When trying to call resetpassword in webservice there is an exception "Object reference not set to an instance of an object" I verified that enablePasswordReset is set to true SecurityConfig and that the userManager is reading it correctly. The same code in an existing website project works without any issue however when implemented in a webservice the issue occurs. The web.config contains a connectionstring to Sitefinity on our development environment. It does successfully create the new user there on the development environment (see below) at the line >User user = userManager.CreateUser(logon.UserCode, password, email, question, answer, true, null, out status);
I copied the confirguration files from the website project to the webservice project App_Data\Sitefinity\Configuration folder.
In the SecurityConfig.config file the membershipProviders default provider is setup as follows. I verified that usermanager is getting these values.
<add minRequiredPasswordLength="6" newPasswordLength="6" requiresUniqueEmail="false" enablePasswordRetrieval="true" enablePasswordReset="true" name="Default" />
Another issue I encountered was the error “You are not authorized to 'Manage Users' ('Backend')” when it called userManager.SaveChanges();
I got around that issue with userManager.Provider.SuppressSecurityChecks = true; This was also an issue with profileManager.SaveChanges(); which was resolved with profileManager.Provider.SuppressSecurityChecks = true;
However when it calls user.ResetPassword(); the exception shown below occurs:
I verified that the user is created in sitefinity on the development environment and also checked to ensure that the newly created user in the sf_users table of the Sitefinity database has a password before calling ResetPassword.
The following is a snippet of the code where the issue occurs:
if (status == MembershipCreateStatus.Success)
user.FirstName = logon.Person.FirstName;
user.LastName = logon.Person.LastName;
userManager.Provider.SuppressSecurityChecks = true;
userManager.Provider.SuppressSecurityChecks = false;
UserProfileManager profileManager = UserProfileManager.GetManager();
UserProfile profile = profileManager.CreateProfile(user, typeof(SitefinityProfile).FullName);
profileManager.Provider.SuppressSecurityChecks = true;
profileManager.Provider.SuppressSecurityChecks = false;