/// <summary> /// Changes user password. /// </summary> /// <param name="sender">Source of this event.</param> /// <param name="e">Arguments of this event.</param> protected void ChangeButton_Click(object sender, EventArgs e) { try { // Initialize the security provider. ISecurityProvider provider = SecurityProviderUtility.CreateProvider(ChangePasswordUsername.Text); if (provider.CanChangePassword) { // Attempt to change password. if (provider.ChangePassword(ChangePasswordOldPassword.Text, ChangePasswordNewPassword.Text)) { // Password changed successfully. if (provider.Authenticate(ChangePasswordNewPassword.Text)) { // Password authenticated successfully. SecurityProviderCache.CurrentProvider = provider; Response.Redirect(GetReferrerUrl(), false); } else { // Show why authentication failed. if (!ShowFailureReason(provider)) { ShowMessage("Authentication was not successful.", true); } } } else { // Show why password change failed. if (!ShowFailureReason(provider)) { ShowMessage("Password change was not successful.", true); } } } else { // Changing password is not supported. ShowMessage("Account does not support password change.", true); } } catch (SecurityException ex) { // Show security related error messages. ShowMessage(ex.Message.EnsureEnd('.'), true); } catch (Exception ex) { // Show ambiguous message for other errors. ShowMessage("Password change failed due to an unexpected error.", true); System.Diagnostics.Trace.WriteLine(string.Format("Password change error: \r\n {0}", ex)); } finally { ChangePasswordOldPassword.Focus(); } }
/// <summary> /// Attempts to change user's password. /// </summary> /// <param name="sender">Source of this event.</param> /// <param name="e">Arguments of this event.</param> private void ButtonChange_Click(object sender, RoutedEventArgs e) { try { // Check if old and new password are different if (TextBoxOldPassword.Password == TextBoxNewPassword.Password) { throw new Exception("New password cannot be same as old password."); } // Check is new password and confirm password are same if (TextBoxNewPassword.Password != TextBoxConfirmPassword.Password) { throw new Exception("New password and confirm password should be same."); } ISecurityProvider securityProvider = SecurityProviderCache.CreateProvider(TextBoxChangePasswordUserName.Text); securityProvider.SecurePassword = TextBoxNewPassword.SecurePassword; if (securityProvider.CanChangePassword) { // Attempt to change password if (securityProvider.ChangePassword(TextBoxOldPassword.Password, TextBoxNewPassword.Password) && securityProvider.Authenticate()) { // Password changed and authenticated successfully DisplayErrorMessage("Password changed successfully."); // Setup security principal for subsequent uses SecurityIdentity securityIdentity = new SecurityIdentity(securityProvider); SecurityPrincipal = new SecurityPrincipal(securityIdentity); ClearErrorMessage(); ExitSuccess = true; } else { // Show why password change failed if (!ShowFailureReason(securityProvider)) { if (!securityProvider.IsUserAuthenticated) { DisplayErrorMessage("Authentication was not successful."); } else { DisplayErrorMessage("Password change was not successful."); } if (string.IsNullOrWhiteSpace(TextBoxChangePasswordUserName.Text)) { TextBoxChangePasswordUserName.Focus(); } else { TextBoxOldPassword.Focus(); } } } } else { DisplayErrorMessage("Account does not support password change."); } } catch (Exception ex) { DisplayErrorMessage("Change password failed: " + ex.Message); TextBoxOldPassword.Focus(); } }