Talk About Network

Google


Register and Login
Nick
Password
Register create new account Sign up is FREE and you can post replies, new topics, bookmark posts and more!
Recover lost password


Software > Commerce Server Userprofile management > ****blem where ...
Latest [ Topics | Posts ] Archive Post A New Topic Post a Reply
<< Topic < Post Post 1 of 2 Topic 233 of 267
 Post > Topic >>

****blem where unapproved users are able to login when using UpmMember****pProvider

by "Chris" <chris.j.pearce@[EMAIL PROTECTED] > Aug 2, 2006 at 04:00 AM

I have configured our website to use the UpmMember****p provider with
the requiresApproval attribute set to true and then added the ASP.NET
Login control to our login page with the Member****pProvider property
set to UpmProvider.

When users are created in the profile store, the account status (when
viewed using the "Customer and Orders Manager") is set to "Requires
Approval" as expected.

However, users that have an account status of "Requires Approval" are
still able to login to the web site using the standard ASP.Net 2.0
Login control.

I would have expected the login control to automatically block these
unapproved users from logging in (and for the ValidateUser method to
return false) until their account status is set to Active .

n.b. As a workaround, I have overriden the OnLoggingIn method of the
Login control in order to interrogate the Account Status property of
the user profile via the CS profile system and cancel the login if it
is not set to "Approved".



Is there a configuration step I am missing ?

Our web.config includes the following entries:

	<userProfile
		profileDefinition="UserObject"
		userIdProperty="GeneralInfo.user_id"
		organizationIdProperty="AccountInfo.org_id"
		catalogSetIdProperty="AccountInfo.user_catalog_set"

		userIdSource = "ASP.Net"
		userIdKey = "GeneralInfo.email_address"
		userIdTarget = "GeneralInfo.user_id"
	/>


	<member****p defaultProvider="UpmProvider" userIsOnlineTimeWindow="15">
		<providers>
			<add
name="UpmProvider"		type="Microsoft.CommerceServer.Runtime.Profiles.UpmMember****pProvider"

				logonNameProperty="GeneralInfo.email_address"
				maxInvalidPasswordAttempts="5"
				passwordAttemptWindow="10"
				passwordLockoutPeriod="0"
				requiresApproval="true"
				writeExceptionsToEventLog="true"
				minRequiredPasswordLength="5"
				minRequiredNonalphanumericCharacters="0"
				requiresQuestionAndAnswer="false"
				enablePasswordReset="true"
				enablePasswordRetrieval="true"
				requiresUniqueEmail="true"
				passwordFormat="Clear" />
		</providers>
	</member****p>


Our profile contains the following field:
	AccountInfo.account_status

The following site terms are set up:
	Name	Display Name
	2	Requires Approval
	1	Active Account
	0	Inactive




 2 Posts in Topic:
Porblem where unapproved users are able to login when using UpmM
 "Chris" <chr  2006-08-02 04:00:07 
RE: Porblem where unapproved users are able to login when using
 davidhargis@[EMAIL PROTEC  2006-08-24 19:49:14 

Post A Reply:
  Go here to Signup

AddThis Feed Button


About - Advertising - Contact - Frequently Asked Questions - Privacy Policy - Terms of Use - Signup
Contact
tan12V112 Mon Dec 1 16:50:44 CST 2008.