Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations gkittelson on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Override ChangePassword? ASP .NET 2.0
- Thread starter newbieAl
- Start date
BoulderBum
Programmer
Did you want to change the functionality of changing a password, or the UI?
If the former, simply subclass SqlMembershipProvider and overrride the ChangePassword() method or hook into the ValidatingPassword event (if you want to add extra functionality like making sure users don't choose the same password as they did the past few passwords).
If the latter, then you can either use the ChangePassword control, convert it to a template control and add whatever you want, or don't even use the ChangePassword control and use a custom UI that eventually calls Membership.ChangePassword() in code.
MCP, MCTS - .NET Framework 2.0 Web Applications
If the former, simply subclass SqlMembershipProvider and overrride the ChangePassword() method or hook into the ValidatingPassword event (if you want to add extra functionality like making sure users don't choose the same password as they did the past few passwords).
If the latter, then you can either use the ChangePassword control, convert it to a template control and add whatever you want, or don't even use the ChangePassword control and use a custom UI that eventually calls Membership.ChangePassword() in code.
MCP, MCTS - .NET Framework 2.0 Web Applications
- Thread starter
- #3
BoulderBum
Programmer
The most comprehensive way to handle the situation is to create a sub-classed provider.
Basically you'd have a class like this:
Then you'd change the configured provider to use yours instead of the SqlMembershipProvider (change the "type" attribute or whatever it is).
MCP, MCTS - .NET Framework 2.0 Web Applications
Basically you'd have a class like this:
Code:
using System.Web.Security;
using System.Collections.Specialized;
public class ExtraPasswordValidationProvider : SqlMembershipProvider
{
public override void Initialize(string name, NameValueCollection config)
{
base.Initialize(name, config);
this.ValidatingPassword
+= new MembershipValidatePasswordEventHandler(ExtraValidation);
}
private void ExtraValidation(object sender, ValidatePasswordEventArgs e)
{
if( /*extra criteria fails*/ )
e.Cancel = true;
}
}Then you'd change the configured provider to use yours instead of the SqlMembershipProvider (change the "type" attribute or whatever it is).
MCP, MCTS - .NET Framework 2.0 Web Applications
- Thread starter
- #5
Thanks for your help. This is also a good solution to my problem:
BoulderBum
Programmer
Yes, the drawback with the approach described in that article is that you're intermingling UI code with business logic. Thus, while you're solving the problem for a single "change password" page, you're not solving the problem for the larger system, which is sloppy design.
Creating the overridden provider is nearly as straightforward, but allows you to enforce your business rule whereever at the provider level, thereby abstracting the functionality such that you can have different views or even different applications that enforce your business rule without duplicating code.
MCP, MCTS - .NET Framework 2.0 Web Applications
Creating the overridden provider is nearly as straightforward, but allows you to enforce your business rule whereever at the provider level, thereby abstracting the functionality such that you can have different views or even different applications that enforce your business rule without duplicating code.
MCP, MCTS - .NET Framework 2.0 Web Applications
- Status
Similar threads
- Locked
- Question
- Locked
- Question