in my web.config and when I remove the html elemets and try to create a user, it doesn't create it.  I am also trying to get the excpetion that comes back but I can't figure that out either.

In summary, 2 questions:

1) How to remove the question and answer from the CreateUserWizard?

2) How to catch exceptions from the CreateUserWizard control?

Do I need to implement my own Membership Provider for this to occur?  Right now I am just using the default.

Anyone know how to resolve this?  My search through the forums has come up kind of empty.

 Thanks,
Greg

You dont need to implement your own membership provider, if your trying to use the default create user control of asp.net, your going to run into headaches eliminating the security question, your best bet is to take a minute or two and write your own, it's fairly simple.

You can access all the properties of the membership system through the keyword membership.

Your probably going to want to do something similar to this.

Just create your own page with lablels, textboxes, and a submit button

Once you have that done, you can do something very similar to this: (I'm just copying and pasting the entire code section from my own app)

Protected Sub Button1_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles Button1.Click
        If Page.IsValid Then
            If Not InsertUser() = "failed" Then
                If Not CreateProfile() = False Then
                    Response.Redirect("newaccount.aspx?avcx=")
                End If
            End If
        End If

    End Sub
 Public Function InsertUser() As String
        Dim UserName, password, email, secquestion, secanswer As String
        UserName = TextBox1.Text
        password = TextBox2.Text
        email = TextBox4.Text
        secquestion = DropDownList1.SelectedItem.Text
        secanswer = TextBox5.Text
        Dim status As MembershipCreateStatus
        Try
            Dim newUser As MembershipUser = Membership.CreateUser(UserName, password, email, secquestion, secanswer, True, status)
            If newUser Is Nothing Then
                ErrorMessage.Text = GetErrorMessage(status)
                Return "failed"
            Else
                If Membership.ValidateUser(newUser.ToString, password) Then
                    FormsAuthentication.SetAuthCookie(newUser.ToString, True)
                    SendMail.NewAccount("newaccount@liquidhue.com", "Account Registration", True, "Your new account is registered", email, "Testing")
                    Return newUser.ToString
                End If

            End If
        Catch ex As Exception
            ErrorMessage.Text = ex.Message.ToString
            Return "failed"
        End Try
        Return "failed"
    End Function
Public Function GetErrorMessage(ByVal status As MembershipCreateStatus) As String
        Select Case status
            Case MembershipCreateStatus.DuplicateUserName
                Return "Username already exists. Please enter a different user name."
            Case MembershipCreateStatus.DuplicateEmail
                Return "A username for that e-mail address already exists. Please enter a different e-mail address."
            Case MembershipCreateStatus.InvalidPassword
                Return "The password provided is invalid. Please enter a valid password value."
            Case MembershipCreateStatus.InvalidEmail
                Return "The e-mail address provided is invalid. Please check the value and try again."
            Case MembershipCreateStatus.InvalidAnswer
                Return "The password retrieval answer provided is invalid. Please check the value and try again."
            Case MembershipCreateStatus.InvalidQuestion
                Return "The password retrieval question provided is invalid. Please check the value and try again."
            Case MembershipCreateStatus.InvalidUserName
                Return "The user name provided is invalid. Please check the value and try again."
            Case MembershipCreateStatus.ProviderError
                Return "The authentication provider returned an error. Please verify your entry and try again. If the problem persists, please contact LiquidHue Support."
            Case MembershipCreateStatus.UserRejected
                Return "The user creation request has been canceled. Please verify your entry and try again. If the problem persists, please contact LiquidHue Support."
            Case Else
                Return "An unknown error occurred. Please verify your entry and try again. If the problem persists, please contact LiquidHue Support."
        End Select
    End Function

I was afraid that was the answer.  Once again, if you want the least little change in the out of the box controls, you have to reinvent it.  I should've known better than to use the default controls from MS.  They seem to bite me everytime.  I know its not much to implement it but just once I would like to use something that MS creates to help the user that you don't have to redo.  I also need to customize the error message if the password doesn't meet the security rules as I don't require any non-alphanumeric characters so it comes back with the standard error which is misleading.

Thanks for your insight.

Greg

Hi,

The solution above looks like just what I need, since I don't want to put in the security question, and have seen similar code in another example (so it's not that scary.)

One thing I don't understand, though, is what happens to the password field.  If I write my own data capture page for the registration info, how do I:

A) get the password to do that little "no-see-um" trick when it's being typed in, and

B) get the password to do the encrypting/decrypting etc.

Any guidance with this would be appreciated.

(Also, Greg, I found your response to be completely in tune with what I ran into today.  I'd like to use the membership functions for the password control, and as little as possible, otherwise.)

Hello to you both,

Sorry that the code provided seems like a monumental task.  If your looking at a customization, the best way to use this, is to put it into a custom usercontrol and drop it onto any page you need it.

To get the password box to do the "no see um" trick as you call it.  You actually work with the properties of the text box, which has nothing to do with the user login portion at all.  Simply set it's type (you have three possible options) to password.  The other two options being Single Line, Multi-Line. 

The Membership system, which your still incorportating will handle the password encryption before it's stored in the membership table.  Really this set of code is barely a customization.  Your just providing your own "collection" method and letting the membership framework do the rest, just as it always did.

Thanks for tip on password.   The code's good...(looks like an excerpt from MSDN I ran across :-0)

 I used "customize create user step" on front of createuserwizard to make the security question and answer fields hidden.

Once I wrapped my head around the wiring and the options, and particularly walking through all the use cases that I needed to implement, the membership utilities started to make sense...

Still couldn't get custom fields inside the wizard to work, though...but I'm not going that direction anymore;  fully custom collection works fine.

http://msdn2.microsoft.com/en-us/library/ms178342.aspx   << basic customization

http://msdn2.microsoft.com/en-us/library/82xx2e62.aspx   << here's where I saw that similar code

http://odetocode.com/Articles/427.aspx  <<  "ERD" for membership...nice to see

http://weblogs.asp.net/scottgu/archive/2006/04/22/443634.aspx  << a key thing to catch, apparently, in deployment

http://aspnet.4guysfromrolla.com/articles/120705-1.aspx  <<< always a big help

http://aspnet.4guysfromrolla.com/articles/040506-1.aspx  <<< ditto

Challenges in customizing the wizard, described in the responses to this

http://forums.asp.net/thread/1399854.aspx

Basically, you have to work to dig the custom field data out....

http://aspnet.4guysfromrolla.com/articles/062806-1.aspx   <<< I'm thinking if there had been a better way, these guys would have found it...

after adding this (requiresQuestionAndAnswer="false") to the membership provider in the web.config I was able to see that

is set to false (which is correct) right before I call

Membership.CreateUser(...)

However CreateUser always comes back with an InvalidQuestion status. In order to get it to work every user has a dummy question and answer. I looked at the source code of CreateUser:

I got the Question / Answer text boxes to come out of the CreateUserWizard.  But how can I get the PasswordRecovery to e-mail the password out with just the username?

I've been banging my head over this the last little while.

Go to the web.config file, set requiresQuestionAndAnswer="false"

Create a condition statement in the code:

        String userName = tUserName.Text;
        String password = tPassword.Text;
        String cPassword = tCPassword.Text;
        String email = tEmail.Text;
        String question = tSecurityQuestion.Text;
        String answer = tSecurityAnswer.Text;
        MembershipCreateStatus status = new MembershipCreateStatus();
        MembershipUser newUser;

        try
        {
            if (question != "")
            {        
                newUser = Membership.CreateUser(userName, password, email, question, answer, true, out status);
            }
            else
            {
                newUser = Membership.CreateUser(userName, password, email);
            }

        ...

The recover password will then not ask for the question / answer, but just for the username and e-mail the password.

This little condition statement works great for making the security question optional
 

Unfortunately, I need to call the overload with the question because my provider needs the providerUserKey. However, I'm currently not implementing question and answer so I would like to pass in an empty string for the question. Unfortunately, the ASP.NET team made an assumption that even though I set requiresquestionandanswer to false I actually really want question and answer. How nice of them to make that assumption for me.

 I guess for now I'l have to provide a dummy question to the call to create user but I feel so dirty with such a hack.

I'm not sure I understand, but I would like to help you through this issue.  Unfortunaly it does not seem like your expectations are realistic for the development of the tools you are using.

Re-examining what you are saying:  You dont want a question and answer, but you really do want a question and answer, and it's stupid of the Microsoft developers to assume, that if you set question and answer to false, that you really wanted it that way....

False should mean true (sometimes) and True should mean false (sometimes)

Microsoft has provided you with a compiler, and a development enviroment - any time what microsoft has provided you doesnt fit your needs you're more than welcome to extend it, override it, or start from scratch and write rules like "False = sometimes"  I personally like the products and technologies that they provide me to have clear deffinitions like False = False

I have the exact problem. If i use Membership.CreateUser(userName, password, email), how do i check the MembershipCreateStatus of success,

the last argument result is not avialable in the former method.

Any help appreciate.

may be something like this

MembershipCreateStatus status = MembershipCreateStatus.Success;