tags:

views:

1863

answers:

5
+2  Q: 

ASP.NET membership password expiration

I am using ASP.NET membership for the authentication of my web app. This worked great for me. I now have to now implement password expiration.

If the password has expired the user should be redirected to changepassword screen and should not be allowed access any other part of the application without changing the password.

There are many aspx pages. One solution could be to Redirect to Changepassword screen oninit of every aspx if the password has expired. Is there any other solutions or recommendations.

Thanks, Jai

A: 

Is this what you need?

JSC  2008-12-08 13:44:36
Urg that's a terrible solution i'm sorry
cbp  2009-02-10 05:58:01
+3  A: 

You could add an event handler for the HttpApplication.PostAuthenticateRequest event in global.asax and handle the redirection there.

csgero  2008-12-08 14:17:29
That's what I'd do, combined with using the LastPasswordChangedDate property of the Membership Provider to determine when it expires.
technophile  2008-12-08 14:45:04
A: 

Thanks for your answers.I have now a base class from which I am deriving every Application Aspx page. I am now handling all the common tasks in the base class.

Thanks, Jai

Jai  2008-12-22 07:01:22
Not an actual answer. Use the comment feature on the question.
ddc0660  2010-05-20 16:30:03
+2  A: 

Just implemented this in about an hour, no need to modify your base page. Heres what you have to do:

1) Respond to the LoggingIn event of the membership control
2) Find the user in the membership database and get LastPasswordChangedDate
3) Using a TimeSpan, compare this with the current date and decide if the password was last changed more than the requisite number of days ago. I get this value from web.config
4) If expired, redirect to the ChangePassword screen

Moonmouse  2009-07-24 13:59:32
A: 

Jai would you be willing to share? I am trying to do the same thing but I am having issues with it

Vince  2010-01-09 18:16:58
Not an actual answer. Use the comment feature on the question.
ddc0660  2010-05-20 16:30:37

related questions

Is it better to create Model classes, or just stick with generic database utility class?
What are effective options for embedding video in an ASP.NET web site?
Visual Studio 2008 debugger already attached work-around
Tracking state using ASP.NET AJAX / ICallbackEventHandler
ASP.NET Display SVN Revision Number
ASP.NET URL Rewriting
How can I change the background of a masterpage from the code behind of a content page?
Easy way to AJAX WebControls
How do I define custom web.config sections with potential child elements and attributes for the properties?
ASP.NET MVC "CRUD" Database Sample
Are Multiple DataContext classes ever appropriate?
How to RedirectToAction in ASP.NET MVC without losing request data
Triple Quotes? How do I delimit a databound Javascript string parameter in ASP.NET?
ASP.NET built in user profile, Vs old stile user class/tables
What's a good book for learning ASP?
Bandwith throttling in IIS 6 by IP Address
ASP .Net Custom Client-Side Validation
How to get the value of built, encoded ViewState?
Decent, simple, GIS/mapping component for ASP.NET?
Checklist for IIS 6/ASP.NET Windows Authentication?
How to write to Web.Config in Medium Trust ?
ASP.NET, Visual Studio and Subversion - how to integrate?
Floating Point Number parsing: Is there a Catch All algorithm?
How do I sync the SVN revision number with my ASP.NET web site?
ASP.NET Site Maps