tags:

views:

737

answers:

3
+1  Q: 

ASP.NET Membership validate password

I use ASP.NET Membership to manage users on my site. But I need to create the user accounts manually, without the help of the CreateUserWizard. I have set textboxes for the required fields, and now I am setting up validators.

The question is: How do I make a validator that would see if the password the user enters in the textbox is valid?

I know that there is a specific format the password must have, but that can be changed, and I would like for the validator to work even if that changes. So a regular expression validator won't work (i think)

A: 

You can dynamically set the regex of a regular expression validator.

private void Page_Load(object sender, EventArgs e)
{
    passwordValidator.ValidationExpression = someConfiguration.GetPasswordValidationExpression();
}
Serhat Özgel  2009-06-07 16:54:20
But the regex expression is not stored by me anywhere.At the moment, I use the default password restrictions (>6 chars, at least one number, and at least one special char).If I go to my web.config and add minRequiredNonAlphanumericCharacters="0" to my membership provider, that changes the password restrictions, and I don't use any regular expression.I am looking for something like Membership.IsThisPasswordValid(password), but that doesn't seem to exist. A method like that would validate the password according to whatever is in the web.config, and I could call it in a CustomValidator
Ove  2009-06-07 17:30:43
A: 

What's your objection to using (a variant) of the CreateUserWizard? If it's to do with needing additional fields, or the layout there are ways around that:

  1. How to: Customize the CreateUserWizard - Check out the section on "To customize the CreateUserWizard steps".
  2. ASP.NET 2.0 CSS Friendly Control Adaptors (these are going to be built into ASP.NET 4.0)

But even the default CreateUserWizard doesn't do client side password validation, I guess for this very reason :(

Zhaph - Ben Duguid  2009-09-01 09:45:37
+1  A: 

There doesn't seem to be a simple way. However, you can use the Membership.CreateUser that takes a MembershipCreateStatus param.

If the password is valid, the created user object will be null and the MembershipCreateStatus will be set to InvalidPassword (or any other creation status).

Example:

MembershipCreateStatus membershipCreateStatus;
MembershipUser newUser = Membership.CreateUser(userName, password, email, passwordQuestion, passwordAnswer, true, out membershipCreateStatus);

// Check if the user was created succesfully
if (newUser == null)
{
    // membershipCreateStatus contains the information why the creation was not successful
    if (membershipCreateStatus == MembershipCreateStatus.InvalidPassword)
    {
        // The password doesn't match the requirements
    }
}
GoodEnough  2010-01-26 19:59:46

related questions

Is it better to create Model classes, or just stick with generic database utility class?
What are effective options for embedding video in an ASP.NET web site?
Visual Studio 2008 debugger already attached work-around
Tracking state using ASP.NET AJAX / ICallbackEventHandler
ASP.NET Display SVN Revision Number
ASP.NET URL Rewriting
How can I change the background of a masterpage from the code behind of a content page?
Easy way to AJAX WebControls
How do I define custom web.config sections with potential child elements and attributes for the properties?
ASP.NET MVC "CRUD" Database Sample
Are Multiple DataContext classes ever appropriate?
How to RedirectToAction in ASP.NET MVC without losing request data
Triple Quotes? How do I delimit a databound Javascript string parameter in ASP.NET?
ASP.NET built in user profile, Vs old stile user class/tables
What's a good book for learning ASP?
Bandwith throttling in IIS 6 by IP Address
ASP .Net Custom Client-Side Validation
How to get the value of built, encoded ViewState?
Decent, simple, GIS/mapping component for ASP.NET?
Checklist for IIS 6/ASP.NET Windows Authentication?
How to write to Web.Config in Medium Trust ?
ASP.NET, Visual Studio and Subversion - how to integrate?
Floating Point Number parsing: Is there a Catch All algorithm?
How do I sync the SVN revision number with my ASP.NET web site?
ASP.NET Site Maps