Wrox Programmer Forums

Need to download code?

View our list of code downloads.

| FAQ | Members List | Search | Today's Posts | Mark Forums Read
BOOK: Beginning ASP.NET 2.0 BOOK VB ISBN: 978-0-7645-8850-1; C# ISBN: 978-0-470-04258-8
This is the forum to discuss the Wrox book Beginning ASP.NET 2.0 by Chris Hart, John Kauffman, David Sussman, Chris Ullman; ISBN: 9780764588501
Welcome to the p2p.wrox.com Forums.

You are currently viewing the BOOK: Beginning ASP.NET 2.0 BOOK VB ISBN: 978-0-7645-8850-1; C# ISBN: 978-0-470-04258-8 section of the Wrox Programmer to Programmer discussions. This is a community of tens of thousands of software programmers and website developers including Wrox book authors and readers. As a guest, you can read any forum posting. By joining today you can post your own programming questions, respond to other developers’ questions, and eliminate the ads that are displayed to guests. Registration is fast, simple and absolutely free .
DRM-free e-books 300x50
 
 
Thread Tools Search this Thread Display Modes
  #1 (permalink)  
Old March 27th, 2006, 12:23 AM
Registered User
 
Join Date: Mar 2006
Location: , , .
Posts: 4
Thanks: 0
Thanked 0 Times in 0 Posts
Default Handling isLockedOut isn't implemented

I've been working my way through the book and one of the things that I've noticed is that when an account becomes "locked out" after exceeding the number of default login attempts - since it's not specified I think the default value of 5 attempts is used - the login and password controls don't respond any differently to a login attempt after the account is locked out than they do when the account is still open. In both cases, for a wrong password, the control displays:

Your login attempt was not successful. Please try again.

However, in the case of a locked out account, even typing in the correct password displays the same message:

>>Your login attempt was not successful. Please try again.

From a usability standpoint, I'd think that you'd need to tell your users to contact an admin to have their account unlocked or wait before trying again.

According to MS, the default time, if not specified, is 10 minutes.

Unfortunately, this brought up another problem - in the database that was shipped to me, the time was updated incorrectly. Instead of showing a time of 3/26/2006 9:46 PM, the LastLockedOut date shows as 3/27/2006 3:45:23 AM. I think this means that the user’s account would automatically be eligible for unlocking not 10 minutes later, but 5 hours and 59 minutes later. Ouch!

How should this be handled? And where? Is this something that needs to be overriden in the provider or is this a page level event?

Thanks,

Joe.

  #2 (permalink)  
Old April 3rd, 2007, 04:06 AM
Registered User
 
Join Date: Nov 2006
Location: , , Netherlands.
Posts: 2
Thanks: 0
Thanked 0 Times in 0 Posts
Default

protected void Login1_LoginError(object sender, EventArgs e)
{
MembershipUser membershipUser = Membership.GetUser(Login1.UserName);
if (membershipUser != null && membershipUser.IsLockedOut)
{
Login1.FailureText = "Your account has been locked out because of a maximum number of incorrect login attemps.";
}
}

 


Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
operation not yet implemented RichardMaly Crystal Reports 11 January 8th, 2013 02:22 PM
Not Implemented Error fs22 Javascript 25 December 9th, 2005 11:06 AM
Ok datagrid implemented however macupryk General .NET 1 October 7th, 2004 11:29 AM



All times are GMT -4. The time now is 07:54 PM.


Powered by vBulletin®
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.
© 2013 John Wiley & Sons, Inc.