Export (0) Print
Expand All

SqlMembershipProvider Class

Manages storage of membership information for an ASP.NET application in a SQL Server database.

Namespace:  System.Web.Security
Assembly:  System.Web (in System.Web.dll)

public class SqlMembershipProvider : MembershipProvider

The SqlMembershipProvider type exposes the following members.

  NameDescription
Public methodSqlMembershipProviderInitializes a new instance of the SqlMembershipProvider class.
Top

  NameDescription
Public propertyApplicationNameGets or sets the name of the application to store and retrieve membership information for. (Overrides MembershipProvider.ApplicationName.)
Public propertyDescriptionGets a brief, friendly description suitable for display in administrative tools or other user interfaces (UIs). (Inherited from ProviderBase.)
Public propertyEnablePasswordResetGets a value indicating whether the SQL Server membership provider is configured to allow users to reset their passwords. (Overrides MembershipProvider.EnablePasswordReset.)
Public propertyEnablePasswordRetrievalGets a value indicating whether the SQL Server membership provider is configured to allow users to retrieve their passwords. (Overrides MembershipProvider.EnablePasswordRetrieval.)
Public propertyMaxInvalidPasswordAttemptsGets the number of invalid password or password-answer attempts allowed before the membership user is locked out. (Overrides MembershipProvider.MaxInvalidPasswordAttempts.)
Public propertyMinRequiredNonAlphanumericCharactersGets the minimum number of special characters that must be present in a valid password. (Overrides MembershipProvider.MinRequiredNonAlphanumericCharacters.)
Public propertyMinRequiredPasswordLengthGets the minimum length required for a password. (Overrides MembershipProvider.MinRequiredPasswordLength.)
Public propertyNameGets the friendly name used to refer to the provider during configuration. (Inherited from ProviderBase.)
Public propertyPasswordAttemptWindowGets the time window between which consecutive failed attempts to provide a valid password or password answers are tracked. (Overrides MembershipProvider.PasswordAttemptWindow.)
Public propertyPasswordFormatGets a value indicating the format for storing passwords in the SQL Server membership database. (Overrides MembershipProvider.PasswordFormat.)
Public propertyPasswordStrengthRegularExpressionGets the regular expression used to evaluate a password. (Overrides MembershipProvider.PasswordStrengthRegularExpression.)
Public propertyRequiresQuestionAndAnswerGets a value indicating whether the SQL Server membership provider is configured to require the user to answer a password question for password reset and retrieval. (Overrides MembershipProvider.RequiresQuestionAndAnswer.)
Public propertyRequiresUniqueEmailGets a value indicating whether the SQL Server membership provider is configured to require a unique e-mail address for each user name. (Overrides MembershipProvider.RequiresUniqueEmail.)
Top

  NameDescription
Public methodChangePasswordModifies a user's password. (Overrides MembershipProvider.ChangePassword(String, String, String).)
Public methodChangePasswordQuestionAndAnswerUpdates the password question and answer for a user in the SQL Server membership database. (Overrides MembershipProvider.ChangePasswordQuestionAndAnswer(String, String, String, String).)
Public methodCreateUserAdds a new user to the SQL Server membership database. (Overrides MembershipProvider.CreateUser(String, String, String, String, String, Boolean, Object, MembershipCreateStatus).)
Protected methodDecryptPasswordDecrypts an encrypted password. (Inherited from MembershipProvider.)
Public methodDeleteUserRemoves a user's membership information from the SQL Server membership database. (Overrides MembershipProvider.DeleteUser(String, Boolean).)
Protected methodEncryptPassword(Byte[])Encrypts a password. (Inherited from MembershipProvider.)
Protected methodEncryptPassword(Byte[], MembershipPasswordCompatibilityMode)Encrypts the specified password using the specified password-compatibility mode. (Inherited from MembershipProvider.)
Public methodEquals(Object)Determines whether the specified object is equal to the current object. (Inherited from Object.)
Protected methodFinalizeAllows an object to try to free resources and perform other cleanup operations before it is reclaimed by garbage collection. (Inherited from Object.)
Public methodFindUsersByEmailReturns a collection of membership users for which the e-mail address field contains the specified e-mail address. (Overrides MembershipProvider.FindUsersByEmail(String, Int32, Int32, Int32).)
Public methodFindUsersByNameGets a collection of membership users where the user name contains the specified user name to match. (Overrides MembershipProvider.FindUsersByName(String, Int32, Int32, Int32).)
Public methodGeneratePasswordGenerates a random password that is at least 14 characters long.
Public methodGetAllUsersGets a collection of all the users in the SQL Server membership database. (Overrides MembershipProvider.GetAllUsers(Int32, Int32, Int32).)
Public methodGetHashCodeServes as the default hash function. (Inherited from Object.)
Public methodGetNumberOfUsersOnlineReturns the number of users currently accessing the application. (Overrides MembershipProvider.GetNumberOfUsersOnline().)
Public methodGetPasswordReturns the password for the specified user name from the SQL Server membership database. (Overrides MembershipProvider.GetPassword(String, String).)
Public methodGetTypeGets the Type of the current instance. (Inherited from Object.)
Public methodGetUser(Object, Boolean)Gets the information from the data source for the membership user associated with the specified unique identifier and updates the last activity date/time stamp for the user, if specified. (Overrides MembershipProvider.GetUser(Object, Boolean).)
Public methodGetUser(String, Boolean)Returns information from the SQL Server membership database for a user and provides an option to update the last activity date/time stamp for the user. (Overrides MembershipProvider.GetUser(String, Boolean).)
Public methodGetUserNameByEmailGets the user name associated with the specified e-mail address. (Overrides MembershipProvider.GetUserNameByEmail(String).)
Public methodInitializeInitializes the SQL Server membership provider with the property values specified in the ASP.NET application's configuration file. This method is not intended to be used directly from your code. (Overrides ProviderBase.Initialize(String, NameValueCollection).)
Protected methodMemberwiseCloneCreates a shallow copy of the current Object. (Inherited from Object.)
Protected methodOnValidatingPasswordRaises the ValidatingPassword event if an event handler has been defined. (Inherited from MembershipProvider.)
Public methodResetPasswordResets a user's password to a new, automatically generated password. (Overrides MembershipProvider.ResetPassword(String, String).)
Public methodToStringReturns a string that represents the current object. (Inherited from Object.)
Public methodUnlockUserClears the user's locked-out status so that the membership user can be validated. (Overrides MembershipProvider.UnlockUser(String).)
Public methodUpdateUserUpdates information about a user in the SQL Server membership database. (Overrides MembershipProvider.UpdateUser(MembershipUser).)
Public methodValidateUserVerifies that the specified user name and password exist in the SQL Server membership database. (Overrides MembershipProvider.ValidateUser(String, String).)
Top

  NameDescription
Public eventValidatingPasswordOccurs when a user is created, a password is changed, or a password is reset. (Inherited from MembershipProvider.)
Top

This class is used by the Membership and MembershipUser classes to provide membership services for an ASP.NET application using a SQL Server database. You cannot use a SqlMembershipProvider without SQL Server. When your computer has SQL Server Express installed with the default instance name and user-instancing enabled, the SqlMembershipProvider object will create a database called aspnetdb in the application's App_Data directory the first time the application is run.

To manually create the database, run the Aspnet_regsql.exe executable found in the %systemroot%\Microsoft.NET\Framework\ versionNumber folder and specify the -A m option (for example aspnet_regsql.exe -A m). The database created is called Aspnetdb. Alternatively, run Aspnet_regsql.exe to pull up the GUI configuration mode and choose to configure all ASP.NET Features.

If the membership provider is configured with a connection string that uses integrated security, the process account of the ASP.NET application must have rights to connect to the SQL Server database.

The Machine.config file defines a default SqlMembershipProvider instance named AspNetSqlMembershipProvider that connects to the default SQL Server Express instance on the local machine. You can use this instance of the provider if you installed SQL Server Express with the default instance name, or you can define your own instance in the Web.config file for your ASP.NET application.

If you set the passwordCompatMode attribute to Framework40, the application can use the hashing and encryption membership options that were added in ASP.NET 4. However, if the passwordCompatMode attribute is set to Framework20, only the hashing and encryption membership options from the ASP.NET 2.0, ASP.NET 3.5, and ASP.NET 3.5 SP1 can be used. The default value is Framework20. For more information, see MembershipPasswordCompatibilityMode.

The following code example shows the Web.config file for an ASP.NET application configured to use a SqlMembershipProvider.

<configuration>
  <connectionStrings>
    <add name="SqlServices" connectionString="Data Source=localhost;Integrated Security=SSPI;Initial Catalog=aspnetdb;" />
  </connectionStrings>
  <system.web>
    <authentication mode="Forms" >
      <forms loginUrl="login.aspx"
        name=".ASPXFORMSAUTH" />
    </authentication>
    <authorization>
      <deny users="?" />
    </authorization>
    <membership defaultProvider="SqlProvider"
      userIsOnlineTimeWindow="15">
      <providers>
        <add 
          name="SqlProvider" 
          type="System.Web.Security.SqlMembershipProvider" 
          connectionStringName="SqlServices"
          applicationName="MyApplication"
          enablePasswordRetrieval="false"
          enablePasswordReset="true"
          requiresQuestionAndAnswer="true"
          requiresUniqueEmail="false"
          passwordFormat="Hashed"
          maxInvalidPasswordAttempts="5"
          passwordAttemptWindow="10" />
      </providers>
    </membership>
  </system.web>
</configuration>

.NET Framework

Supported in: 4.6, 4, 3.5, 3.0, 2.0

Windows 8.1, Windows Server 2012 R2, Windows 8, Windows Server 2012, Windows 7, Windows Vista SP2, Windows Server 2008 (Server Core Role not supported), Windows Server 2008 R2 (Server Core Role supported with SP1 or later; Itanium not supported)

The .NET Framework does not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.

Any public static (Shared in Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.
Show:
© 2014 Microsoft