We have set our portal to support Password Reset only in response to requests from users. We've configured our language files etc so that the only time a password is sent via email is when an password reset is performed.

However, in testing this, we've found that there is an exception that will occur during user verification. The exception is "password retrieval is not enabled". Evidentally there is a call to GetPassword at this time.

AS works fine otherwise with password reset for existing users, so I figure it's reasonable to assume this should work  Naturally I want to raise it because it's not the ideal introduction to a new user!


Server Error in '/' Application. --------------------------- -----------------------------------------------------
Password Retrieval is not enabled Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code. Exception Details: System.Configuration.ConfigurationErrorsException: Password Retrieval is not enabled Source Error: The source code that generated this unhandled exception can only be shown when compiled in debug mode. To enable this, please follow one of the below steps, then request the URL: 1. Add a "Debug=true" directive at the top of the file that generated the error. Example: or: 2) Add the following section to the configuration file of your application: Note that this second technique will cause all files within a given application to be compiled in debug mode. The first technique will cause only that particular file to be compiled in debug mode. Important: Running applications in debug mode does incur a memory/performance overhead. You should make sure that an application has debugging disabled before deploying into production scenario.

Stack Trace: [ConfigurationErrorsException: Password Retrieval is not enabled] DotNetNuke.Entities.Users.UserController.GetPassword(UserInfo& user, String passwordAnswer) +172 Active.Modules.Social.SocialBase.ValidateUser(String vCode) +605 Active.Modules.Social.Controls.Verify.btnSubmit_Click(Object sender, EventArgs e) +1032 System.Web.UI.WebControls.Button.OnClick(EventArgs e) +115 System.Web.UI.WebControls.Button.RaisePostBackEvent(String eventArgument) +140 System.Web.UI.Page.RaisePostBackEvent(IPostBackEventHandler sourceControl, String eventArgument) +29 System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +11045496 System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +11045194 System.Web.UI.Page.ProcessRequest() +91 System.Web.UI.Page.ProcessRequest(HttpContext context) +240 ASP.default_aspx.ProcessRequest(HttpContext context) +9 System.Web.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +599 System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +171

Well, this just isn't supported right now. We also don't support the requireQuestionAnswer option either. There are a couple reasons for this, but it really comes down to providing the best possible solution for the default registration option. That being said, we should handle the error better. We will review this functionality again and see what we can do to incorporate support for this in the next release.

Thanks Will. It's curious, because of course everything else works, including the actual verification and even resetting the password, all via the AS module. It's only that one exception. You look at the exception and wonder why it would want to return the password to AS in any case :-)

@Will,

@Will,

This really needs to be addressed, as it affects not only registration verification, but also account updates! We just yesterday switched to password reset only to avoid sending user-entered password in clear text e-mails. Just discovered the problem in AS today. Looks like I'll have to switch back for now...