«

I have just started with ASP.NET 2.0 using VS.NET 2005 with SQL 2005. I have
installed the aspnetdb and I am trying to setup a Logon page with a test
user. When I tried to create the test user in the WAT I found that the
password was not accepted because it did not contain a non-alphanumeric
character. My users will resist using extremely strong passwords. Many will
not understand the concept. Therefore, I need to set this to zero. How can
I do this?

I have a reference that points me to the application web.config file but
this seems to apply to a custom membership provider. I do not need to a
custom provider. I only want to avoid requiring non-alphanumeric characters
in passwords. Later, I may want to setup my own regular expression as well.

Thanks for any guidance on this.

Hi,

look at the <membership> element in machine.config - you can configure that
there machine wide - otherwise copy the config element to your local web.config.

---------------------------------------
Dominick Baier - DevelopMentor
http://www.leastprivilege.com

> I have just started with ASP.NET 2.0 using VS.NET 2005 with SQL 2005.
> I have installed the aspnetdb and I am trying to setup a Logon page
> with a test user. When I tried to create the test user in the WAT I
> found that the password was not accepted because it did not contain a
> non-alphanumeric character. My users will resist using extremely
> strong passwords. Many will not understand the concept. Therefore, I
> need to set this to zero. How can I do this?
>
> I have a reference that points me to the application web.config file
> but this seems to apply to a custom membership provider. I do not
> need to a custom provider. I only want to avoid requiring
> non-alphanumeric characters in passwords. Later, I may want to setup
> my own regular expression as well.
>
> Thanks for any guidance on this.
>

I assume that copying this element to the application web.config and
modifying attributes will safely override for the app. only. The app is
being deployed to a shared server, so I cannot do anything to the
machine.config.

"Dominick Baier [DevelopMentor]" wrote:

> Hi,
>
> look at the <membership> element in machine.config - you can configure that
> there machine wide - otherwise copy the config element to your local web.config.
>
> ---------------------------------------
> Dominick Baier - DevelopMentor
> http://www.leastprivilege.com
>
> > I have just started with ASP.NET 2.0 using VS.NET 2005 with SQL 2005.
> > I have installed the aspnetdb and I am trying to setup a Logon page
> > with a test user. When I tried to create the test user in the WAT I
> > found that the password was not accepted because it did not contain a
> > non-alphanumeric character. My users will resist using extremely
> > strong passwords. Many will not understand the concept. Therefore, I
> > need to set this to zero. How can I do this?
> >
> > I have a reference that points me to the application web.config file
> > but this seems to apply to a custom membership provider. I do not
> > need to a custom provider. I only want to avoid requiring
> > non-alphanumeric characters in passwords. Later, I may want to setup
> > my own regular expression as well.
> >
> > Thanks for any guidance on this.
> >
>
>
>

Hi,

just give the provider a new name or add a <clear /> element to the <providers>
section - otherwise you'll have a naming conflict.
---------------------------------------
Dominick Baier - DevelopMentor
http://www.leastprivilege.com

> I assume that copying this element to the application web.config and
> modifying attributes will safely override for the app. only. The app
> is being deployed to a shared server, so I cannot do anything to the
> machine.config.
>
> "Dominick Baier [DevelopMentor]" wrote:
>
>> Hi,
>>
>> look at the <membership> element in machine.config - you can
>> configure that there machine wide - otherwise copy the config element
>> to your local web.config.
>>
>> ---------------------------------------
>> Dominick Baier - DevelopMentor
>> http://www.leastprivilege.com
>>> I have just started with ASP.NET 2.0 using VS.NET 2005 with SQL
>>> 2005. I have installed the aspnetdb and I am trying to setup a Logon
>>> page with a test user. When I tried to create the test user in the
>>> WAT I found that the password was not accepted because it did not
>>> contain a non-alphanumeric character. My users will resist using
>>> extremely strong passwords. Many will not understand the concept.
>>> Therefore, I need to set this to zero. How can I do this?
>>>
>>> I have a reference that points me to the application web.config file
>>> but this seems to apply to a custom membership provider. I do not
>>> need to a custom provider. I only want to avoid requiring
>>> non-alphanumeric characters in passwords. Later, I may want to
>>> setup my own regular expression as well.
>>>
>>> Thanks for any guidance on this.
>>>

Basically, this requires a custom provider. By copying from the
machine.config I am saving some time/effort in doing so.

"Dominick Baier [DevelopMentor]" wrote:

> Hi,
>
> just give the provider a new name or add a <clear /> element to the <providers>
> section - otherwise you'll have a naming conflict.
> ---------------------------------------
> Dominick Baier - DevelopMentor
> http://www.leastprivilege.com
>
> > I assume that copying this element to the application web.config and
> > modifying attributes will safely override for the app. only. The app
> > is being deployed to a shared server, so I cannot do anything to the
> > machine.config.
> >
> > "Dominick Baier [DevelopMentor]" wrote:
> >
> >> Hi,
> >>
> >> look at the <membership> element in machine.config - you can
> >> configure that there machine wide - otherwise copy the config element
> >> to your local web.config.
> >>
> >> ---------------------------------------
> >> Dominick Baier - DevelopMentor
> >> http://www.leastprivilege.com
> >>> I have just started with ASP.NET 2.0 using VS.NET 2005 with SQL
> >>> 2005. I have installed the aspnetdb and I am trying to setup a Logon
> >>> page with a test user. When I tried to create the test user in the
> >>> WAT I found that the password was not accepted because it did not
> >>> contain a non-alphanumeric character. My users will resist using
> >>> extremely strong passwords. Many will not understand the concept.
> >>> Therefore, I need to set this to zero. How can I do this?
> >>>
> >>> I have a reference that points me to the application web.config file
> >>> but this seems to apply to a custom membership provider. I do not
> >>> need to a custom provider. I only want to avoid requiring
> >>> non-alphanumeric characters in passwords. Later, I may want to
> >>> setup my own regular expression as well.
> >>>
> >>> Thanks for any guidance on this.
> >>>
>
>
>

hi,

this does NOT require a custom provider - just configure the existing one
appropriately.

---------------------------------------
Dominick Baier - DevelopMentor
http://www.leastprivilege.com

> Basically, this requires a custom provider. By copying from the
> machine.config I am saving some time/effort in doing so.
>
> "Dominick Baier [DevelopMentor]" wrote:
>
>> Hi,
>>
>> just give the provider a new name or add a <clear /> element to the
>> <providers>
>> section - otherwise you'll have a naming conflict.
>> ---------------------------------------
>> Dominick Baier - DevelopMentor
>> http://www.leastprivilege.com
>>> I assume that copying this element to the application web.config and
>>> modifying attributes will safely override for the app. only. The
>>> app is being deployed to a shared server, so I cannot do anything to
>>> the machine.config.
>>>
>>> "Dominick Baier [DevelopMentor]" wrote:
>>>
>>>> Hi,
>>>>
>>>> look at the <membership> element in machine.config - you can
>>>> configure that there machine wide - otherwise copy the config
>>>> element to your local web.config.
>>>>
>>>> ---------------------------------------
>>>> Dominick Baier - DevelopMentor
>>>> http://www.leastprivilege.com
>>>>> I have just started with ASP.NET 2.0 using VS.NET 2005 with SQL
>>>>> 2005. I have installed the aspnetdb and I am trying to setup a
>>>>> Logon page with a test user. When I tried to create the test user
>>>>> in the WAT I found that the password was not accepted because it
>>>>> did not contain a non-alphanumeric character. My users will
>>>>> resist using extremely strong passwords. Many will not understand
>>>>> the concept. Therefore, I need to set this to zero. How can I do
>>>>> this?
>>>>>
>>>>> I have a reference that points me to the application web.config
>>>>> file but this seems to apply to a custom membership provider. I
>>>>> do not need to a custom provider. I only want to avoid requiring
>>>>> non-alphanumeric characters in passwords. Later, I may want to
>>>>> setup my own regular expression as well.
>>>>>
>>>>> Thanks for any guidance on this.
>>>>>

I am a little confused. I wil be deploying the site to a hosted/shared web
server. I will not be able to make changes to the machine.config for obvious
reasons. If I modify the existing provider in my app, do the changes apply
only to my app? Honestly, this is an area where I have very little experience.

"Dominick Baier [DevelopMentor]" wrote:

> hi,
>
> this does NOT require a custom provider - just configure the existing one
> appropriately.
>
> ---------------------------------------
> Dominick Baier - DevelopMentor
> http://www.leastprivilege.com
>
> > Basically, this requires a custom provider. By copying from the
> > machine.config I am saving some time/effort in doing so.
> >
> > "Dominick Baier [DevelopMentor]" wrote:
> >
> >> Hi,
> >>
> >> just give the provider a new name or add a <clear /> element to the
> >> <providers>
> >> section - otherwise you'll have a naming conflict.
> >> ---------------------------------------
> >> Dominick Baier - DevelopMentor
> >> http://www.leastprivilege.com
> >>> I assume that copying this element to the application web.config and
> >>> modifying attributes will safely override for the app. only. The
> >>> app is being deployed to a shared server, so I cannot do anything to
> >>> the machine.config.
> >>>
> >>> "Dominick Baier [DevelopMentor]" wrote:
> >>>
> >>>> Hi,
> >>>>
> >>>> look at the <membership> element in machine.config - you can
> >>>> configure that there machine wide - otherwise copy the config
> >>>> element to your local web.config.
> >>>>
> >>>> ---------------------------------------
> >>>> Dominick Baier - DevelopMentor
> >>>> http://www.leastprivilege.com
> >>>>> I have just started with ASP.NET 2.0 using VS.NET 2005 with SQL
> >>>>> 2005. I have installed the aspnetdb and I am trying to setup a
> >>>>> Logon page with a test user. When I tried to create the test user
> >>>>> in the WAT I found that the password was not accepted because it
> >>>>> did not contain a non-alphanumeric character. My users will
> >>>>> resist using extremely strong passwords. Many will not understand
> >>>>> the concept. Therefore, I need to set this to zero. How can I do
> >>>>> this?
> >>>>>
> >>>>> I have a reference that points me to the application web.config
> >>>>> file but this seems to apply to a custom membership provider. I
> >>>>> do not need to a custom provider. I only want to avoid requiring
> >>>>> non-alphanumeric characters in passwords. Later, I may want to
> >>>>> setup my own regular expression as well.
> >>>>>
> >>>>> Thanks for any guidance on this.
> >>>>>
>
>
>

hi,

yep - if you configure the provider in you local web.config - this will only
apply to your app.

---------------------------------------
Dominick Baier - DevelopMentor
http://www.leastprivilege.com

> I am a little confused. I wil be deploying the site to a
> hosted/shared web server. I will not be able to make changes to the
> machine.config for obvious reasons. If I modify the existing provider
> in my app, do the changes apply only to my app? Honestly, this is an
> area where I have very little experience.
>
> "Dominick Baier [DevelopMentor]" wrote:
>
>> hi,
>>
>> this does NOT require a custom provider - just configure the existing
>> one appropriately.
>>
>> ---------------------------------------
>> Dominick Baier - DevelopMentor
>> http://www.leastprivilege.com
>>> Basically, this requires a custom provider. By copying from the
>>> machine.config I am saving some time/effort in doing so.
>>>
>>> "Dominick Baier [DevelopMentor]" wrote:
>>>
>>>> Hi,
>>>>
>>>> just give the provider a new name or add a <clear /> element to the
>>>> <providers>
>>>> section - otherwise you'll have a naming conflict.
>>>> ---------------------------------------
>>>> Dominick Baier - DevelopMentor
>>>> http://www.leastprivilege.com
>>>>> I assume that copying this element to the application web.config
>>>>> and modifying attributes will safely override for the app. only.
>>>>> The app is being deployed to a shared server, so I cannot do
>>>>> anything to the machine.config.
>>>>>
>>>>> "Dominick Baier [DevelopMentor]" wrote:
>>>>>
>>>>>> Hi,
>>>>>>
>>>>>> look at the <membership> element in machine.config - you can
>>>>>> configure that there machine wide - otherwise copy the config
>>>>>> element to your local web.config.
>>>>>>
>>>>>> ---------------------------------------
>>>>>> Dominick Baier - DevelopMentor
>>>>>> http://www.leastprivilege.com
>>>>>>> I have just started with ASP.NET 2.0 using VS.NET 2005 with SQL
>>>>>>> 2005. I have installed the aspnetdb and I am trying to setup a
>>>>>>> Logon page with a test user. When I tried to create the test
>>>>>>> user in the WAT I found that the password was not accepted
>>>>>>> because it did not contain a non-alphanumeric character. My
>>>>>>> users will resist using extremely strong passwords. Many will
>>>>>>> not understand the concept. Therefore, I need to set this to
>>>>>>> zero. How can I do this?
>>>>>>>
>>>>>>> I have a reference that points me to the application web.config
>>>>>>> file but this seems to apply to a custom membership provider. I
>>>>>>> do not need to a custom provider. I only want to avoid
>>>>>>> requiring non-alphanumeric characters in passwords. Later, I
>>>>>>> may want to setup my own regular expression as well.
>>>>>>>
>>>>>>> Thanks for any guidance on this.
>>>>>>>

Thanks. I'll see how it goes.

"Dominick Baier [DevelopMentor]" wrote:

> hi,
>
> yep - if you configure the provider in you local web.config - this will only
> apply to your app.
>
> ---------------------------------------
> Dominick Baier - DevelopMentor
> http://www.leastprivilege.com
>
> > I am a little confused. I wil be deploying the site to a
> > hosted/shared web server. I will not be able to make changes to the
> > machine.config for obvious reasons. If I modify the existing provider
> > in my app, do the changes apply only to my app? Honestly, this is an
> > area where I have very little experience.
> >
> > "Dominick Baier [DevelopMentor]" wrote:
> >
> >> hi,
> >>
> >> this does NOT require a custom provider - just configure the existing
> >> one appropriately.
> >>
> >> ---------------------------------------
> >> Dominick Baier - DevelopMentor
> >> http://www.leastprivilege.com
> >>> Basically, this requires a custom provider. By copying from the
> >>> machine.config I am saving some time/effort in doing so.
> >>>
> >>> "Dominick Baier [DevelopMentor]" wrote:
> >>>
> >>>> Hi,
> >>>>
> >>>> just give the provider a new name or add a <clear /> element to the
> >>>> <providers>
> >>>> section - otherwise you'll have a naming conflict.
> >>>> ---------------------------------------
> >>>> Dominick Baier - DevelopMentor
> >>>> http://www.leastprivilege.com
> >>>>> I assume that copying this element to the application web.config
> >>>>> and modifying attributes will safely override for the app. only.
> >>>>> The app is being deployed to a shared server, so I cannot do
> >>>>> anything to the machine.config.
> >>>>>
> >>>>> "Dominick Baier [DevelopMentor]" wrote:
> >>>>>
> >>>>>> Hi,
> >>>>>>
> >>>>>> look at the <membership> element in machine.config - you can
> >>>>>> configure that there machine wide - otherwise copy the config
> >>>>>> element to your local web.config.
> >>>>>>
> >>>>>> ---------------------------------------
> >>>>>> Dominick Baier - DevelopMentor
> >>>>>> http://www.leastprivilege.com
> >>>>>>> I have just started with ASP.NET 2.0 using VS.NET 2005 with SQL
> >>>>>>> 2005. I have installed the aspnetdb and I am trying to setup a
> >>>>>>> Logon page with a test user. When I tried to create the test
> >>>>>>> user in the WAT I found that the password was not accepted
> >>>>>>> because it did not contain a non-alphanumeric character. My
> >>>>>>> users will resist using extremely strong passwords. Many will
> >>>>>>> not understand the concept. Therefore, I need to set this to
> >>>>>>> zero. How can I do this?
> >>>>>>>
> >>>>>>> I have a reference that points me to the application web.config
> >>>>>>> file but this seems to apply to a custom membership provider. I
> >>>>>>> do not need to a custom provider. I only want to avoid
> >>>>>>> requiring non-alphanumeric characters in passwords. Later, I
> >>>>>>> may want to setup my own regular expression as well.
> >>>>>>>
> >>>>>>> Thanks for any guidance on this.
> >>>>>>>
>
>
>