As I previously demonstrated, creating these Web forms is simple and painless; however, what if you want to customize the functionally behind these Web forms? This also is a straightforward process, but there is a little more effort required on your part. Use the web.config file to customize the settings. Take a look a Listing 3 below.
Listing 3: Custom AspNetSqlMembershipProvider Settings
<membership>
<providers>
<remove name="AspNetSqlMembershipProvider"/>
<add name="AspNetSqlMembershipProvider"
type="System.Web.Security.SqlMembershipProvider,
System.Web, Version=2.0.0.0, Culture=neutral,
PublicKeyToken=b03f5f7f11d50a3a"
connectionStringName="LocalSqlServer"
enablePasswordRetrieval="true"
enablePasswordReset="true"
requiresQuestionAndAnswer="false"
applicationName="/"
requiresUniqueEmail="true"
passwordFormat="Encrypted"
maxInvalidPasswordAttempts="3"
minRequiredPasswordLength="6"
minRequiredNonalphanumericCharacters="2"
passwordAttemptWindow="10"
passwordStrengthRegularExpression="" />
</providers>
</membership>
The customization I am referring to is:
- Enable Password Retrieval
- Require Question and Answer
- Requires Unique Email
- Password Format
- Maximum Invalid Password Attempts
- Minimum Required Password Length
- Minimum Required Non-Alphanumeric Characters
While you could always modify the machine.config file, I do not recommend this course of action because in most cases no two applications will have the exact same requirements when it comes to Membership.
Customize the Web Forms
Take the Web forms you previously created and customize them to your needs. For the sake of brevity, I will cover the registration Web form; however, the others are included in the sample code. Since we are not going to require the user to enter a question and answer in the case of a forgotten password, we must modify our Web form (see Figure 7).
To accomplish this step, click the Customize Create User Step as shown in figure 10.
Figure 10: Customize Create User Step
Once you have performed this action, you can then remove the two rows that contain the labels, text fields, and required field validators. Save these changes, and at this point your Web form should look similar to Figure 11.
Figure 11: Customized Registration Web Form
Next, open the PasswordRecovery Web form and delete the QuestionTemplate section. At this point, your Web forms have been customized to meet the specifications of this article, but there are a few more steps you will need to accomplish in order to send the user his or her password via email.
MailDefinition Behavior of the PasswordRecovery Control
As I previously discussed about sending users their password, there are a couple of steps we must accomplish. First, we need to once again modify the web.config file to hold the necessary SMTP setting that we will be utilizing to send these types of emails.
Listing 4: SMTP Settings
<mailSettings>
<smtp from="postmaster@anywhere.net">
<network host="smtp.anywhwere.net" password="mypassword"
userName="postmaster@anywhere.net" />
</smtp>
</mailSettings>
Now the next step is to bring up the properties of the PasswordRecovery control and configure the appropriate settings.
Figure 12: MailDefinition Behavior
Once again, complete the necessary fields. One particular field I wish to draw your attention to is the BodyFileName. Here you can create a text file which will in turn contain the body of the email that will be sent to the user.
Listing 5: Example BodyFileName Text File
This is an automatically generated message. DO NOT REPLY TO THIS EMAIL.
You have created a new account at XYZ, and you may now log in.
Your username is:
UserName: <% UserName %>
Password: <% Password %>
To login, please visit:
http://www.xyz.net/Login.aspx?ReturnUrl=/Default.aspx
After logging in you may change you profile here:
http://www.xyz.net
Thanks,
Your Friendly Webmaster
For further details on the MailDefinition property, be sure to visit MSDN.
