If you’re using the Membership API in asp.net and need to retrieve a user’s password, you can do so by doing this:

The latter is safer as it requires you to pass in the user’s security answer as an added check. This will give you the unencrypted password [The default membership system stores hashed passwords in the database].

To support this feature, you’ll need to have password retrieval enabled in the web.config. You can do this in the <membership> node under <system.web>. It’ll look something like this:

Hope that helps.

As Richard points out, hashed passwords cannot be retrieved. The hash is one way while having the password format set to encrypted enables retrieval of passwords. I’ve updated the web.config code to ensure that passwords can be retrieved.

There may be the need to programmatically logout the user in an asp.net application. If you’re using Forms authentication, this is very simple to do:

You may also need to block the currently logged in / specific user from the system. This may be needed to avoid th possibility of someone doing brute force attacks to get to site data (once they’re logged in). This is also quite simple:

To unblock the user, all you’d need to do is:

Hope that helps.

It’s finally happening…we’re having an MS dev (and IT) event here in Dhaka, Bangladesh. This is the first one ever and marks a significant landmark for the software industry here. It’s going to be held on June 20, at IDB Bhaban Auditorium. You can find details and register (mandatory) for the event here:

http://msdnbangladesh.net/content/msday.aspx

Seats are limited…only 200 in total. It’s open for devs, IT pros and students.

I’ll be doing a half hour session on Windows Azure, from 2:45pm to 3:15pm. It’s the first time I’m doing something like this, and I hope it goes well.

If you’re a dev / IT pro / student enthusiastic about MS technology, then register and be there. The MVPs from Bangladesh will be there and they’ll be doing sessions covering asp.net, MVC, silverlight 3, Win 7, IE8, Office 2007, VS 2010 Team System, Windows Live, MS Project, Sharepoint, Exchange Server, SQL 2008 – just be there…ok?

[The final agenda will be put up on the site on June 15.]

I’ve been looking to set up my own site for quite some time now. The things I had in mind required a great deal of development and, due to my workload with completing graduation and a few client projects, I just couldn’t find the time. In the last few weeks, I’ve been looking at alternatives to doing the whole thing on my own. I looked at a few offerings:

1. Graffiti

2. Umbraco

3. Dnn

4. AxCMS

5. BlogEngine.Net

The things I was gunning for:

1. Easy to set up

2. Easy to administer

3. Easy to extend

4. Easy to change the look

5. Must support adding my own pages / running my own code on a few pages

6. Something I can work on in my free time – not something one shot (as in you upload and it’s fixed, unless you spend hours developing)

7. Not cause me any headaches

8. Cost

1. Graffiti

Well…I looked here and there and I found a cool post by Joe Stagner (http://misfitgeek.com/blog/community/my-move-to-graffiti/ ) and I thought it was the right place to begin. I downloaded the express edition. I installed it and my initial reaction was “hmmm…let’s see if it gets better”. Playing around, it seems a very good package that does what it’s touted to do – it publishes content. Now, I wanted to be able to create a gallery like page that I may need for tutorials. I wanted something that would allow me to code Asp.net and not just html. Wasn’t exactly the easiest thing to do. I spent a couple of hours wanting to find out how to do it. Couldn’t. It seems everything is a blog post –and if you’re ok with that, Graffiti is awesome. I’m looking for some extensibility – without getting into the labyrinths of the API. For this, I can’t support Graffiti. Very reluctantly, I moved on. Sorry Telligent. Sorry Joe.

2. Umbraco

I’ve been looking to give umbraco a run for quite some time. I nearly used it way back in ‘04 when my boss wanted me to look at a few CMSes. At that time, the priorities changed and the CMS stuff was left in the dust. Umbraco was a nightmare to install back then – that didn’t help its cause.

So I download umbraco, installation is a breeze. Although, on my dev Win7 machine, I needed to change a few settings in IIS. I remember having to use the classic pipeline and also having to have umbraco in the root. That means it didn’t work in a sub folder of Default Website, even when configured as an application. I was looking to use the CMS at the root of my site, so that wasn’t a (big) problem.

This time, my reaction was “Whoah…this is cool.” The admin tool is awesome. It worked well with SQL Server. I was happy. Then came the extensibility test. One of the things umbraco is famous for is supported developer created modules (user controls). Since I had this in the back of my head, I thought umbraco would be a sure shot winner here. Unfortunately, it was not so. Yes, umbraco is very extensible. Yes, it can be made to do anything I want. Thing is, I didn’t want to have to “make” it do anything. I didn’t want to have to learn an API just so I could run my own Asp.net code. From Joes blog post mentioned earlier: “It’s flexible, really flexible. I’m sort of in a hurry. Umbraco wants to be embraced.” Also, my blog was at http://weblogs.asp.net/ashicmahtab – that’s on Community Server. It can export BlogML. I wanted those posts on this site. I wanted feeds to be done automatically. The blog modules for umbraco seem to be left wanting in terms of features. Sorry Neils…it would have taken too much of my time to get to where I wanted to be.

3. Dnn

Disclaimer: I hate dnn. Yet I am forced to work with it from time to time. Possibly that’s a reason for my hatred. It’s freakin’ awesome and it’s a freakin’ nightmare. It’s overkill for most things. It has some really cool features, but there’s a lot of bloat. And talk about extensibility – I can do anything if I create a module for it. But creating a module for each and everything isn’t my cup of tea. It’s counter-intuitive. Still, I installed it. installed the blog module. Made a few blog posts. It was acceptable. But I wasn’t happy. It’s blogging features wasn’t exactly great, but it was the best I had till then. It may have even made it’s way to my site. Hey – there’s even a LiveWriter plugin.

4. AxCMS

This used to be a pricey product, but it’s free in toned down mode. Unfortunately, it was too toned down for my taste. Next.

5. BlogEngine.Net

I’d actually started on getting a blog ready using dnn, when –almost by accident and reasons unknown to me, I decided to install BlogEngine. Just for laughs. Hey, I want a site, not just a blog. Still, I downloaded, set the db to SQL 2005, changed the web.config. Ran the site – doesn’t look too good, but let’s see how we can change that, shall we? I looked at how I could theme it. The admin panel couldn’t do anything –it didn’t even allow me to edit the css. So, how on earth am I supposed to style this thing. And then it hit me – there’s a theme folder with folders for each theme. And in those folders, there’s a real life MasterPage and user controls for PostView and CommentView. There’s css and images and everything. I could work with the aspx code. I could plant in any user or server controls I wanted. That’s when I started giving this some serious consideration. I started looking around for how I could put my own code and pages into the system. Well, it supports user controls very easily. Just ERROR - UNABLE TO LOAD CONTROL : path type syntax is all that’s needed. That’s HUGE. It also supports adding pages from the admin panel. There’s one drawback to that approach – the url becomes something like “www.heartysoft.com/page/pageName.aspx”. Many people don’t seem to like the “page” section in the middle there. That wasn’t too big a downer for me. Next, I saw that you can derive your custom aspx page from a BlogEngine.Net type, and it’d simple carry out all the theming and Masterpage assignment. You could then code the page however way you wanted. That’s the knockout blow right there. I can code my own asp.net code and seamlessly integrate it into BlogEngine.Net. So, I put my site up. And no, I don’t like the theme I’m using. I’ll probably change it if / when I get some free time. And even if I don’t, it’s still useable. I can add sections and pages that hold my own code later on when I get the time. It supports feedburner, is completely open source, works with SQL Server without any hassles, theming is changing aspx markup – just like editing my own markup. Importing from the Community Server generated BlogML was smooth on my pc (although a little trickier for my remote server – I’ll save that for another post). All in all, I’ve got my basic  site up and running in less than half a day. And the best thing is that I can change it, add to it and work it as if it’s my own app – without knowing anything about the API. Granted, I can do some cool stuff with the API, but that should be optional. I should be able to use my own code when I want to and need to – without being forced to swallow a framework. And this is where BlogEngine.Net has excelled above and beyond the others I’ve tried.

Even after installing, I didn’t expect to be quite this happy with this thing, and yet I am. If you haven’t tried it yet, go ahead. Go to the site: http://dotnetblogengine.net/ , download it now, give it a shot. It’s awesome.