Typo SqlMembershipProvider code in .NET Framework Beta2

When you use the Membership service is ASP.NET 2.0 and the SqlMembershipProvider, you can only create members when the password contains at least one non-alphanumeric character. This is sometimes confusing to the users, and there are other ways to make them choose a strong password.

If you want to change this setting for the provider, you might think of using the MinRequiredNonAlphaNumericCharacters property. This is a read-only property, so there’s no luck there. You have to resort to the web.config or machine.config and alter the definition of the existing AspNetSqlMembershipProvider or create a new provider definition. That’s when it happens. Normally you will just take the property of the provider you want to change, camel-case it and put it into the config like so:

<membership>
  <
providers
>
    <
removename=AspNetSqlMembershipProvider
/>
    <
addname=AspNetSqlMembershipProvider

      type=
System.Web.Security.SqlMembershipProvider, System.Web,
      Version=2.0.0.0, Culture=neutral,
      PublicKeyToken=b03f5f7f11d50a3a

    connectionStringName=SqlClansConnection
    enablePasswordRetrieval=false

    enablePasswordReset=truerequiresQuestionAndAnswer=false

    applicationName=ChampionsrequiresUniqueEmail=true

    passwordFormat=HashedmaxInvalidPasswordAttempts=5

    passwordAttemptWindow=10
    passwordStrengthRegularExpression=[a-zA-Z0-9_]{3,}
/>
  </
providers>
</
membership>

For the MinRequiredNonAlphanumericCharacters you would expect this attribute to be minRequiredNonAlphanumericCharacters. There seems to be a typo, as Reflector reveals the following fragment in the provider’s Initialize method. Take note of the pink ‘a’, that should have been capitalized.

this._MinRequiredPasswordLength = SecUtility.GetIntValue(config, “minRequiredPasswordLength”, 7, false, 0x80);
      this.
_MinRequiredNonalphanumericCharacters = SecUtility.GetIntValue(config, minRequiredNonalphanumericCharacters, 1, true, 0x80);
      this.
_PasswordStrengthRegularExpression = config[“passwordStrengthRegularExpression”];

Advertisements
This entry was posted in Uncategorized. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s