub class. The following is my attempt at using the absolute minimum amount of code to get the job done. Hope it helps others:
I then changed this line in web.config:
To this:
Can anyone tell me if this has been fixed in the latest version? I am using passwordFormat="encrypted" and machine key in the web.config. Cannot change member password in Umbraco backoffice.
I am still getting encrypted password in email.
You cannot get an Encrypted or Hashed password back from Umbraco you need to Reset it see this post.
http://our.umbraco.org/wiki/how-tos/membership-providers
That said, Thank You Qube for providing the solution above. It works well without much hassel. Solution should be put in FAQ.
Bo, you should not be able to get Hashed password. Encrypted should be retrievable. I can verify that it is retrievable with the solution above.
ooh my mistake. just tried it. hashed is one way, encryped like MD5 is twoway. thanks. //bo
glad you solved it.
is working on a reply...