Lynicon ASP.Net Membership

Owned by James Ellis-Jones
Last updated: Jun 23, 2016

Lynicon's default membership system is built on ASP.Net Membership.  This is a deprecated system in the .Net world and cannot operate on ASP.Net Core, so this will be replaced by a customisation of the ASP.Net Identity system in the near future.

The default membership system requires the following configuration in web.config:

<system.web>
...
  <authentication mode="Forms">
    <forms loginUrl="~/Lynicon/Login" timeout="2880" />
  </authentication>
  <machineKey validationKey="..." decryptionKey="..." validation="SHA1" decryption="AES" />
  <membership defaultProvider="LightweightMembershipProvider">
    <providers>
      <clear />
      <add name="LightweightMembershipProvider" type="Lynicon.Membership.LightweightMembershipProvider" enablePasswordRetrieval="true" enablePasswordReset="true" requiresQuestionAndAnswer="false" initPassword="init" applicationName="/" requiresUniqueEmail="true" passwordFormat="Hashed" />
    </providers>
  </membership>
  <roleManager defaultProvider="LightweightRoleProvider" enabled="true">
    <providers>
      <clear />
      <add applicationName="/" name="LightweightRoleProvider" type="Lynicon.Membership.LightweightRoleProvider" />
    </providers>
  </roleManager>
...
</system.web>

The <machineKey> element requires unique key values to be entered, these can be generated on this url.

Also you need to add this line to Global.asax.cs:

protected void Application_OnPostAuthenticateRequest(object sender, EventArgs e)
{
  LyniconSecurityManager.Current.EnsureLightweightIdentity();
}