In ASP.NET Membership, why would resetPassword cause a "Specified Method not supported" error?

Question

using System.Web.Security;

I'm creating a resetPassword form in MVC4:

using System.Web.Security;

[HttpPost]
[AllowAnonymous]
public ActionResult ResetPassword(ResetPasswordModel model)
{
    MembershipUser u = Membership.GetUser(model.Username);

    if (HashResetParams(u.UserName, u.ProviderUserKey.ToString()) == model.Key)
    {
        string resetCode = u.ResetPassword();
        u.ChangePassword(resetCode, model.Password);
    }

    return View("ChangePasswordSuccess");
}

Any idea why I'm getting a "ResetPassword- Specified Method not supported" error when I hit the line:

string resetCode = u.ResetPassword();

I wonder if it has something to do with MVC4 projects defaulting to use the SimpleMembership implementation.

Also, I've seen various approaches on how to reset passwords in ASP.NET Membership, perhaps there's a better way?

Verify `enablePasswordReset="true"` in the add-provider tag in web.config. — H H, Sep 05 '12 at 19:47

score 20 · Answer 1 · answered Oct 19 '12 at 11:09

20

try to use:

string token = WebSecurity.GeneratePasswordResetToken(userName);
WebSecurity.ResetPassword(token, newPassword);

answered Oct 19 '12 at 11:09

zjerry

1,064
10
8

Thank you! This worked perfectly. I agree with Pinch, this IS the answer. – KennyJacobson Feb 26 '14 at 20:17
this should be the answer++ – stackoverfloweth Sep 22 '15 at 15:33

Josh · Accepted Answer · 2012-09-05T20:34:43.863

1

If you are using the SimpleMembershipProvider then yes:

By design, the SimpleMembershipProvider class does not implement the full range of functionality that is possible in ASP.NET membership providers, as defined in the MembershipProvider class that is used by all ASP.NET membership providers. Some members are available in the class because they are inherited from the base class, but will throw an exception if you access them.

The alternative would be to use the SqlMembershipProvider

You should have something similar to this in your web.config:

<membership defaultProvider="SqlProvider"
      userIsOnlineTimeWindow="15">
      <providers>
        <add 
          name="SqlProvider" 
          type="System.Web.Security.SqlMembershipProvider" 
          connectionStringName="SqlServices"
          applicationName="MyApplication"
          enablePasswordRetrieval="false"
          enablePasswordReset="true"
          requiresQuestionAndAnswer="true"
          requiresUniqueEmail="false"
          passwordFormat="Hashed"
          maxInvalidPasswordAttempts="5"
          passwordAttemptWindow="10" />
      </providers>
    </membership>

edited Sep 05 '12 at 20:34

answered Sep 05 '12 at 19:45

Josh

44,706
7
102
124

Thanks Josh- The default MVC4 project uses the [InitializeSimpleMembership] attribute on the Account Controller. I've removed that, and set my web.config section= . I'm still getting the error, do you know where else I need to specify the Membership provider? Many thanks – Hairgami_Master Sep 05 '12 at 20:29
1

You need to make sure that the provider is actually registered. defaultProvider is just a named provider. So it could say "Bob" or "Foo". What is important is that you actually have the provider configured with the SQL Membership provider. – Josh Sep 05 '12 at 20:34
Hey Josh- My ASP.NET configuration indicates I am using SqlMembershipProvider. If you can think of anything else, let me know. Many, many thanks! – Hairgami_Master Sep 05 '12 at 20:54
And you have `enablePasswordReset="true"` – Josh Sep 05 '12 at 20:58
I do, but man you had me face palming before I even checked. Thanks! – Hairgami_Master Sep 05 '12 at 20:59

In ASP.NET Membership, why would resetPassword cause a "Specified Method not supported" error?

2 Answers2

Linked