mbiro
Programmer
- Nov 20, 2001
- 304
In VS2005, I've dropped a createUserWizard control, a login control, a Passwg8ordRecovery control, and a changePassword control onto a page. I am using ActiveDirectory as my mebership provider. I have extended the schema to allow for for the Qustion/Answer part of recovery. The password requires a minimum of 7 characters with at least 1 non-alphanumeric.
I create a user with a password of abcdef34! and it works. I login with that password, it works. I log out and use password recovery, answering the question, and I receive a new password via email. The new password is w3.ed!df8tyt. I login with the new password and it works. I try the changePassword, putting the w3.ed!df8tyt password in as the current password and qwerty56# twice as the new password. I click submit and, after a few seconds, get the message saying either the current password in invalid or the new password in not at least seven characters long. I have tried this over and over with different new passwords. I have copy/pasted the passwords (current and new) from notepad to ensure they are correctly entered. I always get that message. If I try a password like dog, the page does not post as the validator catches it before submission. My attempts do post, but they come back as invalid.
I know of no way to step through as they are controls just dropped on the page. Any ideas? Here is my config:
I create a user with a password of abcdef34! and it works. I login with that password, it works. I log out and use password recovery, answering the question, and I receive a new password via email. The new password is w3.ed!df8tyt. I login with the new password and it works. I try the changePassword, putting the w3.ed!df8tyt password in as the current password and qwerty56# twice as the new password. I click submit and, after a few seconds, get the message saying either the current password in invalid or the new password in not at least seven characters long. I have tried this over and over with different new passwords. I have copy/pasted the passwords (current and new) from notepad to ensure they are correctly entered. I always get that message. If I try a password like dog, the page does not post as the validator catches it before submission. My attempts do post, but they come back as invalid.
I know of no way to step through as they are controls just dropped on the page. Any ideas? Here is my config:
Code:
<authentication mode="Forms">
<forms name=".ADAuthCookie" loginUrl="login.aspx" defaultUrl="default.aspx" protection="All" timeout="30" path="/" requireSSL="false" slidingExpiration="true" cookieless="UseDeviceProfile" domain="" enableCrossAppRedirects="false">
<credentials passwordFormat="SHA1"/>
</forms>
</authentication>
<authorization>
<deny users="?"/>
<allow users="*"/>
</authorization>
<membership defaultProvider="ADMembershipProvider">
<providers>
<add name="ADMembershipProvider"
type="System.Web.Security.ActiveDirectoryMembershipProvider, System.Web, Version=2.0.0.0, 
 Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
connectionStringName="ADConnectionString"
connectionUsername="username"
connectionPassword="password"
attributeMapUsername="sAMAccountName"
enablePasswordReset="true"
requiresQuestionAndAnswer="true"
attributeMapPasswordQuestion="User-forgotpwdquestion"
attributeMapPasswordAnswer="User-forgotpwdanswer"
attributeMapFailedPasswordAnswerCount="User-failedanswercount"
attributeMapFailedPasswordAnswerTime="User-lastfailedanswertime"
attributeMapFailedPasswordAnswerLockoutTime="User-accountlockedtime"
requiresUniqueEmail="true"
enableSearchMethods="true"
/>
</providers>
</membership>