MVC Membership Starter Kit – 1.2
// April 28th, 2008 // MVC
This weekend I posted a new release of the MVC Membership Starter Kit. This release is an update to migrate the starter kit to the new interim release of the MVC framework. If you do not feel comfortable using the interim release, please continue using the 1.1 release and wait for Microsoft to release Preview 3; we will update the Starter Kit soon thereafter.
Changes in 1.2:
- WindowsLive is now a supported authentication scenario (read Maarten’s blog post on this).
- Per Andrew Arnott’s suggestion, the starter kit now uses the DotNetOpenId library rather than the code previously used (which was created by Mads Kristensen). This gives us a more robust and secure implementation that will develop and improve independently of this project.
- All actions that previously expected a username in the route now expect the user’s ProviderUserKey (a Guid) instead. This was done because users with OpenID urls as their username could not previously be accessed.
- "Whitelist support" has been added to the OpenID implementation, allowing you to setup regular expressions that dictate which OpenID providers are allowed to be used when logging into your site. By default there is no whitelist, so all providers are allowed.
- The starter kit now offers greater control over which authentication scenarios your site supports and which is the default. Out-of-the-box only FormsAuthentication is enabled and is obviously the default.
6 Responses to “MVC Membership Starter Kit – 1.2”
- Kim Cu Hoang said: Hi, How can we implement this with Ajax? Can yo...
- magz said: Hey Troy! this is really brilliant, well done!! I ...
- Troy Goode said: @Steve Trefethen: Thanks Steve, glad you like i...
- Troy Goode said: @eduardo: I just double-checked all the links and ...
- Troy Goode said: @Dhruv - You'll indeed want to reference the Paged...
- Steve Trefethen said: Great post Troy, very nice write up and I apprecia...
- MVC Membership Starter Kit Released
- Creating an MVC Project in Visual Studio 2010
- Return of the PagedList
- Spearmen, Javelin Throwers, and the State Pattern. Oh My!
action filters
AJAX
Alt.net
authentication
BlogEngine.net
Blogging
C#
codebehind
codecamp
CodePlex
conference
CssHandler
error handling
exceptions
family
functional programming
honeymoon
how-to
LINQ
membership
MVC
OpenID
open source
paging
patterns
PDC
PDC09
Presentations
release
security
session
template
training
VS2010
wedding
My photos. Now you know me.
Recent Comments
- Kim Cu Hoang on Return of the PagedList
- Validaciones y membresías en ASP.net MVC « el espacio del gusano on MVC Membership Starter Kit Released
- Validaciones y membrecías en ASP.net MVC « el espacio del gusano on MVC Membership Starter Kit Released
- magz on Return of the PagedList
- MVC com Autenticação « 2BDR – PAULO CRESPO PEREIRA on ASP.Net MVC Membership Basics
Troy, thanks for your hard work and dedication! The MMSK keeps getting better and better.
Thanks Samuli,
I’m glad you have found it useful. Your suggestions on the CodePlex site have been very useful, please keep it up!
Hi Troy,
I need an information: how can I setup my own connection string to use, for example, my SQLServer 2005 instance instead of the default .\SQLEXPRESS ASPNETDB instance? I have modified the connection string on the web.config of the example web site but it seems to try to connect always with the default connection string.
Hi Lorenzo,
The Mvc Membership Starter Kit uses the ASP.Net membership database. By default (without specifying any configuration options) it looks for the ASPNETDB database as you’ve discovered. To override these settings you’ll first want to tell the web.config to remove the default providers and then specify your own. Here is an example:
[quote]
connectionStringName="MY_CONN_STRING"
applicationName="/"
enablePasswordRetrieval="false"
enablePasswordReset="true"
requiresQuestionAndAnswer="false"
requiresUniqueEmail="true"
passwordFormat="Hashed"
maxInvalidPasswordAttempts="5"
passwordAttemptWindow="10"
passwordStrengthRegularExpression=""
minRequiredPasswordLength="4"
minRequiredNonalphanumericCharacters="0"
/>
connectionStringName="MY_CONN_STRING"
applicationName="/"
/>
connectionStringName="MY_CONN_STRING"
applicationName="/"
/>
I found a bug in the sample website.
I want to reset my password, but after i click the [reset password] button, then throw an exception.
Fix bug:
BaseFormsAuthenticationController.cs line 556
change return RenderView(); to return RenderView(”PasswordQuestion”);
Thanks Nick, I have created work item on the CodePlex project to track this bug:
http://www.codeplex.com/MvcMembership/WorkItem/View.aspx?WorkItemId=766