Forget Password error

Topics: Internet/Extranet Edition
Dec 5, 2008 at 2:08 AM
hello,
When I try to recovered password from forget password link I get this error message 

This Membership Provider has not been configured to support password retrieval.
Any idea or help Please
Thanks
Developer
Dec 5, 2008 at 9:40 AM
Hi,

It can't send the password becuase it's using one way hash. it doesn't know it!

You might be able to reconfigure it but I don't think the FBA project supports any other config?

Anthony
Developer
Dec 5, 2008 at 4:55 PM
You can reconfigure it to encrypt, which allows password retrieval.  I can't remember offhand whether the code to actually retrieve the password is there, but I think it is.  The AspDotNetSqlMembershipProvider is set to hash by default, but it can be set to Encrypt or even clear text, which isn't recommended.

To do it, modify your provider tag in your web config to set

    enablePasswordRetrieval="true"

and also to use encryption with:

    passwordFormat="Encrypted"

If you've named your provider the same as the default, "AspNetSqlMembershipProvider", you'll need to remove the default one before you make these changes, because they will conflict with the machine-level settings.  So put <remove name="AspNetSqlMembershipProvider" /> right before the place where  you add your provider string, like:

<remove name="AspNetSqlMembershipProvider" />
<add name="AspNetSqlMembershipProvider" 
    connectionStringName="AspNetDb_FBA_ConnectionString" 
    enablePasswordRetrieval="true" 
    passwordFormat="Hashed"
    [...]


You'll need to specify a machine key, as a child of <system.web>, for example:

<machineKey
     validationKey="799541f718efc3kjh64kljh4647jkk623e2da9184fc53,IsolateApps" 
     decryptionKey="45c9c456ghg6jhg56kjh6b8ea40604ec2du8ka0,IsolateApps"
     validation="AES"/>

or 

<machineKey 
    validationKey='1463FCEB341D58577A0AE84849F692DBB665821DB33EBFBF9BF42D33C2697AA78BD58C5FB73B4AF4464B139E01E21084D1DBD5FD9C64277700DB5F4A3382C28D'  
    decryptionKey='4D26CD8349B6FD5048D8326EFE71BA5136A5EA6CF21F25D7'   validation='SHA1'/>

Make sure you generate a real key, don't use the one I just posted, which is bogus. You can generate keys here:

http://www.eggheadcafe.com/articles/GenerateMachineKey/GenerateMachineKey.aspx


Regards,
Mike Sharp
Dec 6, 2008 at 3:17 AM
I tried nothing works. May be I am wrong to put the membership provider. Can anyone help me.

My settings is 
 <!-- membership provider -->
    <membership defaultProvider="FBAMember">
      <providers>
        <add connectionStringName="AspNetDbFBADemoConnectionString" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" applicationName="/" requiresUniqueEmail="false" passwordFormat="Hashed" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="1" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10" passwordStrengthRegularExpression="" name="FBAMember" type="System.Web.Security.SqlMembershipProvider,System.Web,Version=2.0.0.0,Culture=neutral,PublicKeyToken=b03f5f7f11d50a3a" />
      </providers>
    </membership>
    <!-- role provider -->
    <roleManager enabled="true" defaultProvider="FBARole">
      <providers>
        <add connectionStringName="AspNetDbFBADemoConnectionString" applicationName="/" name="FBARole" type="System.Web.Security.SqlRoleProvider,System.Web,Version=2.0.0.0,Culture=neutral,PublicKeyToken=b03f5f7f11d50a3a" />
      </providers>
    </roleManager>
<machineKey validationKey='04C005B83738E561DB0FDA72700CF2552F7C5236E1EE690E6DFCD9ABCC50BD76A32DAD50B6F606E3D1484DECE174E40C1B434BEB499EF8EEC00E19C56A791F8D'   decryptionKey='C2D62C7F485F244F2D688A541D52A5E5FAEB27924F2475BD'   validation='SHA1'/>

Still Same error message

Any suggestion
 
Developer
Dec 6, 2008 at 7:20 PM
You still have password retrieval disabled:

enablePasswordRetrieval="false"

If you want to be able to retrieve, you have to set it true.  And I'm not 100% certain the functionality works to begin with.

Mike
Dec 6, 2008 at 8:09 PM
Hi,
I changed the value enablePasswordRetrieval="true"  and still have the same issue. Anyone Please
Developer
Dec 6, 2008 at 9:34 PM
I just looked at the code, and it doesn't appear that password retrieval is implemented.  You can reset a password, which sends out an email, but not retrieve one through the UI.  In any case, you'll have to implement the Question and Answer, if you want to display the password in the UI, otherwise you have no way of knowing the person doing the retrieving is who they say they are.

Mike
Dec 7, 2008 at 12:40 AM
Hello rdCpro,
Can you help me to rewrite the code  I need something just to send email

Thanks A lot
Developer
Dec 7, 2008 at 2:37 AM
That part should work already.  Are you using the latest version?  That would be beta 1.0?
Developer
Dec 7, 2008 at 2:45 AM
I just checked in my test environment (which is built with changeset 17054) and resetting a password works.  You've added the Reset Password web part?  Your FBA installation is correctly configured?

Mike