Troy Goode: SquaredRoot

ASP.Net, C#, MVC, and LINQ

MVC Membership Starter Kit - 1.2

Troy Goode [Permalink]
April 28, 2008 5:22 PM

This weekend I posted a new release of the MVC Membership Starter Kit. This release is an update to migrate the starter kit to the new interim release of the MVC framework. If you do not feel comfortable using the interim release, please continue using the 1.1 release and wait for Microsoft to release Preview 3; we will update the Starter Kit soon thereafter.

Changes in 1.2:

  • WindowsLive is now a supported authentication scenario (read Maarten's blog post on this).
  • Per Andrew Arnott's suggestion, the starter kit now uses the DotNetOpenId library rather than the code previously used (which was created by Mads Kristensen). This gives us a more robust and secure implementation that will develop and improve independently of this project.
  • All actions that previously expected a username in the route now expect the user's ProviderUserKey (a Guid) instead. This was done because users with OpenID urls as their username could not previously be accessed.
  • "Whitelist support" has been added to the OpenID implementation, allowing you to setup regular expressions that dictate which OpenID providers are allowed to be used when logging into your site. By default there is no whitelist, so all providers are allowed.
  • The starter kit now offers greater control over which authentication scenarios your site supports and which is the default. Out-of-the-box only FormsAuthentication is enabled and is obviously the default.
Kick It!
Tags: ,
Categories: MVC
Actions: E-mail | Permalink | Comments (6) RSS Feed for this post's comments.

Comments

4/29/2008 11:26 AM #

Samuli Lintunen

Troy, thanks for your hard work and dedication! The MMSK keeps getting better and better. Smile

Samuli Lintunen fi

4/30/2008 12:44 AM #

Troy Goode

Thanks Samuli,

I'm glad you have found it useful. Your suggestions on the CodePlex site have been very useful, please keep it up!

Troy Goode us

5/1/2008 8:29 AM #

Lorenzo

Hi Troy,
I need an information: how can I setup my own connection string to use, for example, my SQLServer 2005 instance instead of the default .\SQLEXPRESS ASPNETDB instance? I have modified the connection string on the web.config of the example web site but it seems to try to connect always with the default connection string.

Lorenzo it

5/2/2008 9:33 AM #

Troy Goode

Hi Lorenzo,

The Mvc Membership Starter Kit uses the ASP.Net membership database. By default (without specifying any configuration options) it looks for the ASPNETDB database as you've discovered. To override these settings you'll first want to tell the web.config to remove the default providers and then specify your own. Here is an example:


<membership defaultProvider="MyMembershipProvider" userIsOnlineTimeWindow="15">
<providers>
<remove name="AspNetSqlMembershipProvider"/>
<add
name="MyMembershipProvider"
type="System.web.Security.SqlMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
connectionStringName="MY_CONN_STRING"
applicationName="/"
enablePasswordRetrieval="false"
enablePasswordReset="true"
requiresQuestionAndAnswer="false"
requiresUniqueEmail="true"
passwordFormat="Hashed"
maxInvalidPasswordAttempts="5"
passwordAttemptWindow="10"
passwordStrengthRegularExpression=""
minRequiredPasswordLength="4"
minRequiredNonalphanumericCharacters="0"
/>
</providers>
</membership>
<roleManager defaultProvider="MyRoleProvider" enabled="true" cacheRolesInCookie="true" cookieName=".ASPXROLES" cookiePath="/" cookieTimeout="30" cookieRequireSSL="false" cookieSlidingExpiration="true" createPersistentCookie="false" cookieProtection="All">
<providers>
<remove name="AspNetSqlRoleProvider"/>
<remove name="AspNetWindowsTokenRoleProvider"/>
<add
name="MyRoleProvider"
type="System.Web.Security.SqlRoleProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
connectionStringName="MY_CONN_STRING"
applicationName="/"
/>
</providers>
</roleManager>
<profile defaultProvider="MyProfileProvider">
<providers>
<remove name="AspNetSqlProfileProvider"/>
<add
name="MyProfileProvider"
type="System.Web.Profile.SqlProfileProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
connectionStringName="MY_CONN_STRING"
applicationName="/"
/>
</providers>
</profile>

Troy Goode us

5/5/2008 6:14 AM #

nickyao

I found a bug in the sample website.

I want to reset my password, but after i click the [reset password] button, then throw an exception.

Fix bug:
BaseFormsAuthenticationController.cs line 556
change return RenderView(); to return RenderView("PasswordQuestion");

nickyao cn

5/5/2008 12:13 PM #

Troy Goode

Thanks Nick, I have created work item on the CodePlex project to track this bug:

www.codeplex.com/.../View.aspx?WorkItemId=766

Troy Goode us

Add Comment


(Will show your Gravatar icon)  

  Country flag

biuquote
  • Comment
  • Preview
Loading




Troy Goode

Troy Goode
Microsoft Certified Professional Developer
AddThis Feed Button

Disclaimer

The opinions expressed herein are my own personal opinions and do not represent my employer's view in  anyway.

© Copyright 2008

Colophon

Powered by:
BlogEngine.NET 1.4
Template:
Designs by Darren
Header Font:
Stamper
Syntax Highlighting:
WLW Code Snippet Plugin

© Copyright 2008, Troy Goode. All rights reserved.
Email Me: tgoode@squaredroot.com  Sign In