Exemplo n.º 1
0
        /// <summary>
        /// This function will be used for creating the encrypted url to be used for change/forgot password to be used by user.
        /// </summary>
        /// <param name="i_sSelectedcompanyConnectionString"></param>
        /// <param name="i_nLoginId"></param>
        /// <param name="i_sCompanyId"></param>
        /// <returns></returns>
        public static bool CreateForgetPasswordHashLink(string i_sSelectedcompanyConnectionString, string i_sLoginName, string i_sUserEmailId, string i_sCompanyId, string i_sSaltValue)
        {
            PasswordManagementDTO objPwdMgmtDTO = new PasswordManagementDTO();
            UserInfoSL            objUserInfoSL = new UserInfoSL();
            bool bReturn = false;

            InsiderTradingEncryption.DataSecurity objPwdHash = new InsiderTradingEncryption.DataSecurity();
            string sHashCode = "";

            try
            {
                sHashCode = objPwdHash.CreateHash(i_sLoginName.ToString() + i_sCompanyId, i_sSaltValue);

                objPwdMgmtDTO.CompanyID = i_sCompanyId;
                objPwdMgmtDTO.LoginID   = i_sLoginName;
                objPwdMgmtDTO.EmailID   = i_sUserEmailId;
                objPwdMgmtDTO.HashValue = sHashCode;

                objPwdMgmtDTO = objUserInfoSL.ForgetPassword(i_sSelectedcompanyConnectionString, objPwdMgmtDTO);
                bReturn       = true;
            }
            catch (Exception exp)
            {
            }
            return(bReturn);
        }
Exemplo n.º 2
0
        /// <summary>
        ///
        /// </summary>
        /// <param name="i_sConnectionString"></param>
        /// <param name="i_objUserInfoDTO"></param>
        /// <returns></returns>
        public PasswordManagementDTO GetUserFromHashCode(string i_sConnectionString, string i_sHashCode)
        {
            PasswordManagementDTO res = null;

            try
            {
                using (var objUserInfoDAL = new InsiderTradingDAL.UserInfoDAL())
                {
                    res = objUserInfoDAL.GetUserFromHashCode(i_sConnectionString, i_sHashCode);
                }
            }
            catch (Exception exp)
            {
                throw exp;
            }

            return(res);
        }
Exemplo n.º 3
0
        /// <summary>
        ///
        /// </summary>
        /// <param name="i_sConnectionString"></param>
        /// <param name="i_objUserInfoDTO"></param>
        /// <returns></returns>
        public PasswordManagementDTO ForgetPassword(string i_sConnectionString, PasswordManagementDTO i_objPwdMgmtDTO)
        {
            PasswordManagementDTO res = null;

            try
            {
                //InsiderTradingDAL.UserInfoDAL objUserInfoDAL = new InsiderTradingDAL.UserInfoDAL();
                using (var objUserInfoDAL = new InsiderTradingDAL.UserInfoDAL())
                {
                    res = objUserInfoDAL.ForgetPassword(i_sConnectionString, i_objPwdMgmtDTO);
                }
            }
            catch (Exception exp)
            {
                throw exp;
            }

            return(res);
        }
Exemplo n.º 4
0
        /// <summary>
        ///
        /// </summary>
        /// <param name="i_sConnectionString"></param>
        /// <param name="i_objUserInfoDTO"></param>
        /// <returns></returns>
        public bool ChangePassword(string i_sConnectionString, ref PasswordManagementDTO i_objPwdMgmtDTO)
        {
            bool bReturn = false;

            try
            {
                //InsiderTradingDAL.UserInfoDAL objUserInfoDAL = new InsiderTradingDAL.UserInfoDAL();
                using (var objUserInfoDAL = new InsiderTradingDAL.UserInfoDAL())
                {
                    bReturn = objUserInfoDAL.ChangePassword(i_sConnectionString, ref i_objPwdMgmtDTO);
                }
            }
            catch (Exception exp)
            {
                throw exp;
            }

            return(bReturn);
        }
Exemplo n.º 5
0
        public ActionResult SetPassword(PasswordManagementModel objPwdMgmtModel)
        {
            bool   bErrorOccurred = false;
            string i_ErrorMessage = "";
            string NewPassword    = null;

            InsiderTradingDAL.CompanyDTO objSelectedCompany = new CompanyDTO();
            UserInfoDTO      objUserInfoDTO      = new UserInfoDTO();
            LoginUserDetails objLoginUserDetails = (LoginUserDetails)Common.Common.GetSessionValue(ConstEnum.SessionValue.UserDetails);

            try
            {
                if (objLoginUserDetails == null)
                {
                    objLoginUserDetails = new LoginUserDetails();
                }

                if (objPwdMgmtModel.CompanyID == null || objPwdMgmtModel.CompanyID == "")
                {
                    i_ErrorMessage = "Company is required field.";
                    bErrorOccurred = true;
                }
                else if (objPwdMgmtModel.NewPassword == null || objPwdMgmtModel.NewPassword == "" || objPwdMgmtModel.ConfirmNewPassword == null || objPwdMgmtModel.ConfirmNewPassword == "")
                {
                    i_ErrorMessage = "Please enter new password and confirm password.";
                    bErrorOccurred = true;
                }
                else if (objPwdMgmtModel.NewPassword != objPwdMgmtModel.ConfirmNewPassword)
                {
                    i_ErrorMessage = "New password and Confirm password are not matching.";
                    bErrorOccurred = true;
                }

                if (System.Configuration.ConfigurationManager.AppSettings["CompanyType"] == "Textbox")
                {
                    Dictionary <string, string> objCompaniesDictionary = null;

                    objCompaniesDictionary = new Dictionary <string, string>();

                    using (CompaniesSL objCompanySL = new CompaniesSL())
                    {
                        foreach (InsiderTradingDAL.CompanyDTO objCompanyDTO in objCompanySL.getAllCompanies(Common.Common.getSystemConnectionString()))
                        {
                            objCompaniesDictionary.Add(objCompanyDTO.sCompanyDatabaseName, objCompanyDTO.sCompanyName.ToLower());
                        }
                    }

                    if (objCompaniesDictionary.ContainsValue(objPwdMgmtModel.CompanyID.ToLower()))
                    {
                        objPwdMgmtModel.CompanyID = (from entry in objCompaniesDictionary
                                                     where entry.Value.ToLower() == objPwdMgmtModel.CompanyID.ToLower()
                                                     select entry.Key).FirstOrDefault();
                    }
                    else
                    {
                        objLoginUserDetails.ErrorMessage = "Invalid Company Name";
                        Common.Common.SetSessionValue(ConstEnum.SessionValue.UserDetails, objLoginUserDetails);
                        return(RedirectToAction("SetPassword", "Account", new { code = objPwdMgmtModel.HashValue }));
                    }
                }

                //hashed password to check password history
                InsiderTradingEncryption.DataSecurity objPwdHash = new InsiderTradingEncryption.DataSecurity();

                string saltValue = string.Empty;
                if (objPwdMgmtModel.NewPassword != null)
                {
                    //NewPassword = objPwdHash.CreateSaltandHash(objPwdMgmtModel.NewPassword);
                    string sPasswordHashWithSalt = objPwdHash.CreateSaltandHash(objPwdMgmtModel.NewPassword);
                    NewPassword = sPasswordHashWithSalt.Split('~')[0].ToString();
                    saltValue   = sPasswordHashWithSalt.Split('~')[1].ToString();
                }
                using (CompaniesSL objCompanySL = new CompaniesSL())
                {
                    objSelectedCompany = objCompanySL.getSingleCompanies(Common.Common.getSystemConnectionString(), objPwdMgmtModel.CompanyID);
                }
                //Check if the new password follows Password policy
                if (!bErrorOccurred)
                {
                    Common.Common         objCommon = new Common.Common();
                    PasswordManagementDTO objPasswordManagementUserFromHashCodeDTO = new PasswordManagementDTO();

                    using (UserInfoSL objUserInfoSL = new UserInfoSL())
                    {
                        objPasswordManagementUserFromHashCodeDTO = objUserInfoSL.GetUserFromHashCode(objSelectedCompany.CompanyConnectionString, objPwdMgmtModel.HashValue);
                        objUserInfoDTO = objUserInfoSL.GetUserDetails(objSelectedCompany.CompanyConnectionString, objPasswordManagementUserFromHashCodeDTO.UserInfoID);
                    }
                    bool isPasswordValid = objCommon.ValidatePassword(objSelectedCompany.CompanyConnectionString, objUserInfoDTO.LoginID, objPwdMgmtModel.NewPassword, NewPassword, objUserInfoDTO.UserInfoId, out i_ErrorMessage);
                    if (!isPasswordValid)
                    {
                        bErrorOccurred = true;
                    }
                }
                if (bErrorOccurred)
                {
                    //ModelState.AddModelError("Error", i_ErrorMessage);
                    if (objLoginUserDetails == null)
                    {
                        objLoginUserDetails = new LoginUserDetails();
                    }
                    objLoginUserDetails.ErrorMessage = i_ErrorMessage;
                    objLoginUserDetails.CompanyName  = objPwdMgmtModel.CompanyID;
                    Common.Common.SetSessionValue(ConstEnum.SessionValue.UserDetails, objLoginUserDetails);

                    PasswordConfigSL  objPassConfigSL  = new PasswordConfigSL();
                    PasswordConfigDTO objPassConfigDTO = new PasswordConfigDTO();
                    objPassConfigDTO = objPassConfigSL.GetPasswordConfigDetails(objSelectedCompany.CompanyConnectionString);
                    PasswordConfigModel objPassConfigModel = new PasswordConfigModel();
                    InsiderTrading.Common.Common.CopyObjectPropertyByName(objPassConfigDTO, objPassConfigModel);
                    TempData["PasswordConfigModel"] = objPassConfigModel;
                    return(RedirectToAction("SetPassword", "Account", new { code = objPwdMgmtModel.HashValue }));
                    //return View("SetPassword", objPwdMgmtModel);
                }

                PasswordManagementDTO objPwdMgmtDTO = new PasswordManagementDTO();

                if (objLoginUserDetails == null)
                {
                    objLoginUserDetails = new LoginUserDetails();
                }
                if (objSelectedCompany == null)
                {
                    objLoginUserDetails.ErrorMessage = "Entered company is incorrect, please enter correct company and try again.";
                }
                else
                {
                    objPwdMgmtModel.NewPassword        = NewPassword;
                    objPwdMgmtModel.ConfirmNewPassword = NewPassword;
                    objPwdMgmtModel.SaltValue          = saltValue;
                    InsiderTrading.Common.Common.CopyObjectPropertyByName(objPwdMgmtModel, objPwdMgmtDTO);
                    using (UserInfoSL objUserInfoSL = new UserInfoSL())
                    {
                        objPwdMgmtDTO.UserInfoID = objUserInfoDTO.UserInfoId;
                        objUserInfoSL.ChangePassword(objSelectedCompany.CompanyConnectionString, ref objPwdMgmtDTO);
                    }
                    //InsiderTradingDAL.UserInfoDTO objUserInfo = objUserInfoSL.GetUserDetails(objSelectedCompany.CompanyConnectionString, objPwdMgmtDTO.UserInfoID);
                    objLoginUserDetails.SuccessMessage = Common.Common.getResourceForGivenCompany("usr_msg_11271", objSelectedCompany.sCompanyDatabaseName);
                }


                Common.Common.SetSessionValue(ConstEnum.SessionValue.UserDetails, objLoginUserDetails);
                return(RedirectToAction("Login", "Account"));
                //return RedirectToAction("Index", "Home", new { acid = Convert.ToString(Common.ConstEnum.UserActions.CRUSER_COUSERDASHBOARD_DASHBOARD) });
            }
            catch (Exception exp)
            {
                string sErrMessage = Common.Common.getResourceForGivenCompany(exp.InnerException.Data[0].ToString(), objSelectedCompany.sCompanyDatabaseName);
                if (objLoginUserDetails == null)
                {
                    objLoginUserDetails = new LoginUserDetails();
                }
                objLoginUserDetails.ErrorMessage = sErrMessage;
                Common.Common.SetSessionValue(ConstEnum.SessionValue.UserDetails, objLoginUserDetails);
                return(RedirectToAction("Login", "Account"));
                //ModelState.AddModelError("Error", sErrMessage);
                //return View("SetPassword", objPwdMgmtModel);
            }
            finally
            {
                objLoginUserDetails = null;
            }
        }
Exemplo n.º 6
0
        public ActionResult ForgetPassword(PasswordManagementModel objPwdMgmtModel)
        {
            ModelState.Remove("KEY");
            ModelState.Add("KEY", new ModelState());
            ModelState.Clear();
            Session["UserCaptchaTextForgotPwd"] = (objPwdMgmtModel.sCaptchaText == null) ? string.Empty : objPwdMgmtModel.sCaptchaText;
            LoginUserDetails objLoginUserDetails = (LoginUserDetails)Common.Common.GetSessionValue(ConstEnum.SessionValue.UserDetails);

            try
            {
                if (objLoginUserDetails == null)
                {
                    objLoginUserDetails = new LoginUserDetails();
                }

                PasswordManagementDTO objPwdMgmtDTO = new PasswordManagementDTO();
                UserInfoSL            objUserInfoSL = new UserInfoSL();
                CompaniesSL           objCompanySL  = new CompaniesSL();

                if (System.Configuration.ConfigurationManager.AppSettings["CompanyType"] == "Textbox")
                {
                    Dictionary <string, string> objCompaniesDictionary = null;

                    objCompaniesDictionary = new Dictionary <string, string>();

                    foreach (InsiderTradingDAL.CompanyDTO objCompanyDTO in objCompanySL.getAllCompanies(Common.Common.getSystemConnectionString()))
                    {
                        objCompaniesDictionary.Add(objCompanyDTO.sCompanyDatabaseName, objCompanyDTO.sCompanyName.ToLower());
                    }

                    if (objCompaniesDictionary.ContainsValue(objPwdMgmtModel.CompanyID.ToLower()))
                    {
                        objPwdMgmtModel.CompanyID = (from entry in objCompaniesDictionary
                                                     where entry.Value.ToLower() == objPwdMgmtModel.CompanyID.ToLower()
                                                     select entry.Key).FirstOrDefault();
                    }
                }

                InsiderTradingDAL.CompanyDTO objSelectedCompany = objCompanySL.getSingleCompanies(Common.Common.getSystemConnectionString(), objPwdMgmtModel.CompanyID);


                string SaltValue = Common.ConstEnum.User_Password_Encryption_Key;

                InsiderTradingEncryption.DataSecurity objPwdHash = new InsiderTradingEncryption.DataSecurity();
                string sHashCode = objPwdHash.CreateHash(objPwdMgmtModel.LoginID.ToString() + objPwdMgmtModel.CompanyID.ToString(), SaltValue);
                objPwdMgmtModel.HashValue = sHashCode;
                var CallBackUrl = Url.Action("SetPassword", "Account", new { @code = sHashCode });

                string sLoginID = string.Empty;
                string sEmailID = string.Empty;
                string javascriptEncryptionKey = Common.ConstEnum.Javascript_Encryption_Key;

                sLoginID = DecryptStringAES(objPwdMgmtModel.LoginID, javascriptEncryptionKey, javascriptEncryptionKey);
                sEmailID = DecryptStringAES(objPwdMgmtModel.EmailID, javascriptEncryptionKey, javascriptEncryptionKey);

                if (!string.IsNullOrEmpty(sEmailID))
                {
                    string emailRegex = @"^([a-zA-Z0-9_\.\-])+\@(([a-zA-Z0-9\-])+\.)+([a-zA-Z0-9]{2,4})+$";
                    Regex  re         = new Regex(emailRegex);
                    if (!re.IsMatch(sEmailID))
                    {
                        ModelState.AddModelError("EmailID", "Please provide valid Email ID");
                    }
                }

                objPwdMgmtModel.LoginID = sLoginID;
                objPwdMgmtModel.EmailID = sEmailID;

                InsiderTrading.Common.Common.CopyObjectPropertyByName(objPwdMgmtModel, objPwdMgmtDTO);
                objPwdMgmtDTO = objUserInfoSL.ForgetPassword(objSelectedCompany.CompanyConnectionString, objPwdMgmtDTO);
                if (objPwdMgmtDTO.EmailID != null)
                {
                    if (objPwdMgmtModel.sCaptchaText != Session["CaptchaValueForgotPwd"].ToString())
                    {
                        TempData["ShowCaptchaForgotPwd"]  = true;
                        TempData["ErrorMessageForgotPwd"] = "Please provide valid Text";
                        @ViewBag.ErrorMessage             = "Please provide valid Text";
                        objLoginUserDetails.ErrorMessage  = "Please provide valid Text";
                        return(RedirectToAction("ForgetPassword", "Account"));
                    }
                    Common.Common.SendMail(CallBackUrl, objPwdMgmtDTO, objSelectedCompany.sCompanyDatabaseName);
                }
                objLoginUserDetails.SuccessMessage = Common.Common.getResourceForGivenCompany("usr_msg_11270", objSelectedCompany.sCompanyDatabaseName);
                Common.Common.SetSessionValue(ConstEnum.SessionValue.UserDetails, objLoginUserDetails);
                return(RedirectToAction("Login", "Account"));//.Success(Common.Common.getResourceForGivenCompany("usr_msg_11270", objSelectedCompany.sCompanyDatabaseName));
            }
            catch (Exception exp)
            {
                string sErrMessage = exp.Message;
                if (exp.InnerException != null && exp.InnerException.Data != null && exp.InnerException.Data.Count > 0)
                {
                    sErrMessage = Common.Common.getResourceForGivenCompany(exp.InnerException.Data[0].ToString(), objPwdMgmtModel.CompanyID);
                }
                @ViewBag.ErrorMessage   = sErrMessage;
                objPwdMgmtModel.LoginID = null;
                objPwdMgmtModel.EmailID = null;
                Dictionary <string, string> objCompaiesDictionary = new Dictionary <string, string>();
                objCompaiesDictionary.Add("", "Select Company");
                CompaniesSL objCompanySL = new CompaniesSL();
                List <InsiderTradingDAL.CompanyDTO> lstCompanies = new List <InsiderTradingDAL.CompanyDTO>();
                lstCompanies = objCompanySL.getAllCompanies(Common.Common.getSystemConnectionString());
                foreach (InsiderTradingDAL.CompanyDTO objCompanyDTO in lstCompanies)
                {
                    objCompaiesDictionary.Add(objCompanyDTO.sCompanyDatabaseName, objCompanyDTO.sCompanyName);
                }
                ViewBag.CompaniesDropDown        = objCompaiesDictionary;
                objLoginUserDetails.ErrorMessage = sErrMessage;
                Common.Common.SetSessionValue(ConstEnum.SessionValue.UserDetails, objLoginUserDetails);
                return(RedirectToAction("ForgetPassword", "Account"));
            }
        }
Exemplo n.º 7
0
        public ActionResult ChangePassword(int formId, int acid, PasswordManagementModel objPwdMgmtModel)
        {
            bool                          bErrorOccurred               = false;
            string                        i_ErrorMessage               = "";
            LoginUserDetails              objLoginUserDetails          = (LoginUserDetails)Common.Common.GetSessionValue(ConstEnum.SessionValue.UserDetails);
            PasswordManagementDTO         objPwdMgmtDTO                = new PasswordManagementDTO();
            PasswordConfigModel           objPassConfigModel           = new PasswordConfigModel();
            UserInfoSL                    objUserInfoSL                = new UserInfoSL();
            UserPolicyDocumentEventLogDTO objChangePasswordEventLogDTO = null;
            PasswordExpiryReminderDTO     objPassExpiryReminderDTO     = null;


            InsiderTradingEncryption.DataSecurity objPwdHash = new InsiderTradingEncryption.DataSecurity();
            try
            {
                DataSecurity objDataSecurity         = new DataSecurity();
                string       sOldPassword            = string.Empty;
                string       sNewPassword            = string.Empty;
                string       sConfirmNewPassword     = string.Empty;
                string       sPasswordHash           = string.Empty;
                string       sPasswordHashWithSalt   = string.Empty;
                string       sSaltValue              = string.Empty;
                string       javascriptEncryptionKey = Common.ConstEnum.Javascript_Encryption_Key;
                string       userPasswordHashSalt    = Common.ConstEnum.User_Password_Encryption_Key;

                if (objPwdMgmtModel.OldPassword == null || objPwdMgmtModel.OldPassword == "" || objPwdMgmtModel.NewPassword == null || objPwdMgmtModel.NewPassword == "" ||
                    objPwdMgmtModel.ConfirmNewPassword == null || objPwdMgmtModel.ConfirmNewPassword == "")
                {
                    i_ErrorMessage = "All fields are required fields.";
                    bErrorOccurred = true;
                }
                else if (objPwdMgmtModel.NewPassword == null || objPwdMgmtModel.NewPassword == "" || objPwdMgmtModel.ConfirmNewPassword == null || objPwdMgmtModel.ConfirmNewPassword == "")
                {
                    i_ErrorMessage = "Please enter new password and confirm new password.";
                    bErrorOccurred = true;
                }
                else if (objPwdMgmtModel.NewPassword != objPwdMgmtModel.ConfirmNewPassword)
                {
                    i_ErrorMessage = "New password and Confirm password are not matching.";
                    bErrorOccurred = true;
                }
                else if (objPwdMgmtModel.OldPassword == objPwdMgmtModel.NewPassword)
                {
                    i_ErrorMessage = "New password should not be same as old password.";
                    bErrorOccurred = true;
                }

                else if (!string.IsNullOrEmpty(objPwdMgmtModel.OldPassword) && !string.IsNullOrEmpty(objPwdMgmtModel.NewPassword) &&
                         !string.IsNullOrEmpty(objPwdMgmtModel.ConfirmNewPassword))
                {
                    sOldPassword          = DecryptStringAES(objPwdMgmtModel.OldPassword, javascriptEncryptionKey, javascriptEncryptionKey);
                    sNewPassword          = DecryptStringAES(objPwdMgmtModel.NewPassword, javascriptEncryptionKey, javascriptEncryptionKey);
                    sConfirmNewPassword   = DecryptStringAES(objPwdMgmtModel.ConfirmNewPassword, javascriptEncryptionKey, javascriptEncryptionKey);
                    sPasswordHashWithSalt = objPwdHash.CreateSaltandHash(sNewPassword);
                    sPasswordHash         = sPasswordHashWithSalt.Split('~')[0].ToString();
                    sSaltValue            = sPasswordHashWithSalt.Split('~')[1].ToString();
                }

                //Check if the new password follows Password policy
                if (!bErrorOccurred)
                {
                    Common.Common objCommon       = new Common.Common();
                    bool          isPasswordValid = objCommon.ValidatePassword(objLoginUserDetails.CompanyDBConnectionString, objLoginUserDetails.UserName, sNewPassword, sPasswordHash, objLoginUserDetails.LoggedInUserID, out i_ErrorMessage);
                    if (!isPasswordValid)
                    {
                        bErrorOccurred = true;
                    }
                }
                if (bErrorOccurred)
                {
                    ViewBag.LoginError = i_ErrorMessage;
                    return(View("ChangePassword"));
                }

                objPwdMgmtModel.UserInfoID = objLoginUserDetails.LoggedInUserID;

                string saltValue  = string.Empty;
                string calledFrom = "ChangPwd";

                using (UserInfoSL ObjUserInfoSL = new UserInfoSL())
                {
                    List <AuthenticationDTO> lstUserDetails = ObjUserInfoSL.GetUserLoginDetails(objLoginUserDetails.CompanyDBConnectionString, Convert.ToString(objLoginUserDetails.LoggedInUserID), calledFrom);
                    foreach (var UserDetails in lstUserDetails)
                    {
                        saltValue = UserDetails.SaltValue;
                    }
                }

                string usrSaltValue = (saltValue == null || saltValue == string.Empty) ? userPasswordHashSalt : saltValue;

                if (saltValue != null && saltValue != "")
                {
                    objPwdMgmtModel.OldPassword = objPwdHash.CreateHashToVerify(sOldPassword, usrSaltValue);
                }
                else
                {
                    objPwdMgmtModel.OldPassword = objPwdHash.CreateHash(sOldPassword, usrSaltValue);
                }


                objPwdMgmtModel.NewPassword        = sPasswordHash;
                objPwdMgmtModel.ConfirmNewPassword = sPasswordHash;
                objPwdMgmtModel.SaltValue          = sSaltValue;
                InsiderTrading.Common.Common.CopyObjectPropertyByName(objPwdMgmtModel, objPwdMgmtDTO);
                objUserInfoSL.ChangePassword(objLoginUserDetails.CompanyDBConnectionString, ref objPwdMgmtDTO);
                objLoginUserDetails.PasswordChangeMessage = Common.Common.getResource("usr_msg_11271");
                Common.Common.SetSessionValue(ConstEnum.SessionValue.UserDetails, objLoginUserDetails);

                Common.Common.SetSessionValue("IsChangePassword", false);
            }
            catch (Exception exp)
            {
                string sErrMessage = Common.Common.getResource(exp.InnerException.Data[0].ToString());
                ViewBag.LoginError = sErrMessage;
                objPassConfigModel = GetPasswordConfigDetails();
                return(View("ChangePassword"));
            }
            finally
            {
                objLoginUserDetails = null;
                objPwdMgmtDTO       = null;
                objUserInfoSL       = null;
                objPwdHash          = null;
            }
            return(RedirectToAction("Index", "Home", new { acid = Convert.ToString(Common.ConstEnum.UserActions.CRUSER_COUSERDASHBOARD_DASHBOARD) }));
        }