BetterMembership


Better implementation of ExtendedMembershipProvider with compatibility for MembershipProvider

Configuration

customisation

The BetterMembershipProvider supports the following properties, which can be defined via attributes set on the BetterMembershipProvider provider config section. The default values are also documented below.

AutoInitialize true

Automatically calls WebSecurity.InitializeDatabaseConnection is called once, and forces to run against current provider rather than the default instance.

ConnectionStringName DefaultConnection

The database connection to use for database access, specified in calls to WebSecurity.InitializeDatabaseConnection.

UserTableName UserProfile

The user table containing user data, specified in calls to WebSecurity.InitializeDatabaseConnection. This may be pre-existing custom user table or a new table. It must contain unique identifier (Int32) and a column that can be used as userName.

UserNameColumn UserName

The name of the column to use for storing userName, specified in calls to WebSecurity.InitializeDatabaseConnection.

UserIdColumn UserId

The name of the column to use for storing the unique identifier of the user, specified in calls to WebSecurity.InitializeDatabaseConnection.

UserEmailColumn Not Set

The name of the column to use for storing the email address of the user, which will then be mapped to MembershipProvider APIs. If not set, then any FindByEmail APIs will treat email as username, and the email property of MembershipUser will be null.

AutoCreateTables true

Determines whether to initialize the database schema automatically, specified in calls to WebSecurity.InitializeDatabaseConnection.

MaxInvalidPasswordAttempts 2147483647

The max number of password attempts during the permitted window before an account is locked out.

PasswordAttemptWindow -1

The time in minutes during which consecutive failed password attempts count towards locking out an account. The account is reactivated once the time since the last unsuccessful attempt has lapsed.

MinRequiredNonalphanumericCharacters 0

The minimum number of non-alphanumeric characters required in user passwords.

MinRequiredPasswordLength 1

The minimum length for user passwords.

RequiresUniqueEmail false

Determines whether a user email address is a required field, and that it must be unique in the database. This cannot be set without also defining UserEmailColumn.

MaxEmailLength 254

The maximum length for user email addresses.

MaxUserNameLength 56

The maximum length for usernames.

MaxPasswordLength 128

The maximum length for user passwords.

EmailStrengthRegularExpression ^[0-9a-zA-Z.+-]+@[0-9a-zA-Z.+-]+.[a-zA-Z]{2,4}$

The regular expression used to validate user passwords.

UserNameRegularExpression ^[0-9a-zA-Z_-]+$

The regular expression used to validate usernames.

AllowEmailAsUserName true

Enables an email address to be used as the username. This is to provide better out-of-box with external authentication providers without compromising username validation. If set, a username containing @ will be validated as an email address, otherwise it will be validated as username.

ApplicationName /

Reports the associated ApplicationName when used in context of MembershipProvider, the value is otherwise ignored.