/// <summary>
/// Changes user password.
/// </summary>
/// <param name="sender">Source of this event.</param>
/// <param name="e">Arguments of this event.</param>
protected void ChangeButton_Click(object sender, EventArgs e)
{
try
{
// Initialize the security provider.
ISecurityProvider provider = SecurityProviderUtility.CreateProvider(ChangePasswordUsername.Text);
if (provider.CanChangePassword)
{
// Attempt to change password.
if (provider.ChangePassword(ChangePasswordOldPassword.Text, ChangePasswordNewPassword.Text))
{
// Password changed successfully.
if (provider.Authenticate(ChangePasswordNewPassword.Text))
{
// Password authenticated successfully.
SecurityProviderCache.CurrentProvider = provider;
Response.Redirect(GetReferrerUrl(), false);
}
else
{
// Show why authentication failed.
if (!ShowFailureReason(provider))
{
ShowMessage("Authentication was not successful.", true);
}
}
}
else
{
// Show why password change failed.
if (!ShowFailureReason(provider))
{
ShowMessage("Password change was not successful.", true);
}
}
}
else
{
// Changing password is not supported.
ShowMessage("Account does not support password change.", true);
}
}
catch (SecurityException ex)
{
// Show security related error messages.
ShowMessage(ex.Message.EnsureEnd('.'), true);
}
catch (Exception ex)
{
// Show ambiguous message for other errors.
ShowMessage("Password change failed due to an unexpected error.", true);
System.Diagnostics.Trace.WriteLine(string.Format("Password change error: \r\n {0}", ex));
}
finally
{
ChangePasswordOldPassword.Focus();
}
}
/// <summary>
/// Initializes the web page.
/// </summary>
/// <param name="sender">Source of this event.</param>
/// <param name="e">Arguments of this event.</param>
protected void Page_Load(object sender, EventArgs e)
{
ConfigurationFile config = ConfigurationFile.Current;
CategorizedSettingsElementCollection settings = config.Settings[SettingsCategory];
CategorizedSettingsElement setting;
// Setup company logo.
setting = settings["CompanyLogo"];
if ((object)setting != null)
{
LogoImage.ImageUrl = setting.Value;
}
else
{
LogoImage.ImageUrl = Page.ClientScript.GetWebResourceUrl(typeof(SecurityPortal), EmbeddedCompanyLogo);
}
// Setup company link.
setting = settings["CompanyLink"];
if ((object)setting != null)
{
LogoLink.NavigateUrl = setting.Value;
}
else
{
LogoLink.NavigateUrl = DefaultCompanyLink;
}
// Setup help link.
setting = settings["HelpPage"];
if ((object)setting != null)
{
HelpLink.NavigateUrl = setting.Value;
}
else
{
HelpLink.NavigateUrl = Page.ClientScript.GetWebResourceUrl(typeof(SecurityPortal), EmbeddedHelpFile);
}
// Setup footer information.
setting = settings["FooterText"];
if ((object)setting != null)
{
FooterLabel.Text = setting.Value;
}
else
{
FooterLabel.Text = DefaultFooterText;
}
HelpImage.ImageUrl = Page.ClientScript.GetWebResourceUrl(typeof(SecurityPortal), EmbeddedHelpImage);
WarningImage.ImageUrl = Page.ClientScript.GetWebResourceUrl(typeof(SecurityPortal), EmbeddedWarningImage);
StyleSheet.Attributes["href"] = Page.ClientScript.GetWebResourceUrl(typeof(SecurityPortal), EmbeddedStyleSheet);
if (Request[StatusCodeRequestKey] == AccessDeniedStatusCode)
{
// Show access denied.
Page.Title = StaticPageTitle + " :: Access Denied";
AccessDeniedPanel.Visible = true;
ContentPlaceHolder.Controls.Add(AccessDeniedPanel);
}
else if (Request[StatusCodeRequestKey] == PasswordChangeStatusCode)
{
// Show change password.
Page.Title = StaticPageTitle + " :: Change Password";
ChangePasswordPanel.Visible = true;
ContentPlaceHolder.Controls.Add(ChangePasswordPanel);
// Setup UI.
ChangeButton.SetSubmitOnce();
ChangePasswordPanel.DefaultButton = ChangeButton.ID;
if (!Page.IsPostBack)
{
ChangePasswordUsername.Text = GetSavedUsername();
if (string.IsNullOrEmpty(ChangePasswordUsername.Text))
{
ChangePasswordUsername.Focus();
}
else
{
ChangePasswordOldPassword.Focus();
}
}
}
else if (Request[StatusCodeRequestKey] == PasswordResetStatusCode)
{
// Show reset password.
Page.Title = StaticPageTitle + " :: Reset Password";
if ((object)ViewState[UsernameKey] == null)
{
// Check for reset support.
ResetPasswordCheckPanel.Visible = true;
ContentPlaceHolder.Controls.Add(ResetPasswordCheckPanel);
// Setup UI.
ResetCheckButton.SetSubmitOnce();
ResetPasswordUsername.Focus();
ResetPasswordCheckPanel.DefaultButton = ResetCheckButton.ID;
}
else
{
// Perform password reset.
ResetPasswordFinalPanel.Visible = true;
ContentPlaceHolder.Controls.Add(ResetPasswordFinalPanel);
// Setup UI.
ResetFinalButton.SetSubmitOnce();
ResetPasswordSecurityAnswer.Focus();
ResetPasswordFinalPanel.DefaultButton = ResetFinalButton.ID;
ResetPasswordSecurityQuestion.Text = ViewState["SecurityQuestion"].ToString();
MessageLabel.Text = string.Empty;
}
}
else if (Request[StatusCodeRequestKey] == UnauthorizedStatusCode || (object)SecurityProviderCache.CurrentProvider == null || !User.Identity.IsAuthenticated)
{
// Show login.
Page.Title = StaticPageTitle + " :: Login";
LoginPanel.Visible = true;
ContentPlaceHolder.Controls.Add(LoginPanel);
// Setup UI.
LoginButton.SetSubmitOnce();
LoginPanel.DefaultButton = LoginButton.ID;
ForgotPassword.NavigateUrl = GetRedirectUrl(PasswordResetStatusCode);
ChangePassword.NavigateUrl = GetRedirectUrl(PasswordChangeStatusCode);
if (!Page.IsPostBack)
{
LoginUsername.Text = GetSavedUsername();
if (string.IsNullOrEmpty(LoginUsername.Text))
{
LoginUsername.Focus();
}
else
{
LoginPassword.Focus();
RememberUsername.Checked = true;
}
}
}
else
{
// Show my account.
Page.Title = StaticPageTitle + " :: My Account";
MyAccountPanel.Visible = true;
ContentPlaceHolder.Controls.Clear();
ContentPlaceHolder.Controls.Add(MyAccountPanel);
// Setup UI.
UpdateButton.SetSubmitOnce();
MyAccountPanel.DefaultButton = UpdateButton.ID;
if (!Page.IsPostBack)
{
ISecurityProvider provider = SecurityProviderCache.CurrentProvider;
ShowUserData(provider);
if (!provider.CanUpdateData)
{
AccountUserFirstName.Enabled = false;
AccountUserLastName.Enabled = false;
AccountUserEmailAddress.Enabled = false;
AccountUserPhoneNumber.Enabled = false;
AccountUserSecurityAnswer.Enabled = false;
UpdateButton.Enabled = false;
}
}
}
}