mono/mcs/class/System.Web/System.Web.Security/ChangeLog

2009-01-12  Marek Habersack  <[email protected]>

	* MembershipUserCollection.cs: CopyTo overloads use store.Values
	as the copy source. Fixes bug #464783. Patch from Christian
	Prochnow <[email protected]>

2008-12-25 Gonzalo Paniagua Javier <[email protected]>

	* SqlRoleProvider.cs:
	* SqlMembershipProvider.cs: use IndexOf (char) instead of
	IndexOf (string).

2008-08-20  Marek Habersack  <[email protected]>

	* Membership.cs: implemented the HashAlgorithmType property. Fixes
	bug #418458

2008-06-30  Marek Habersack  <[email protected]>

	* SqliteMembershipProvider.cs, SqliteRoleProvider.cs: remove
	unused method

	* SqlRoleProvider.cs, AspNetDBSchemaChecker.cs: hush the warnings

2008-05-30  Marek Habersack  <[email protected]>

	* AnonymousIdentificationModule.cs, FormsAuthenticationModule.cs,
	DefaultAuthenticationModule.cs, MembershipProvider.cs,
	WindowsAuthenticationModule.cs, PassportAuthenticationModule.cs,
	RoleManagerModule.cs: do not use synthetized event accessors (to
	avoid locks).

2008-05-07  Marek Habersack  <[email protected]>

	* RolePrincipal.cs: fix:
		- Reloading the roles cache from the provider when expired
		- Update issue & expiry date for expired tickets
		- Incrementing the cookie expiry date
		- Obey Roles.MaxCachedResults
	  Fixes bug #385877. Patch from Ivan Hamilton
		<[email protected]>, thanks!

2008-03-10  Marek Habersack  <[email protected]>

	* RoleManagerModule.cs: initialize _config before adding event
	handlers and account for the fact that _config might still be null
	in the methods that use it.

2007-12-30  Vladimir Krasnov  <[email protected]>

	* SqliteMembershipProvider.cs, SqlRoleProvider.cs: added chema checking
	* added AspNetDBSchemaChecker.cs: schema checker helper class

2007-12-11  Vladimir Krasnov  <[email protected]>

	* Roles.cs: fixed Providers property to be thread safe

2007-12-08  Marek Habersack  <[email protected]>

	* SqliteRoleProvider.cs: added - a Role Provider for
	Sqlite, based on PostgreSQL Role Provider code from Daniel
	Nauck <[email protected]>

	* SqliteMembershipProvider.cs: added - a Membership Provider for
	Sqlite, based on PostgreSQL Membership Provider code from Daniel
	Nauck <[email protected]>

2007-11-28  Marek Habersack  <[email protected]>

	* SqlMembershipProvider.cs: handle situation when there is no
	connection string configured for the SQL Membership Provider.

2007-11-01  Marek Habersack  <[email protected]>

	* RolePrincipal.cs, MembershipProvider.cs: use the new
	MachineKeySectionUtils class wherever necessary.

	* FormsAuthentication.cs: use the new MachineKeySectionUtils class
	wherever necessary.
	GetHexString is a private method again.

2007-10-31  Marek Habersack  <[email protected]>

	* FormsAuthentication.cs: made GetHexString an internal method -
	it is used in the AssemblyResourceLoader.cs

2007-08-14  Marek Habersack  <[email protected]>

	* Roles.cs: remove unused field.

	* SqlMembershipProvider.cs: remove unused variable.

2007-08-13 Vladimir Krasnov <[email protected]>

	* SqlRoleProvider.cs: fixed ApplicationName initialization

2007-06-24 Vladimir Krasnov <[email protected]>

	* FormsAuthentication.cs: improved performance of GetHexString()

2007-05-17 Vladimir Krasnov <[email protected]>

	* SqlMembershipProvider.cs: fixed DeleteUser, fixed parameter name

2007-05-14 Igor Zelmanovich <[email protected]>

	* SqlMembershipProvider.cs: Fix parameter binding to stored procedures.

2007-05-09 Igor Zelmanovich <[email protected]>

	* PassportIdentity.cs:
	added MonoNotSupported attribute.	

2007-05-02  Marek Habersack  <[email protected]>

	* FormsAuthentication.cs: user names are stored in lowercase in
	the credentials database.

2007-04-29 Igor Zelmanovich <[email protected]>

	* FormsAuthenticationModule.cs: 
	Redirect to login page doesn't cause thread abort.	

2007-04-19 Igor Zelmanovich <[email protected]>

	* SqlMembershipProvider.cs:
	ChangePassword throws exception if new password has invalid format.	

2007-04-17 Igor Zelmanovich <[email protected]>

	* Membership.cs:
	* Roles.cs:
	if default provider was not found ConfigurationErrorsException is thrown.

2007-04-12  Marek Habersack  <[email protected]>

	* RoleManagerModule.cs: do not try to decrypt encryption tickets
	from cookies with empty values.

2007-04-04 Juraj Skripsky <[email protected]>

	* FormsAuthenticationModule.cs: Move initialization of _config out
	of Init() as app.Context is null in that method when a session is
	about to be terminated.

2007-03-21 Vladimir Krasnov <[email protected]>

	* AnonymousIdentificationModule.cs: optimized Config property

2007-03-21 Vladimir Krasnov <[email protected]>

	* AnonymousIdentificationModule.cs: added configuration section caching
	to AppDomain for TARGET_JVM
	* RoleManagerModule.cs:
	* UrlAuthorizationModule.cs:
	* FormsAuthenticationModule.cs: refactored configuration section to be
	a member of a class

2007-03-20  Marek Habersack  <[email protected]>

	* FormsAuthentication.cs, Roles.cs: remove roles cookie on sign
	out. Fixes bug #81195. Patch from Mike Morano <[email protected]>.

2007-03-12  Marek Habersack  <[email protected]>

	* RolePrincipal.cs: decrypt the roles ticket properly. Makes role
	caching in cookies work. Fixes bug #81117. Patch from Mike Morano
	<[email protected]>

2007-03-02  Marek Habersack  <[email protected]>

	* SqlMembershipProvider.cs: cast PasswordFormat to int, so that
	the parameter code can infer the sql type. Makes user creation,
	password reset etc. work.

2007-02-28  Andreia Gaita  <[email protected]>

	* SqlRoleProvider.cs: Fix parameter binding to stored procedures.
	* SqlMembershipProvider.cs: Fix parameter binding to stored procedures.
	CreateUser() doesn't use transactions in MS asp.net, so removed the 
	transaction calls.

2007-02-19 Vladimir Krasnov <[email protected]>

	* RoleManagerModule.cs: fixed role chaching in OnEndRequest and
	OnPostAuthenticateRequest
	* RolePrincipal.cs: implemented ToEncryptedTicket, implemented caching
	role functionality
	* Roles.cs: implemented DeleteCookie, fixed CookieProtectionValue to
	get it's value from configuration

2007-02-08  Marek Habersack  <[email protected]>

	* FormsAuthenticationModule.cs: Expire auth tickets properly.

	* MembershipProvider.cs: Do not clear the password before
	encrypting it. 

2007-01-20  Miguel de Icaza  <[email protected]>

	* SqlRoleProvider.cs: comment out unused code.

	* SqlMembershipProvider.cs: Removed unused variables.
	Remove unused variable.

	* AnonymousIdentificationModule.cs (ClearAnonymousIdentifier):
	remove unused variable.   This might be a real bug.

2007-01-16 Vladimir Krasnov <[email protected]>

	* RoleManagerModule.cs: fixed OnPostAuthenticateRequest,
	CacheRolesInCookie not supported yet
	* Roles.cs: fixed DeleteCookie, CacheRolesInCookie not supported yet

2007-01-11 Adar Wesley <[email protected]>

	* MembershipProvider.cs: fixed EncryptPassword to use password buffer length

2007-01-04 Vladimir Krasnov <[email protected]>

	* AnonymousIdentificationModule.cs: fixed OnEnter, fixed failure on
	incorrect cookie value that browser may hold

2006-12-27 Vladimir Krasnov <[email protected]>

	* FormsAuthentication.cs: added internal ReturnUrl property,
	GetRedirectUrl added usage of ReturnUrl

2006-12-12 Vladimir Krasnov <[email protected]>

	* FormsAuthentication.cs: TARGET_J2EE define for static members

2006-12-06 Vladimir Krasnov <[email protected]>

	* FormsAuthenticationModule.cs: fixed OnAuthenticateRequest, suppress
	exception on wrong ticket

2006-12-03 Igor Zelmanovich <[email protected]>

	* FormsAuthenticationModule.cs: 
	set SkipAuthorization=true for WebResource.axd

2006-11-27 Vladimir Krasnov <[email protected]>

	* SqlMembershipProvider.cs: typo bug

2006-11-21 Vladimir Krasnov <[email protected]>

	* SqlMembershipProvider.cs: fixed fixed exception type in GetPassword
	checks user lockout

2006-11-20 Igor Zelmanovich <[email protected]>

	* SqlMembershipProvider.cs: fixed: UpdateUser works properly.

2006-11-15 Igor Zelmanovich <[email protected]>

	* SqlMembershipProvider.cs: fixed: name is used for ReturnValue parameter.

2006-11-05 Vladimir Krasnov <[email protected]>

	* AnonymousIdentificationModule.cs: fixed anonymous id cookie

2006-11-05 Vladimir Krasnov <[email protected]>

	* MembershipProvider.cs, SqlMembershipProvider.cs:
	refactoring of DecryptPassword and EncryptPassword methods according
	to documentation

2006-09-10 Konstantin Triger <[email protected]>

	* SqlRoleProvider.cs: throw on empty connection string.

2006-09-26 Vladimir Krasnov <[email protected]>

	* Membership.cs: fixed GetAllUsers, typo bug
	* SqlRoleProvider.cs, SqlMembershipProvider.cs: refactored to use
	aspnetdb built in stored procedures,
	fixed application name and membership relation,
	improved exception handling

2006-09-03 Igor Zelmanovich <[email protected]>

	* RolePrincipal.cs: refactoring: instance can be serialized.

2006-09-03 Igor Zelmanovich <[email protected]>

	* SqlMembershipProvider.cs: fixed GetUser,
	when username is String.Empty methods returns null.

2006-08-31 Konstantin Triger <[email protected]>

	* SqlRoleProvider.cs: fixed initialization.

2006-08-31 Igor Zelmanovich <[email protected]>

	* SqlMembershipProvider.cs: fixed CreateUser,
	password is checked, properties MinRequiredPasswordLength and 
	MinRequiredNonAlphanumericCharacters are considered.

2006-08-29 Konstantin Triger <[email protected]>

        * SqlMembershipProvider.cs: fix dispose order of reader vs connection.

2006-08-28 Igor Zelmanovich <[email protected]>

	* SqlMembershipProvider.cs: fixed CreateUser, parameter isApproved is
		considered.

2006-08-28 Konstantin Triger <[email protected]>

	* SqlMembershipProvider.cs: ensure GetUser() returns null if it cannot
		retrieve user information.

2006-08-28 Konstantin Triger <[email protected]>

	* SqlRoleProvider.cs, SqlMembershipProvider.cs:
		"use SqlClientFactory in case the ProviderName is not specified.

2006-08-27 Konstantin Triger <[email protected]>

	* SqlRoleProvider.cs: enable concurrent usage, refactoring.

2006-08-27 Konstantin Triger <[email protected]>

	* SqlMembershipProvider.cs: enable concurrent usage, refactoring.

2006-08-27 Vladimir Krasnov <[email protected]>

	* SqlMembershipProvider.cs: fixed ValidateUser, bug when user
	not exists

2006-08-14 Gonzalo Paniagua Javier <[email protected]>

	* FormsAuthentication.cs: set the Secure attribute of the authentication
	cookie when required.

2006-07-06	Konstantin Triger <[email protected]>

	* FormsAuthentication.cs: Ensure initialized, fix url mapping.

2006-05-03  Chris Toshok  <[email protected]>

	* SqlMembershipProvider.cs (GetAlg): move this here for the time
	being, as it's the only class that uses it.
	(HashAndBase64Encode): nuke.
	(EncryptAndBase64Encode): nuke.
	(Base64DecodeAndDecrypt): nuke.
	(DecryptPassword): new function.
	(EncryptPassword): new function.
	(ChangePassword): replace the switch with a call to
	EncodePassword.
	(ChangePasswordQuestionAndAnswer): same.
	(CreateUser): same.
	(ResetPassword): same.
	(ValidateUsingPassword): same.
	(ValidateUsingPasswordAnswer): same.
	(GetPassword): same, and throw MembershipPasswordException if the
	password answer is incorrect.

	* MembershipProvider.cs (InitVector): nuke this.  it's actually
	the salt from the database (for the sql provider, anyway).
	(EncodePassword): based on the password format, password, and
	salt, encode it.  Makes use of EncryptPassword.
	(DecodePassword): likewise for decoding, makes use of
	DecryptPassword.
	(DecryptPassword): revert this to throwing
	NotImplementedException, as the sql provideroverrides it to
	perform the actual decryption.
	(EncryptPassword): same.

2006-05-02  Chris Toshok  <[email protected]>

	* SqlMembershipProvider.cs: 85% complete, maybe more.  The major
	functionality should work.  Password retrieval (and encrypted
	passwords in general) is untested.

2006-05-01  Chris Toshok  <[email protected]>

	* Membership.cs (GeneratePassword): don't include quotes (',",`)
	in the set of characters in the generated passwords.

2006-05-01  Chris Toshok  <[email protected]>

	* MembershipProvider.cs (GetAlg): switch from Exception to
	ProviderException to match MS behavior (and fix the unit test.)

	* Membership.cs (GeneratePassword): implement.

2006-05-01  Chris Toshok  <[email protected]>

	* SqlMembershipProvider.cs: lots more work.  checking this in in
	its present state because I don't want to lose it.  It still needs
	work.
	
	* Membership.cs (.cctor): remove the fallback.
	(ValidatingPassword): remove the MonoTODO.

	* MembershipProvider.cs (DecryptPassword): implement.
	(EncryptPassword): implement.
	(GetAlg): helper function for Decrypt/EncryptPassword.
	(InitVector): same.

2006-04-27  Chris Toshok  <[email protected]>

	* SqlMembershipProvider.cs (GeneratePassword): call
	Membership.GeneratePassword with the configured minimum strength
	requirements.

2006-04-27  Chris Toshok  <[email protected]>

	* SqlMembershipProvider.cs (UnlockUser): fix sql query, and move
	the CheckPararm call to the top of the method.

2006-04-12  Chris Toshok  <[email protected]>

	* SqlMembershipProvider.cs: commit initial pass at
	SqlMembershipProvider work.  lots of stuff untested in here.

2006-04-11  Chris Toshok  <[email protected]>

	* MembershipUser.cs (.ctor): per Shackow's book, all DateTime's
	are converted using ToUniversalTime when passed into this class.
	(UpdateSelf): update ourselves from the passed in MembershipUser,
	swallowing NotSupportedExceptions.
	(UpdateUser): fetch a new MembershipUser from the db and call
	UpdateSelf with it.
	(ChangePassword): call UpdateUser after changing the password.
	(ChangePasswordQuestionAndAnswer): same.
	(ResetPassword): same.
	(UnlockUser): same.  Also, don't explicitly set isLockedOut.
	It'll be updated in UpdateSelf.
	(CreationDate): getter calls ToLocalTime, setter calls
	ToUniversalTime.
	(LastActivityDate): same.
	(LastLoginDate): same.
	(LastPasswordChangedDate): same.
	(LastLockoutDate): same.
	
	* Membership.cs (.cctor): use
	ProvidersHelper.InstantitateProviders, and remove some unnecessary
	#if NET_2_0's.

2006-03-29  Chris Toshok  <[email protected]>

	* SqlRoleProvider.cs: do the LOWER's in SQL, not in C#.

2006-03-23  Chris Toshok  <[email protected]>

	* Roles.cs: make this 2.0 configuration aware.

	* SqlRoleProvider.cs: flesh out all the operations.  the only
	things that need dealing with are the Initialize method's handling
	of a few parameters, and the ApplicationName property.

2006-03-23  Chris Toshok  <[email protected]>

	* DefaultAuthenticationModule.cs (OnDefaultAuthentication): always
	set Thread.CurrentPrincipal, not just if we set it to the
	GenericPrincipal.

2006-03-22  Chris Toshok  <[email protected]>

	* RoleManagerModule.cs: implement using info in Shackow's book.

	* RolePrincipal.cs: flesh this out a bit more.

	* DefaultAuthenticationModule.cs (OnDefaultAuthentication):
	according to Shackow's book, this sets Thread.CurrentPrincipal as
	well as HttpContext.Current.User.

2006-02-28  Chris Toshok  <[email protected]>

	* FormsAuthentication.cs: corcompare work.

	* MembershipCreateUserException.cs: same.

	* MembershipPasswordException.cs: same.

	* AnonymousIdentificationModule.cs: same.

2006-02-01  Chris Toshok  <[email protected]>

	* FormsAuthentication.cs, Membership.cs,
	FormsAuthenticationModule.cs, UrlAuthorizationModule.cs: oops,
	replace GetWebApplicationSection with GetSection.
	
2006-02-01  Chris Toshok  <[email protected]>

	* FormsAuthentication.cs: CONFIGURATION_2_0 => NET_2_0.
	simplifies the ifdef mess quite a bit.

	* Membership.cs: same.

	* FormsAuthenticationModule.cs: same.

	* UrlAuthorizationModule.cs: same.

2006-01-04  Chris Toshok  <[email protected]>

	* FormsAuthentication.cs (Authenticate): add CONFIGURATION_2_0
	code.
	(Decrypt2): same.
	(Decrypt): same.
	(Encrypt): same.
	(Initialize): same.

2006-01-04  Chris Toshok  <[email protected]>

	* Membership.cs (.cctor): enable the code here under
	CONFIGURATION_2_0.

2006-01-03  Chris Toshok  <[email protected]>

	* UrlAuthorizationModule.cs (OnAuthorizeRequest): add
	CONFIGURATION_2_0 code here.

2005-12-22 Gonzalo Paniagua Javier <[email protected]>

	* FormsAuthentication.cs: don't end the request in
	RedirectFromLoginPage.

2005-12-22 Gonzalo Paniagua Javier <[email protected]>

	* FormsAuthenticationModule.cs: expire the cookie. Fixes bug #77043.
	Patch by Cyrille Colin.

2005-12-13 Gonzalo Paniagua Javier <[email protected]>

	* FormsAuthenticationModule.cs: ignore any exception thrown when mapping
	the provided virtual path to the physical one. Patch by Cyrille Colin.

2005-11-28  Chris Toshok  <[email protected]>

	* FormsAuthenticationModule.cs (OnAuthenticateRequest):
	CONFIGURATION_2_0 work.
	(OnEndRequest): same.

2005-09-09  Sebastien Pouliot  <[email protected]>

	* DefaultAuthenticationEventArgs.cs: Added LinkDemand for Minimal.
	* DefaultAuthenticationModule.cs: Added LinkDemand for Minimal. Added
	Demand for UnmanagedCode on constructor.
	* FileAuthorizationModule.cs: Added LinkDemand for Minimal. Added 
	Demand for UnmanagedCode on constructor.
	* FormsAuthentication.cs: Added LinkDemand for Minimal.
	* FormsAuthenticationEventArgs.cs: Added LinkDemand for Minimal.
	* FormsAuthenticationModule.cs: Added LinkDemand for Minimal. Added 
	Demand for UnmanagedCode on constructor.
	* FormsAuthenticationTicket.cs: Added LinkDemand for Minimal.
	* FormsIdentity.cs: Added LinkDemand for Minimal.
	* PassportAuthenticationEventArgs.cs: Added LinkDemand for Minimal.
	* PassportAuthenticationModule.cs: Added LinkDemand for Minimal. Added
	Demand for UnmanagedCode on constructor.
	* PassportIdentity.cs: Added LinkDemand for Minimal. Added Demand for
	UnmanagedCode on constructor.
	* UrlAuthorizationModule.cs: Added LinkDemand for Minimal. Added 
	Demand for UnmanagedCode on constructor.
	* WindowsAuthenticationEventArgs.cs: Added LinkDemand for Minimal.
	* WindowsAuthenticationModule.cs: Added LinkDemand for Minimal. Added
	Demand for UnmanagedCode on constructor.

2005-09-01  Sebastien Pouliot  <[email protected]>

	* FormsAuthenticationEventArgs.cs: Ensure the setter for User is 
	protected by a demand for ControlPrincipal.
	* PassportAuthenticationEventArgs.cs: Ensure the setter for User is
	protected by a demand for ControlPrincipal.
	* WindowsAuthenticationEventArgs.cs: Ensure the setter for User is 
	protected by a demand for ControlPrincipal.

2005-08-25  Sebastien Pouliot  <[email protected]> 
 
	* FormsAuthentication.cs: With 2.0 we can get the default properties 
	and call Initialize without a NRE.

2005-08-25  Sebastien Pouliot  <[email protected]>

	* ActiveDirectoryConnectionProtection.cs: New (2.0) enum.
	* ActiveDirectoryMembershipProvider.cs: Fixed 2.0 API.
	* AnonymousIdentificationEventArgs.cs: Fixed AnonymousID property case.
	* AnonymousIdentificationModule.cs: Fixed 2.0 API.
	* FileAuthorizationModule.cs: Added static CheckFileAccessForUser in 
	2.0 profile (TODO).
	* FormsAuthentication.cs: Added missing 2.0 properties with their 
	default values.
	* MembershipCreateStatus.cs: Fixed enum values/names.
	* MembershipProvider.cs: Added stub for [Decrypt|Encrypt]Password. Both
	methods don't seems to work without an active provider.
	* PassportIdentity.cs: Added IDispose for 2.0 profile.
	* Roles.cs: Added missing beta2 bits and default values (which are the
	only things working without a role provider (web.config).
	* RolePrincipal.cs: Fixed 2.0 API. Implemented a few bits.
	* SqlRoleProvider.cs: Fixed 2.0 API.
	* UrlAuthorizationModule.cs: Added static CheckUrlAccessForPrincipal in
	2.0 profile (TODO).

2005-08-24  Sebastien Pouliot  <[email protected]>

	* MembershipUserCollection.cs: Fix exceptions.

2005-08-22  Sebastien Pouliot  <[email protected]>

	* FormsAuthentication.cs: Add some 2.0 stuff required for Login* 
	controls to compile.

2005-08-18  Sebastien Pouliot  <[email protected]>

	* Membership.cs: Commented unworking parts of the .cctor to allow 
	testing the Login control.
	* MembershipProviderCollection.cs: Fixed exception handling.
	* SqlMembershipProvider.cs: Don't throw NotImplementedException 
	everywhere so Membership's .cctor (somewhat) works. Removed 
	Description property (not in beta2).

2005-07-28 Gonzalo Paniagua Javier <[email protected]>

	* FormsAuthentication.cs: allow hardware acceleration support if
	available. Sebastien dixit.

2005-07-26 Gonzalo Paniagua Javier <[email protected]>

	* FormsAuthentication.cs: the init_vector must be the same accross
	restarts, otherwise the cookie does not work even when a decryption
	key is provided. Initialize it to the bytes of the cookie name. Fixes
	bug #75635.

2005-07-25  Eyal Alaluf <[email protected]>

	* FormsAuthenticationModule.cs: Check for null config

2005-07-25  Miguel de Icaza  <[email protected]>

	* FormsAuthentication.cs (SignOut): Force the cookie to have it
	expire in the past.

2005-07-25 Gonzalo Paniagua Javier <[email protected]>

	* FormsAuthentication.cs: my previous patch missed a "small" detail: it
	didn't include the verification key when computing/checking the
	validation hash. Now this is really a MAC or HMAC or...

2005-07-25 Gonzalo Paniagua Javier <[email protected]>

	* FormsAuthentication.cs:
	* FormsAuthenticationTicket.cs: added support for validation and
	encryption of the auth. cookie and improved serialization of the ticket.

2005-07-01  Lluis Sanchez Gual <[email protected]>

	* Membership.cs: Read provider info from the config file.

2005-06-10 Lluis Sanchez Gual <[email protected]>

	* MembershipUserCollection.cs:
	* MembershipPasswordException.cs:
	* RoleProviderCollection.cs:
	* ActiveDirectoryMembershipProvider.cs:
	* SqlMembershipProvider.cs:
	* MembershipProvider.cs:
	* SqlRoleProvider.cs:
	* Membership.cs:
	* MembershipUser.cs:
	* MembershipProviderCollection.cs:
	* Roles.cs:.
	* RoleProvider.cs: Track api changes in ASP.NET 2.0. Implemented
	some missing methods.
	
	* AccessRoleProvider.cs:
	* AccessMembershipProvider.cs: Removed.
	
	* MembershipCreateUserException.cs:
	* MembershipValidatePasswordEventHandler.cs:
	* ValidatePasswordEventArgs.cs: Implemented.

2005-05-21  Sebastien Pouliot  <[email protected]>

	* FormsAuthentication.cs: Hash the UTF8 representation of the password
	strings (to be compatible with Microsoft implementation).

2005-04-20 Gonzalo Paniagua Javier <[email protected]>

	* FormsAuthentication.cs:
	* PassportAuthenticationModule.cs:
	* WindowsAuthenticationModule.cs: removed warnings.

2005-03-11 Gonzalo Paniagua Javier <[email protected]>

	* FormsAuthenticationModule.cs: fix for bug 73545, which caused
	authentication not to work when the cookie was not persistent.
	Patch by Ilya Kharmatsky (Mainsoft).

2005-02-23 Gonzalo Paniagua Javier <[email protected]>

	* FormsAuthentication.cs: make the string to be stored in a config.
	file uppercase... See bug #72557.

2005-02-06 Gonzalo Paniagua Javier <[email protected]>

	* FormsAuthentication.cs: fixed typo when getting the hash for the 
	password in SHA1 and MD5. Thanks to Tadas Dailyda.
	Lock on a static object instead of typeof(FormsAuthentication).

2004-11-18 Lluis Sanchez Gual <[email protected]>

	* RoleProvider.cs, Roles.cs, SqlRoleProvider.cs, RoleProviderCollection.cs,
	AccessRoleProvider.cs: IRoleProvider has been renamed to ProviderBase.
	* IMembershipProvider.cs: Deleted.
	* MembershipProvider.cs, AccessMembershipProvider.cs, MembershipUser.cs,
	Membership.cs, ADMembershipProvider.cs, SqlMembershipProvider.cs
	MembershipProviderCollection.cs: MembershipProvider has been deleted
	and replaced by the abstract class MembershipProvider.
	* MembershipProviderCollection.cs: Minor fixes.
	* ADMembershipProvider.cs: Renamed to ActiveDirectoryMembershipProvider.cs.

2004-11-15 Lluis Sanchez Gual <[email protected]>

	* RoleProviderCollection.cs, MembershipProviderCollection.cs: 
	Fixed warnings.

2004-08-23 Gonzalo Paniagua Javier <[email protected]>

	* FormsAuthentication.cs: patch by Jim Pease to fix the date on renewal.

2004-08-22 Gonzalo Paniagua Javier <[email protected]>

	* FormsAuthenticationModule.cs: don't renew expired cookies. Only renew
	the cookie if SlidingExpiration is set. Thanks to Jim Pease.

2004-08-03  Sanjay Gupta <[email protected]>

	* MembershipSortOptions.cs:
	* MembershipPasswordFormat.cs:
	* MembershipOnlineStatus.cs:
	* MembershipCreateStatus.cs:
	* CookieProtection.cs: minor modifications.

2004-06-12  Pedro Martnez Juli  <[email protected]>

	* FormsAuthentication.cs: Undo last change.

2004-06-12  Pedro Martnez Juli  <[email protected]>

	* FormsAuthentication.cs: go to loginUrl from web.config settings
	before try with the default ones.

2004-06-11  Gonzalo Paniagua Javier <[email protected]>

	* DefaultAuthenticationModule.cs: set the IPrincipal for this thread
	once we have a user. Fixes bug #59683.

2004-04-21  Gonzalo Paniagua Javier <[email protected]>

	* FormsAuthenticationModule.cs: re-read configuration files if needed
	when determining if forms auth. is used.

2004-01-23  Gonzalo Paniagua Javier <[email protected]>

	* FormsAuthentication.cs: added RequireSSL and SlidingExpiration.

2004-01-11  Andreas Nahr <[email protected]>

	* PassportIdentity.cs: Added v 1.1 members

2003-11-25 Ben Maurer  <[email protected]>
	
	* AccessMembershipProvider.cs: New v2 file
	* AccessRoleProvider.cs: New v2 file
	* ADMembershipProvider.cs: New v2 file
	* AnonymousIdentificationEventArgs.cs: New v2 file
	* AnonymousIdentificationEventHandler.cs: New v2 file
	* AnonymousIdentificationModule.cs: New v2 file
	* CookieProtection.cs: New v2 file
	* IMembershipProvider.cs: New v2 file
	* IRoleProvider.cs: New v2 file
	* Membership.cs: New v2 file
	* MembershipCreateStatus.cs: New v2 file
	* MembershipCreateUserException.cs: New v2 file
	* MembershipOnlineStatus.cs: New v2 file
	* MembershipPasswordException.cs: New v2 file
	* MembershipPasswordFormat.cs: New v2 file
	* MembershipProviderCollection.cs: New v2 file
	* MembershipSortOptions.cs: New v2 file
	* MembershipUser.cs: New v2 file
	* MembershipUserCollection.cs: New v2 file
	* RoleManagerEventArgs.cs: New v2 file
	* RoleManagerEventHandler.cs: New v2 file
	* RoleManagerModule.cs: New v2 file
	* RolePrincipal.cs: New v2 file
	* RoleProviderCollection.cs: New v2 file
	* Roles.cs: New v2 file
	* SqlMembershipProvider.cs: New v2 file
	* SqlRoleProvider.cs: New v2 file

2003-11-05  Gonzalo Paniagua Javier <[email protected]>

	* FormsAuthentication.cs: encoding updates.

2003-10-04  Gonzalo Paniagua Javier <[email protected]>

	* FormsAuthenticationModule.cs: fixed for applications other than /.

2003-08-27  Gonzalo Paniagua Javier <[email protected]>

	* UrlAuthorizationModule.cs: fixed description for status code.

2003-07-31  Gonzalo Paniagua Javier <[email protected]>

	* FormsAuthenticationModule.cs: really renew the ticket. Thanks to
	Jens Thiel <[email protected]>.

2003-02-13  Gonzalo Paniagua Javier <[email protected]>

	* UrlAuthorizationModule.cs: tell the application not to run any other
	step apart from EndRequest.

2003-02-12  Gonzalo Paniagua Javier <[email protected]>

	* FormsAuthentication.cs: implemented RedirectFromLoginPage and
	GetRedirectUrl.
	
	* FormsAuthenticationModule.cs: redirect to the login page when a 401
	error happens.

	* UrlAuthorizationModule.cs: check for valid user or render error page.

2003-01-04  Gonzalo Paniagua Javier <[email protected]>

	* DefaultAuthenticationModule.cs: implemented. It just create a default 
	unauthenticated user when no one else provided one.

	* FormsAuthenticationModule.cs: removed debug output.

2002-12-20  Gonzalo Paniagua Javier <[email protected]>

	* FormsAuthenticationModule.cs: remove debug lines.

2002-12-19  Gonzalo Paniagua Javier <[email protected]>

	* FormsAuthentication.cs: return a null ticket when an exception is
	thrown creating it. Implemented RenewTicketIfOld.

	* FormsAuthenticationModule.cs: implemented event handlers for
	AuthenticateRequest and EndRequest.

	* FormsAuthenticationTicket.cs: implemented SetDates and Clone methods.

2002-12-18  Gonzalo Paniagua Javier <[email protected]>

	* FormsAuthentication.cs: implemented GetAuthCookie, SetAuthCookie,
	SignOut, FormsCookieName and FormsCookiePath.

2002-12-17  Gonzalo Paniagua Javier <[email protected]>

	* FormsAuthentication.cs: implemented Authenticate, unencrypted Encrypt
	and Decrypt, HashPasswordForStoringInConfigFile and Initialize.

	* FormsAuthenticationTicket.cs: set cookiePath to the default when no
	other provided.

2002-08-26  Gonzalo Paniagua Javier <[email protected]>

	* DefaultAuthenticationEventHandler.cs:
	* DefaultAuthenticationModule.cs:
	* FileAuthorizationModule.cs:
	* FormsAuthentication.cs:
	* FormsAuthenticationEventArgs.cs:
	* FormsAuthenticationEventHandler.cs:
	* FormsAuthenticationModule.cs:
	* FormsAuthenticationTicket.cs:
	* FormsIdentity.cs:
	* PassportAuthenticationEventArgs.cs:
	* PassportAuthenticationEventHandler.cs:
	* PassportAuthenticationModule.cs:
	* PassportIdentity.cs:
	* UrlAuthorizationModule.cs:
	* WindowsAuthenticationEventArgs.cs:
	* WindowsAuthenticationEventHandler.cs:
	* WindowsAuthenticationModule.cs: new files. Some of them implemented,
	some others stubbed out.

2002-06-03  Gonzalo Paniagua Javier <[email protected]>

	* DefaultAuthenticationEventArgs.cs: added file.