MembershipUser.ChangePassword returns false at all times

https://stackoverflow.com/questions/22792270

25-06-2023
|

Question

Using System.Web.Providers.DefaultMembershipProvider along with System.Web.Security.MembershipUser, I am attempting to change a users password in the databases. For some reason, no matter what I do, the MembershipUser.ChangePassword(old, new) returns false with no errors.

In the database, my ApplicationID that is associated to the Application name is correct, and my user has that ApplicationID attached to it in both the Memberships and Users tables. The User is not null when it comes to that point, all the data is accurate in the object. I am at a complete loss here, any help would be greatly appreciated as no other source has been able to help me.

EDIT: 
User is not locked out, the user is active, and the password is correct. All
password requirements are being fulfilled. This is extremely frustrating since 
the MembershipUser.GetUser() finds the user and all of its associated data but 
will not change the password.

Additional Steps:
    - Tried MembershipUser.UnlockUser() just in case, no luck.
    - Tried MembershipUser.ResetPassword() then a change. This fails with the 
      error message "Value cannot be null" even though it should be able to.
    - GetSpecificVerion of the entire solution and working to when it first 
      broke. Every version worked, including my latest (Yay!), but then it
      magically stopped working again a few minutes later, no code changes
      were made at all.

Bounty added, looking for any and all possibilities that could lead to a fix...

Config File:

----
<add name="aspnetdb" connectionString="Application Name=appname;Type System Version=SQL Server 2008;server=***,****;Initial Catalog=aspnetdb;Integrated Security=false;pwd=****;user id=****" providerName="System.Data.SqlClient" />    
----

----
<membership defaultProvider="DefaultMembershipProvider">
    <providers>
        <add name="DefaultMembershipProvider" type="System.Web.Providers.DefaultMembershipProvider, System.Web.Providers, Version=2.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" connectionStringName="aspnetdb" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="7" passwordAttemptWindow="10" applicationName="mysite.com" />
    </providers>
</membership>
----

Method:

public ActionResult ChangePassword(ChangePasswordViewModel model)
{
    // Indicates whether changing the password was successful or not.
    Boolean passwordChanged = false;

    if (ModelState.IsValid)
    {
        // Grab the current user.
        MembershipUser user = Membership.GetUser(User.Identity.Name, true);

        if (user != null)
        {
            passwordChanged = user.ChangePassword(model.OldPassword, model.NewPassword);
        }
    }

    return Json(new { Success = passwordChanged });
}

Solution

Turns out someone else within the company was using the same DEV database to back an internal OpenID Provider. During the development of this OpenID Provider, the data was getting altered causing odd behavior. Thankfully I just happened to notice some data change on me and ask some questions of the other groups, saved me from wasting any more time..

This is still odd that I was able to retrieve a user but not change the password of that user. In the end, clearing up the communication between the two projects seems to have cleared up the issue for now.

Nice lesson learned here when sharing a database. Thanks for those of you who tried to help :)

Licensed under: CC-BY-SA with attribution

Not affiliated with StackOverflow