protected void OnUserRegistered(UserRegisteredEventArgs e)
 {
     if (UserRegistered != null)
     {
         UserRegistered(this, e);
     }
 }
        void application_AuthenticateRequest(object sender, EventArgs e)
        {
            //if (debugLog) log.Debug("AuthHandlerHttpModule Application_AuthenticateRequest");

            if (sender == null) return;

            HttpApplication app = (HttpApplication)sender;
            if (app.Request == null) { return; }
            if (!app.Request.IsAuthenticated) { return; }

            if(WebUtils.IsRequestForStaticFile(app.Request.Path)) { return; }
            if (app.Request.Path.ContainsCaseInsensitive(".ashx")) { return; }
            if (app.Request.Path.ContainsCaseInsensitive(".axd")) { return; }
            if (app.Request.Path.ContainsCaseInsensitive("setup/default.aspx")) { return; }

            //if (debugLog) log.Debug("IsAuthenticated == true");
            SiteSettings siteSettings;
            try
            {
                siteSettings = CacheHelper.GetCurrentSiteSettings();
            }
            catch (System.Data.Common.DbException ex)
            {
                // can happen during upgrades
                log.Error(ex);
                return;
            }
            catch (Exception ex)
            {
                // hate to trap System.Exception but SqlCeException doe snot inherit from DbException as it should
                if (DatabaseHelper.DBPlatform() != "SqlCe") { throw; }
                log.Error(ex);
                return;
            }
            bool useFolderForSiteDetection = WebConfigSettings.UseFoldersInsteadOfHostnamesForMultipleSites;

            // Added by Haluk Eryuksel - 2006-01-23
            // support for Windows authentication
            if (
                (app.User.Identity.AuthenticationType == "NTLM")
                || (app.User.Identity.AuthenticationType == "Negotiate")
                // || ( Context.User.Identity.AuthenticationType == "Windows" )
                )
            {
                //Added by Benedict Chan - 2008-08-05
                //Added Cookie here so that we don't have to check the users in every page, also to authenticate under NTLM with "useFolderForSiteDetection == true"
                string cookieName = "siteguid" + siteSettings.SiteGuid;
                if (!CookieHelper.CookieExists(cookieName))
                {
                    bool existsInDB;
                    existsInDB = SiteUser.LoginExistsInDB(siteSettings.SiteId, app.Context.User.Identity.Name);

                    if (!existsInDB)
                    {
                        SiteUser u = new SiteUser(siteSettings);
                        u.Name = app.Context.User.Identity.Name;
                        u.LoginName = app.Context.User.Identity.Name;
                        u.Email = GuessEmailAddress(u.Name);
                        u.Password = SiteUser.CreateRandomPassword(7, WebConfigSettings.PasswordGeneratorChars);

                        mojoMembershipProvider m = Membership.Provider as mojoMembershipProvider;
                        if (m != null)
                        {
                            u.Password = m.EncodePassword(siteSettings, u, u.Password);
                        }

                        u.Save();
                        NewsletterHelper.ClaimExistingSubscriptions(u);

                        UserRegisteredEventArgs args = new UserRegisteredEventArgs(u);
                        OnUserRegistered(args);

                    }

                    SiteUser siteUser = new SiteUser(siteSettings, app.Context.User.Identity.Name);
                    CookieHelper.SetCookie(cookieName, siteUser.UserGuid.ToString(), true);

                    //Copied logic from SiteLogin.cs  Since we will skip them if we use NTLM
                    if (siteUser.UserId > -1 && siteSettings.AllowUserSkins && siteUser.Skin.Length > 0)
                    {
                        SiteUtils.SetSkinCookie(siteUser);
                    }

                    // track user ip address
                    try
                    {
                        UserLocation userLocation = new UserLocation(siteUser.UserGuid, SiteUtils.GetIP4Address());
                        userLocation.SiteGuid = siteSettings.SiteGuid;
                        userLocation.Hostname = app.Request.UserHostName;
                        userLocation.Save();
                        log.Info("Set UserLocation : " + app.Request.UserHostName + ":" + SiteUtils.GetIP4Address());
                    }
                    catch (Exception ex)
                    {
                        log.Error(SiteUtils.GetIP4Address(), ex);
                    }
                }

                //End-Added by Benedict Chan

            }
            // End-Added by Haluk Eryuksel

            if ((useFolderForSiteDetection) && (!WebConfigSettings.UseRelatedSiteMode))
            {
                // replace GenericPrincipal with custom one
                //string roles = string.Empty;
                if (!(app.Context.User is mojoIdentity))
                {
                    app.Context.User = new mojoPrincipal(app.Context.User);
                }
            }
        }
 private void OnUserRegistered(UserRegisteredEventArgs e)
 {
     foreach (UserRegisteredHandlerProvider handler in UserRegisteredHandlerProviderManager.Providers)
     {
         handler.UserRegisteredHandler(null, e);
     }
 }
        public override void UserRegisteredHandler(object sender, UserRegisteredEventArgs e)
        {
            if (e == null) return;
            if (e.SiteUser == null) return;

            SiteSettings siteSettings = CacheHelper.GetCurrentSiteSettings();

            if (
                (!siteSettings.RequireApprovalBeforeLogin)
                &&(siteSettings.EmailAdressesForUserApprovalNotification.Length == 0)
                ) { return; }

            log.Debug("NotifyAdminUserRegisteredHandler called for new user " + e.SiteUser.Email);

            if (HttpContext.Current == null) { return; }

            CultureInfo defaultCulture = SiteUtils.GetDefaultUICulture();

            string subjectTemplate
                        = ResourceHelper.GetMessageTemplate(defaultCulture,
                        "NotifyAdminofNewUserRegistationSubject.config");

            string textBodyTemplate = ResourceHelper.GetMessageTemplate(defaultCulture,
                        "NotifyAdminofNewUserRegistationMessage.config");

            string siteRoot = SiteUtils.GetNavigationSiteRoot();
            SmtpSettings smtpSettings = SiteUtils.GetSmtpSettings();

            //lookup admin users and send notification email with link to manage user
            List<string> adminEmails;
            if (siteSettings.EmailAdressesForUserApprovalNotification.Length > 0)
            {
                adminEmails = siteSettings.EmailAdressesForUserApprovalNotification.SplitOnChar(',');
            }
            else
            {
                adminEmails = SiteUser.GetEmailAddresses(siteSettings.SiteId, "Admins;");
            }

            //foreach (DataRow row in admins.Rows)
            foreach(string email in adminEmails)
            {
                if (WebConfigSettings.EmailAddressesToExcludeFromAdminNotifications.IndexOf(email, StringComparison.InvariantCultureIgnoreCase) > -1) { continue; }

                //EmailMessageTask messageTask = new EmailMessageTask(smtpSettings);
                //messageTask.EmailFrom = siteSettings.DefaultEmailFromAddress;
                //messageTask.EmailFromAlias = siteSettings.DefaultFromEmailAlias;
                //messageTask.EmailTo = email;
                //messageTask.Subject = string.Format(defaultCulture, subjectTemplate, e.SiteUser.Email, siteRoot);

                string manageUserLink = siteRoot + "/Admin/ManageUsers.aspx?userid="
                    + e.SiteUser.UserId.ToInvariantString();

                //messageTask.TextBody = string.Format(defaultCulture, textBodyTemplate, siteSettings.SiteName, siteRoot, manageUserLink);
                //messageTask.SiteGuid = siteSettings.SiteGuid;
                //messageTask.QueueTask();

                Email.Send(
                        smtpSettings,
                        siteSettings.DefaultEmailFromAddress,
                        siteSettings.DefaultFromEmailAlias,
                        string.Empty,
                        email,
                        string.Empty,
                        string.Empty,
                        string.Format(defaultCulture, subjectTemplate, e.SiteUser.Email, siteRoot),
                        string.Format(defaultCulture, textBodyTemplate, siteSettings.SiteName, siteRoot, manageUserLink),
                        false,
                        Email.PriorityNormal);

            }

            //WebTaskManager.StartOrResumeTasks();
        }
Exemplo n.º 5
0
        private SiteUser CreateUser(
            string openId,
            string email,
            string loginName,
            string name,
            bool emailIsVerified)
        {
            SiteUser newUser = new SiteUser(siteSettings);
            newUser.Email = email;

            if (loginName.Length > 50) loginName = loginName.Substring(0, 50);

            int i = 1;
            while (SiteUser.LoginExistsInDB(
                siteSettings.SiteId, loginName))
            {
                loginName += i.ToString();
                if (loginName.Length > 50) loginName = loginName.Remove(40, 1);
                i++;

            }
            if ((name == null) || (name.Length == 0)) name = loginName;
            newUser.LoginName = loginName;
            newUser.Name = name;
            //newUser.Password = SiteUser.CreateRandomPassword(7);
            mojoMembershipProvider mojoMembership = (mojoMembershipProvider)Membership.Provider;
            newUser.Password = mojoMembership.EncodePassword(siteSettings, newUser, SiteUser.CreateRandomPassword(7, WebConfigSettings.PasswordGeneratorChars));
            newUser.PasswordQuestion = Resource.ManageUsersDefaultSecurityQuestion;
            newUser.PasswordAnswer = Resource.ManageUsersDefaultSecurityAnswer;
            newUser.OpenIdUri = openId;
            newUser.Save();

            //test
            //emailIsVerified = false;

            if (siteSettings.UseSecureRegistration)
            {
                if (!emailIsVerified)
                {
                    newUser.SetRegistrationConfirmationGuid(Guid.NewGuid());

                }
            }

            mojoProfileConfiguration profileConfig
                = mojoProfileConfiguration.GetConfig();

            // set default values first
            foreach (mojoProfilePropertyDefinition propertyDefinition in profileConfig.PropertyDefinitions)
            {
            #if!MONO
                // we are using the new TimeZoneInfo list but it doesn't work under Mono
                // this makes us skip the TimeOffsetHours setting from mojoProfile.config which is not used under windows
                if (propertyDefinition.Name == mojoProfilePropertyDefinition.TimeOffsetHoursKey) { continue; }
            #endif
                mojoProfilePropertyDefinition.SavePropertyDefault(
                    newUser, propertyDefinition);
            }

            foreach (mojoProfilePropertyDefinition propertyDefinition in profileConfig.PropertyDefinitions)
            {
            #if!MONO
                // we are using the new TimeZoneInfo list but it doesn't work under Mono
                // this makes us skip the TimeOffsetHours setting from mojoProfile.config which is not used under windows
                if (propertyDefinition.Name == mojoProfilePropertyDefinition.TimeOffsetHoursKey) { continue; }
            #endif
                if ((propertyDefinition.RequiredForRegistration)||(propertyDefinition.ShowOnRegistration))
                {
                    mojoProfilePropertyDefinition.SaveProperty(
                        newUser,
                        pnlRequiredProfileProperties,
                        propertyDefinition,
                        timeOffset,
                        timeZone);
                }
            }

            // track user ip address
            UserLocation userLocation = new UserLocation(newUser.UserGuid, SiteUtils.GetIP4Address());
            userLocation.SiteGuid = siteSettings.SiteGuid;
            userLocation.Hostname = Page.Request.UserHostName;
            userLocation.Save();

            UserRegisteredEventArgs u = new UserRegisteredEventArgs(newUser);
            OnUserRegistered(u);

            CacheHelper.ClearMembershipStatisticsCache();

            // we'll map them next time they login
            //OpenIdRpxHelper rpxHelper = new OpenIdRpxHelper(rpxApiKey, rpxBaseUrl);
            //rpxHelper.Map(openId, newUser.UserGuid.ToString());

            DoSubscribe(newUser);

            NewsletterHelper.ClaimExistingSubscriptions(newUser);

            return newUser;
        }
Exemplo n.º 6
0
        //private void HookupRegistrationEventHandlers()
        //{
        //    // this is a hook so that custom code can be fired when pages are created
        //    // implement a PageCreatedEventHandlerPovider and put a config file for it in
        //    // /Setup/ProviderConfig/pagecreatedeventhandlers
        //    try
        //    {
        //        foreach (UserRegisteredHandlerProvider handler in UserRegisteredHandlerProviderManager.Providers)
        //        {
        //            this.UserRegistered += handler.UserRegisteredHandler;
        //        }
        //    }
        //    catch (TypeInitializationException ex)
        //    {
        //        log.Error(ex);
        //    }
        //}
        //public event UserRegistreredEventHandler UserRegistered;
        protected void OnUserRegistered(UserRegisteredEventArgs e)
        {
            foreach (UserRegisteredHandlerProvider handler in UserRegisteredHandlerProviderManager.Providers)
            {
                handler.UserRegisteredHandler(null, e);
            }

            //if (UserRegistered != null)
            //{
            //    UserRegistered(this, e);
            //}
        }
        private void CreateUser(string windowsLiveId)
        {
            SiteUser newUser = new SiteUser(siteSettings);
            newUser.WindowsLiveId = windowsLiveId;
            newUser.Name = SecurityHelper.RemoveMarkup(txtUserName.Text);
            newUser.LoginName = newUser.Name;
            newUser.Email = txtEmail.Text;
            mojoMembershipProvider mojoMembership = (mojoMembershipProvider)Membership.Provider;
            newUser.Password = mojoMembership.EncodePassword(siteSettings, newUser, SiteUser.CreateRandomPassword(7, WebConfigSettings.PasswordGeneratorChars));
            //newUser.Password = SiteUser.CreateRandomPassword(7);
            newUser.PasswordQuestion = Resource.ManageUsersDefaultSecurityQuestion;
            newUser.PasswordAnswer = Resource.ManageUsersDefaultSecurityAnswer;
            newUser.Save();
            if (siteSettings.UseSecureRegistration)
            {
                newUser.SetRegistrationConfirmationGuid(Guid.NewGuid());
            }

            mojoProfileConfiguration profileConfig
                = mojoProfileConfiguration.GetConfig();

            // set default values first
            foreach (mojoProfilePropertyDefinition propertyDefinition in profileConfig.PropertyDefinitions)
            {
            #if!MONO
                // we are using the new TimeZoneInfo list but it doesn't work under Mono
                // this makes us skip the TimeOffsetHours setting from mojoProfile.config which is not used under windows
                if (propertyDefinition.Name == mojoProfilePropertyDefinition.TimeOffsetHoursKey) { continue; }
            #endif
                mojoProfilePropertyDefinition.SavePropertyDefault(
                    newUser, propertyDefinition);
            }

            foreach (mojoProfilePropertyDefinition propertyDefinition in profileConfig.PropertyDefinitions)
            {
            #if!MONO
                // we are using the new TimeZoneInfo list but it doesn't work under Mono
                // this makes us skip the TimeOffsetHours setting from mojoProfile.config which is not used under windows
                if (propertyDefinition.Name == mojoProfilePropertyDefinition.TimeOffsetHoursKey) { continue; }
            #endif
                if ((propertyDefinition.RequiredForRegistration)||(propertyDefinition.ShowOnRegistration))
                {
                    mojoProfilePropertyDefinition.SaveProperty(
                        newUser,
                        pnlRequiredProfileProperties,
                        propertyDefinition,
                        timeOffset,
                        timeZone);
                }
            }

            // track user ip address
            UserLocation userLocation = new UserLocation(newUser.UserGuid, SiteUtils.GetIP4Address());
            userLocation.SiteGuid = siteSettings.SiteGuid;
            userLocation.Hostname = Page.Request.UserHostName;
            userLocation.Save();

            UserRegisteredEventArgs u = new UserRegisteredEventArgs(newUser);
            OnUserRegistered(u);

            CacheHelper.ClearMembershipStatisticsCache();

            NewsletterHelper.ClaimExistingSubscriptions(newUser);

            DoUserLogin(newUser);
        }
Exemplo n.º 8
0
        void RegisterUser_CreatedUser(object sender, EventArgs e)
        {
            TextBox txtEmail = (TextBox)CreateUserWizardStep1.ContentTemplateContainer.FindControl("Email");
            TextBox txtUserName = (TextBox)CreateUserWizardStep1.ContentTemplateContainer.FindControl("UserName");

            if (txtEmail == null) { return; }
            if (txtUserName == null) { return; }

            SiteUser siteUser;

            if (siteSettings.UseEmailForLogin)
            {
                siteUser = new SiteUser(siteSettings, txtEmail.Text);
            }
            else
            {
                siteUser = new SiteUser(siteSettings, txtUserName.Text);
            }

            if (siteUser.UserId == -1) return;

            if (pnlProfile != null)
            {
                mojoProfileConfiguration profileConfig = mojoProfileConfiguration.GetConfig();

                // set default values first
                foreach (mojoProfilePropertyDefinition propertyDefinition in profileConfig.PropertyDefinitions)
                {
            #if!MONO
                    // we are using the new TimeZoneInfo list but it doesn't work under Mono
                    // this makes us skip the TimeOffsetHours setting from mojoProfile.config which is not used under windows
                    if (propertyDefinition.Name == mojoProfilePropertyDefinition.TimeOffsetHoursKey) { continue; }
            #endif
                    mojoProfilePropertyDefinition.SavePropertyDefault(siteUser, propertyDefinition);
                }

                foreach (mojoProfilePropertyDefinition propertyDefinition in profileConfig.PropertyDefinitions)
                {
            #if!MONO
                    // we are using the new TimeZoneInfo list but it doesn't work under Mono
                    // this makes us skip the TimeOffsetHours setting from mojoProfile.config which is not used under windows
                    if (propertyDefinition.Name == mojoProfilePropertyDefinition.TimeOffsetHoursKey) { continue; }
            #endif
                    if ((propertyDefinition.RequiredForRegistration)||(propertyDefinition.ShowOnRegistration))
                    {
                        mojoProfilePropertyDefinition.SaveProperty(
                            siteUser,
                            pnlProfile,
                            propertyDefinition,
                            timeOffset,
                            timeZone);
                    }
                }

            }

            // track user ip address
            UserLocation userLocation = new UserLocation(siteUser.UserGuid, SiteUtils.GetIP4Address());
            userLocation.SiteGuid = siteSettings.SiteGuid;
            userLocation.Hostname = Page.Request.UserHostName;
            userLocation.Save();

            CacheHelper.ClearMembershipStatisticsCache();

            if (
                (!siteSettings.UseSecureRegistration)
                &&(
                    (!siteSettings.RequireApprovalBeforeLogin)
                    ||(siteUser.ApprovedForLogin)
                  )
                )
            {
                if (siteSettings.UseEmailForLogin)
                {
                    FormsAuthentication.SetAuthCookie(siteUser.Email, false);
                }
                else
                {
                    FormsAuthentication.SetAuthCookie(siteUser.LoginName, false);
                }

                if (WebConfigSettings.UseFoldersInsteadOfHostnamesForMultipleSites)
                {
                    string cookieName = "siteguid" + siteSettings.SiteGuid;
                    CookieHelper.SetCookie(cookieName, siteUser.UserGuid.ToString(), false);
                }

                siteUser.UpdateLastLoginTime();

            }

            DoSubscribe(siteUser);

            UserRegisteredEventArgs u = new UserRegisteredEventArgs(siteUser);
            OnUserRegistered(u);
        }
        private void CreateUser(
            string openId,
            string email,
            string loginName,
            string name)
        {
            SiteUser newUser = new SiteUser(siteSettings);
            newUser.Email = email;

            if (loginName.Length > 50) loginName = loginName.Substring(0, 50);

            int i = 1;
            while (SiteUser.LoginExistsInDB(
                siteSettings.SiteId, loginName))
            {
                loginName += i.ToString();
                if (loginName.Length > 50) loginName = loginName.Remove(40, 1);
                i++;

            }
            if ((name == null) || (name.Length == 0)) name = loginName;
            newUser.LoginName = loginName;
            newUser.Name = name;
            //newUser.Password = SiteUser.CreateRandomPassword(7);
            mojoMembershipProvider mojoMembership = (mojoMembershipProvider)Membership.Provider;
            newUser.Password = mojoMembership.EncodePassword(siteSettings, newUser, SiteUser.CreateRandomPassword(7, WebConfigSettings.PasswordGeneratorChars));
            newUser.PasswordQuestion = Resource.ManageUsersDefaultSecurityQuestion;
            newUser.PasswordAnswer = Resource.ManageUsersDefaultSecurityAnswer;
            newUser.OpenIdUri = openId;
            newUser.Save();
            if (siteSettings.UseSecureRegistration)
            {
                newUser.SetRegistrationConfirmationGuid(Guid.NewGuid());
            }

            mojoProfileConfiguration profileConfig
                = mojoProfileConfiguration.GetConfig();

            // set default values first
            foreach (mojoProfilePropertyDefinition propertyDefinition in profileConfig.PropertyDefinitions)
            {
                mojoProfilePropertyDefinition.SavePropertyDefault(
                    newUser, propertyDefinition);
            }

            foreach (mojoProfilePropertyDefinition propertyDefinition in profileConfig.PropertyDefinitions)
            {
                if ((propertyDefinition.RequiredForRegistration)||(propertyDefinition.ShowOnRegistration))
                {
                    mojoProfilePropertyDefinition.SaveProperty(
                        newUser,
                        pnlRequiredProfileProperties,
                        propertyDefinition,
                        timeOffset,
                        timeZone);
                }
            }

            // track user ip address
            UserLocation userLocation = new UserLocation(newUser.UserGuid, SiteUtils.GetIP4Address());
            userLocation.SiteGuid = siteSettings.SiteGuid;
            userLocation.Hostname = Page.Request.UserHostName;
            userLocation.Save();

            UserRegisteredEventArgs u = new UserRegisteredEventArgs(newUser);
            OnUserRegistered(u);

            CacheHelper.ClearMembershipStatisticsCache();

            NewsletterHelper.ClaimExistingSubscriptions(newUser);

            DoUserLogin(newUser);
        }
Exemplo n.º 10
0
        private void CreateUser()
        {
            if (SiteUser.EmailExistsInDB(siteSettings.SiteId, txtEmail.Text))
            {
                lblErrorMessage.Text = Resource.DuplicateEmailMessage;
                return ;
            }

            if (SiteUser.LoginExistsInDB(siteSettings.SiteId, txtLoginName.Text))
            {
                lblErrorMessage.Text = Resource.DuplicateUserNameMessage;
                return;
            }

            SiteUser user = new SiteUser(siteSettings);
            user.Name = txtName.Text;
            user.LoginName = txtLoginName.Text;
            user.Email = txtEmail.Text;
            user.TimeZoneId = siteSettings.TimeZoneId;

            mojoMembershipProvider mojoMembership = (mojoMembershipProvider)Membership.Provider;
            user.Password = mojoMembership.EncodePassword(siteSettings, user, txtPassword.Text);
            user.MustChangePwd = chkRequirePasswordChange.Checked;

            if(user.Save())
            {
                user.PasswordQuestion = this.txtPasswordQuestion.Text;
                user.PasswordAnswer = this.txtPasswordAnswer.Text;
                user.Save();

                mojoProfileConfiguration profileConfig = mojoProfileConfiguration.GetConfig();
                // set default values
                foreach (mojoProfilePropertyDefinition propertyDefinition in profileConfig.PropertyDefinitions)
                {
                    if (propertyDefinition.Name == mojoProfilePropertyDefinition.TimeZoneIdKey) { continue; }

                    mojoProfilePropertyDefinition.SavePropertyDefault(user, propertyDefinition);
                }

                CacheHelper.ClearMembershipStatisticsCache();

                if (WebConfigSettings.NewsletterAutoSubscribeUsersCreatedByAdmin)
                {
                    DoSubscribe(user);
                }

                UserRegisteredEventArgs u = new UserRegisteredEventArgs(user);
                OnUserRegistered(u);

                WebUtils.SetupRedirect(this, SiteRoot
                    + "/Admin/ManageUsers.aspx?userId=" + user.UserId.ToInvariantString()
                    + "&username="******"&pageid=" + pageID.ToInvariantString());
                return;

            }
        }
Exemplo n.º 11
0
        public override bool ValidateUser(string userName, string password)
        {
            /*
             Takes, as input, a user name and a password and verifies that they are valid-that is, that
             * the membership
             * data source contains a matching user name and password. ValidateUser returns true if the
             * user name and
             * password are valid, if the user is approved (that is, if MembershipUser.IsApproved is true),
             * and if the user
             * isn't currently locked out. Otherwise, it returns false. Following a successful validation,
             * ValidateUser updates
             * the user's LastLoginDate and fires an AuditMembershipAuthenticationSuccess Web event.
             * Following a failed validation,
             * it fires an AuditMembershipAuthenticationFailure Web event.

             */

            SiteSettings siteSettings = GetSiteSettings();

            if (siteSettings == null) { return false; }

            if (string.IsNullOrEmpty(userName)) { return false; }
            if (string.IsNullOrEmpty(password)) { return false; }

            bool result = false;

            if (
                (siteSettings.UseEmailForLogin)
                && (userName.Length > EmailMaxlength)
                )
            {
                return result;
            }

            if (
                (!siteSettings.UseEmailForLogin)
                && (userName.Length > LoginnameMaxlength)
                )
            {
                return result;
            }

            //previous implementation

            //SiteUser siteUser = null;
            //string encPassword = EncodePassword(password, siteSettings);

            //string user;
            //if (!siteSettings.UseLdapAuth || (siteSettings.UseLdapAuth && WebConfigSettings.UseLDAPFallbackAuthentication))
            //{
            //    user = SiteUser.Login(siteSettings, userName, encPassword);
            //    if ((user != null) && (user != String.Empty))
            //    {
            //        result = true;
            //        siteUser = new SiteUser(siteSettings, userName);
            //    }
            //    else if (!siteSettings.UseLdapAuth)
            //    {
            //        // need to create the user here so we can increment the failed password attmpt count below
            //        siteUser = new SiteUser(siteSettings, userName);
            //    }
            //}
            //if (siteSettings.UseLdapAuth && siteUser == null)
            //{
            //    user = SiteUser.LoginLDAP(siteSettings, userName, password, out siteUser);
            //    if ((user != null) && (user != String.Empty))
            //    {
            //        result = true;
            //        if (siteUser != null)
            //        {
            //            //we just auto created a user who was validated against LDAP, but did not exist as a site user
            //            NewsletterHelper.ClaimExistingSubscriptions(siteUser);
            //            UserRegisteredEventArgs u = new UserRegisteredEventArgs(siteUser);
            //            OnUserRegistered(u);
            //        }
            //        else
            //        {
            //            siteUser = new SiteUser(siteSettings, userName);
            //        }
            //    }
            //}

            SiteUser siteUser = GetSiteUser(siteSettings, userName);

            if ((siteUser != null) && (siteUser.IsLockedOut) && (WebConfigSettings.ReturnFalseInValidateUserIfAccountLocked))
            {
                return false;
            }

            if ((siteUser != null) && (siteUser.IsDeleted) && (WebConfigSettings.ReturnFalseInValidateUserIfAccountDeleted))
            {
                return false;
            }

            if (siteSettings.UseLdapAuth)
            {
                SiteUser createdUser = null;
                string user = SiteUser.LoginLDAP(siteSettings, userName, password, out createdUser);
                if (!(string.IsNullOrEmpty(user)))
                {
                    result = true;
                    if (createdUser != null)
                    {
                        //we just auto created a user who was validated against LDAP, but did not exist as a site user
                        siteUser = createdUser;
                        // lets make sure to use the right password encoding, the auto creation assigned a random one but did not encode it
                        siteUser.Password = EncodePassword(siteSettings, siteUser, siteUser.Password);
                        siteUser.Save();
                        NewsletterHelper.ClaimExistingSubscriptions(siteUser);
                        UserRegisteredEventArgs u = new UserRegisteredEventArgs(siteUser);
                        OnUserRegistered(u);
                    }
                    //else
                    //{
                    //    siteUser = new SiteUser(siteSettings, userName);
                    //}
                }
                else if((siteSettings.AllowDbFallbackWithLdap)&&(siteUser != null))
                {
                    // ldap auth failed but we did find a matching user in the db
                    // and we are allowing db users in addition to ldap
                    // so validate the db way
                    result = PasswordIsValid(siteSettings, siteUser, password);
                }

            }
            else
            {
                result = PasswordIsValid(siteSettings, siteUser, password);
            }

            if (result)
            {
                siteUser.UpdateLastLoginTime();

                //PerfCounters.IncrementCounter(AppPerfCounter.MEMBER_SUCCESS);

                // this raises an error for some reason just by raisng the event
                // maybe because there is no handler for it

                //mojoWebAuthenticationSuccessAuditEvent webSuccess
                //    = new mojoWebAuthenticationSuccessAuditEvent(
                //            null,
                //            this,
                //            WebEventCodes.AuditMembershipAuthenticationSuccess,
                //            userName);

                //webSuccess.Raise();

            }
            else
            {

                if (
                    (siteSettings.MaxInvalidPasswordAttempts > 0)
                    && (siteUser != null)
                    && (siteUser.UserGuid != Guid.Empty))
                {
                    siteUser.IncrementPasswordAttempts(siteSettings);

                }

                if (WebConfigSettings.LogFailedLoginAttempts)
                {
                    log.Info("failed login attempt for user " + userName);
                }

                //PerfCounters.IncrementCounter(AppPerfCounter.MEMBER_FAIL);

                //mojoWebAuthenticationFailureAuditEvent webEvent
                //    = new mojoWebAuthenticationFailureAuditEvent(
                //            null,
                //            this,
                //            WebEventCodes.AuditMembershipAuthenticationFailure,
                //            userName);

                //webEvent.Raise();

            }

            return result;
        }