creating security token updates all user in membership table?

Hi All,

I am trying to create a security token and when I run:

token = SPSecurityContext.SecurityTokenForFormsAuthentication(base.AppliesTo, authProvider.MembershipProvider, authProvider.RoleProvider, username, password);

It updates every user entry I have in the aspnetdb membership table by changing the LastLoginDate to the current time for each record, not just the user that is passed as username in the above parameter. Does anyone know how to keep this to updating each record. I know it is that line of code for sure. I just dont understand what is it running in order to update each users record.

Here is more code that surround this but that line above is in GetSecurityToken(). I would really apprechiate any suggestions

Thank you,

Nici

 protected void signInControl_LoggingIn(object sender, LoginCancelEventArgs e)
        {
            SecurityToken token = null;

            if (null != (token = GetSecurityToken()))
            {
                SPFederationAuthenticationModule fam = SPFederationAuthenticationModule.Current;
                fam.SetPrincipalAndWriteSessionToken(token);
                base.RedirectToSuccessUrl();
            }
        }

        private void EstablishSessionWithToken(SecurityToken securityToken)
        {
            if (null == securityToken)
            {
                throw new ArgumentNullException("securityToken");
            }
            SPFederationAuthenticationModule fam = SPFederationAuthenticationModule.Current;

            if (null == fam)
            {
                throw new ArgumentException(null, "FederationAuthenticationModule");
            }

            fam.SetPrincipalAndWriteSessionToken(securityToken);
        }

        protected void signInControl_Authenticate(object sender, AuthenticateEventArgs e)
        {
            SecurityToken token = null;
            LoginControl formsLoginControl = sender as LoginControl;

            if (null != (token = GetSecurityToken()))
            {
                EstablishSessionWithToken(token);
                e.Authenticated = true;
                base.RedirectToSuccessUrl();
            }
        }


        private SPIisSettings IisSettings
        {
            get
            {

                SPWebApplication webApp = SPWebApplication.Lookup(new Uri(SPContext.Current.Web.Url));
                SPIisSettings settings = webApp.IisSettings[SPUrlZone.Default];
                return settings;
            }
        }


        private SecurityToken GetSecurityToken()
        {
            SecurityToken token = null;
            SPIisSettings iisSettings = IisSettings;

            SPFormsAuthenticationProvider authProvider = iisSettings.FormsClaimsAuthenticationProvider;

            token = SPSecurityContext.SecurityTokenForFormsAuthentication(base.AppliesTo, authProvider.MembershipProvider, authProvider.RoleProvider, username, password);

            return token;
        }
    }

Re: creating security token updates all user in membership table?

Hi,

SecurityTokenForFormsAuthentication function obtains a security token for a user authenticating through forms-based authentication.

http://msdn.microsoft.com/en-us/library/microsoft.sharepoint.spsecuritycontext.securitytokenforformsauthentication.aspx

Then get the MembershipUserCollection and foreach it.

MembershipUserCollection users=Membership.GetAllUsers();

MembershipUser objUser;

foreach (objUser in objUserCollection)
{

LastLoginDateLabel.Text = u.LastLoginDate.ToString();

}

Re: creating security token updates all user in membership table?

Thank you very much for the reply. From that link it mentions validateuser. I ran that funtion alone it it works just fine. Only updating the one user I pass to it. Why would or is the securitytoken executing something other than my customMembershipProvider.ValidateUser()

I am still struggling this, anything would help.

Thank you,

Nici

Re: creating security token updates all user in membership table?

token = SPFormsUserNameSecurityTokenHandler.CreateSecurityToken(authProvider.MembershipProvider, authProvider.RoleProvider, username, password);

so creating the token this way fixed it