Geek Answers Handbook

How to grab maxInvalidPasswordAttempts from web.config?

I needed to rewrite many asp.net membership elements as it did not meet my needs. Therefore, in my usual verification method, I check their passwords if it fails. I grab the aspnet_membership maxInvalidPasswordAttempts and add 1 to it.

So, in my web.config, I set it to 10. Therefore, I want to get the value from web.config and compare with what the user has. How can i do this?

Also, I think when I do this comparison in the if statement, would I block the user?

+4
source share
2 answers

You should get the configuration values ​​from web.config in your provider. Initialize the method as shown below:

public override void Initialize(string name, NameValueCollection config) { if (config == null) throw new ArgumentNullException("config"); // Initialize the abstract base class. base.Initialize(name, config); pApplicationName = GetConfigValue(config["applicationName"], System.Web.Hosting.HostingEnvironment.ApplicationVirtualPath); pMaxInvalidPasswordAttempts = Convert.ToInt32(GetConfigValue(config["maxInvalidPasswordAttempts"], "5")); // ...

In your application, you refer to it as a .MaxInvalidPasswordAttmpts membership.

There is a full implementation of custom MembershipProvider on MSDN . I was able to implement the provider in a couple of hours, using this as an example.

+2
source

In your application, you can access all the providers associated with your application through a collection of providers in the Membership class. Then just use the property of the value you are interested in.

 Membership.Providers["ProviderName"].MaxInvalidPasswordAttempts

Or you can get the default provider using the following.

 Membership.Provider.MaxInvalidPasswordAttempts

Membership is in the System.Web.Security namespace just in case.

Another approach, perhaps, is to write your own MemberhipProvider. Depending on how many settings you intend to make, your controllers will be cleaner if you process all your own authentication logic with your own provider.

+1
source

More articles:


All Articles