SimpleMembershipProvider MinRequiredPasswordLength always returns 0 despite it being defined as 6 in Web.config membership provider section
-
12-12-2019 - |
Question
I switched to SimpleMembershipProvider
in an ASP.NET MVC 4 app. Everything else is working great but there's this problem...
When I try this code:
var password = Membership.GeneratePassword(Membership.MinRequiredPasswordLength, 0);
MinRequiredPasswordLength
is always 0. The settings defined in the membership provider's Web.config
section are not being read.
Here's the Membership default provider Web.config
section:
<membership defaultProvider="AspNetSqlMembershipProvider">
<providers>
<clear />
<add name="AspNetSqlMembershipProvider"
type="System.Web.Security.SqlMembershipProvider"
connectionStringName="DefaultConnection"
enablePasswordRetrieval="false"
enablePasswordReset="true"
requiresQuestionAndAnswer="false"
requiresUniqueEmail="false"
maxInvalidPasswordAttempts="5"
minRequiredPasswordLength="6"
minRequiredNonalphanumericCharacters="0"
passwordAttemptWindow="10"
applicationName="/Acad" />
</providers>
</membership>
Here's the debug info I get:
Any hints?
Is the SimpleMembershipProvider
so simple that it doesn't even use the Web.config section?
Solution for the moment
To overcome the SimpleMembershipProvider
current limitation, I used this code to grab the value defined in Web.config
:
MembershipSection membershipSection = (MembershipSection)WebConfigurationManager.GetSection("system.web/membership");
var defaultProvider = membershipSection.DefaultProvider;
ProviderSettings providerSettings = membershipSection.Providers[defaultProvider];
var minRequiredPasswordLength = int.Parse(providerSettings.Parameters["minRequiredPasswordLength"]);
Solution
I switched to SimpleMembershipProvider in an ASP.NET MVC 4 app.
Erm, from the relevant section you have shown in your web.config this doesn't seem to be the case at all. You are sill using the AspNetSqlMembershipProvider
.
If you want to switch to the SimpleMembershipProvider make sure that you have properly configured it:
<membership defaultProvider="SimpleMembershipProvider">
<providers>
<clear/>
<add name="SimpleMembershipProvider"
type="WebMatrix.WebData.SimpleMembershipProvider, WebMatrix.WebData"
/>
</providers>
</membership>
This being said the SimpleMembershipProvider doesn't support setting those properties via web.config. It doesn't even use it. If you want such functionality you will have to implement it yourself.
OTHER TIPS
You can inherit from SimpleMembershipProvider
and override MinRequiredPasswordLength
:
public class YoursSimpleMembershipProvider : SimpleMembershipProvider
{
private const int MIN_REQUIRED_PASSWORD_LENGTH = 6;
private const int MIN_REQUIRED_NON_ALPHANUMERIC_CHARACTERS = 0;
public override int MinRequiredPasswordLength
{
get
{
return MIN_REQUIRED_PASSWORD_LENGTH;
}
}
}
I found if I put minRequiredPasswordLength="3" in web.config,like this:
<membership defaultProvider="SimpleMembershipProvider" >
<providers>
<clear/>
<add name="SimpleMembershipProvider"
type="WebMatrix.WebData.SimpleMembershipProvider,WebMatrix.WebData"
minRequiredPasswordLength="3"
/>
</providers>
</membership>
That no effect. I find the secret in MODEL.If you create an Internet application template,in AccountModels.cs there is a "RegisterModel",just like this:
public class RegisterModel
{
[Required]
[Display(Name = "用户名")]
public string UserName { get; set; }
[Required]
[StringLength(100, ErrorMessage = "{0} 必须至少包含 {2} 个字符。", MinimumLength = 6)]
[DataType(DataType.Password)]
[Display(Name = "密码")]
public string Password { get; set; }
[DataType(DataType.Password)]
[Display(Name = "确认密码")]
[Compare("Password", ErrorMessage = "密码和确认密码不匹配。")]
public string ConfirmPassword { get; set; }
}
In the Password property has a StringLength->MinimumLength . I think that is!
Some features removed in SimpleMembershipProvider,See here:http://sharifhkhan.com/programming/features-removed-in-simplemembershipprovider/
Hope this help you.