Membership.GeneratePassword(Int32, Int32) メソッド

定義

指定した長さのランダム パスワードを生成します。Generates a random password of the specified length.

public:
 static System::String ^ GeneratePassword(int length, int numberOfNonAlphanumericCharacters);
public static string GeneratePassword (int length, int numberOfNonAlphanumericCharacters);
static member GeneratePassword : int * int -> string
Public Shared Function GeneratePassword (length As Integer, numberOfNonAlphanumericCharacters As Integer) As String

パラメーター

length
Int32

生成されるパスワードの文字数。The number of characters in the generated password. 長さは 1 ~ 128 文字である必要があります。The length must be between 1 and 128 characters.

numberOfNonAlphanumericCharacters
Int32

生成されたパスワードに含まれている英数字以外の文字 (@、#、!、%、& など) の最小数。The minimum number of non-alphanumeric characters (such as @, #, !, %, &, and so on) in the generated password.

戻り値

String

指定した長さのランダム パスワード。A random password of the specified length.

例外

length が 1 未満か、128 よりも大きい値です。length is less than 1 or greater than 128 -or- numberOfNonAlphanumericCharacters が 0 未満であるか、または length を超えています。numberOfNonAlphanumericCharacters is less than 0 or greater than length.

次のコード例では、新しいメンバーシップユーザーを作成し、メソッドを使用して、 GeneratePassword 新しいユーザーのパスワードをランダムな値に初期化します。これはユーザーに表示されます。The following code example creates a new membership user and uses the GeneratePassword method to initialize the password for the new user to a random value, which is displayed to the user.

重要

この例には、セキュリティ上の脅威となる可能性のあるユーザー入力を受け付けるテキストボックスが含まれています。This example contains a text box that accepts user input, which is a potential security threat. 既定では、ASP.NET Web ページによって、ユーザー入力にスクリプトまたは HTML 要素が含まれていないかどうかが検証されます。By default, ASP.NET Web pages validate that user input does not include script or HTML elements. 詳細については、「スクリプトによる攻略の概要」を参照してください。For more information, see Script Exploits Overview.

<%@ Page Language="C#" %>
<%@ Import Namespace="System.Web.Security" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<script runat="server">

public void CreateUser_OnClick(object sender, EventArgs args)
{
  // Generate a new 12-character password with at least 1 non-alphanumeric character.
  string password = Membership.GeneratePassword(12, 1);

  try
  {
    // Create new user.
    MembershipUser newUser = Membership.CreateUser(UsernameTextbox.Text, password, 
                                                   EmailTextbox.Text);

    Msg.Text = "User <b>" + Server.HtmlEncode(UsernameTextbox.Text) + "</b> created. " +
               "Your temporary password is " + password + ".";
  }
  catch (MembershipCreateUserException e)
  {
    Msg.Text = GetErrorMessage(e.StatusCode);
  }
  catch (HttpException e)
  {
    Msg.Text = e.Message;
  }
}

public string GetErrorMessage(MembershipCreateStatus status)
{
   switch (status)
   {
      case MembershipCreateStatus.DuplicateUserName:
        return "Username already exists. Please enter a different user name.";

      case MembershipCreateStatus.DuplicateEmail:
        return "A username for that email address already exists. Please enter a different email address.";

      case MembershipCreateStatus.InvalidPassword:
        return "The password provided is invalid. Please enter a valid password value.";

      case MembershipCreateStatus.InvalidEmail:
        return "The email address provided is invalid. Please check the value and try again.";

      case MembershipCreateStatus.InvalidAnswer:
        return "The password retrieval answer provided is invalid. Please check the value and try again.";

      case MembershipCreateStatus.InvalidQuestion:
        return "The password retrieval question provided is invalid. Please check the value and try again.";

      case MembershipCreateStatus.ProviderError:
        return "The authentication provider returned an error. Please verify your entry and try again. If the problem persists, please contact your system administrator.";

      case MembershipCreateStatus.UserRejected:
        return "The user creation request has been canceled. Please verify your entry and try again. If the problem persists, please contact your system administrator.";

      default:
        return "An unknown error occurred. Please verify your entry and try again. If the problem persists, please contact your system administrator.";
   }
}

</script>

<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
<title>Create User</title>
</head>
<body>

<form id="form1" runat="server">
  <h3>Create New User</h3>

  <asp:Label id="Msg" ForeColor="maroon" runat="server" /><br />

  <table cellpadding="3" border="0">
    <tr>
      <td>Username:</td>
      <td><asp:Textbox id="UsernameTextbox" runat="server" /></td>
      <td><asp:RequiredFieldValidator id="UsernameRequiredValidator" runat="server"
                                      ControlToValidate="UserNameTextbox" ForeColor="red"
                                      Display="Static" ErrorMessage="Required" /></td>
    </tr>

    <tr>
      <td>Email Address:</td>
      <td><asp:Textbox id="EmailTextbox" runat="server" /></td>
      <td><asp:RequiredFieldValidator id="EmailRequiredValidator" runat="server"
                                      ControlToValidate="EmailTextbox" ForeColor="red"
                                      Display="Static" ErrorMessage="Required" /></td>
    </tr>

    <tr>
      <td></td>
      <td><asp:Button id="CreateUserButton" Text="Create User" OnClick="CreateUser_OnClick" runat="server" /></td>
    </tr>
  </table>
</form>

</body>
</html>
<%@ Page Language="VB" %>
<%@ Import Namespace="System.Web.Security" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<script runat="server">

Public Sub CreateUser_OnClick(sender As Object, args As EventArgs)
  ' Generate a new 12-character password with at least 1 non-alphanumeric character.
  Dim password As String = Membership.GeneratePassword(12, 1)

  Try
    ' Create new user.
    Dim newUser As MembershipUser = Membership.CreateUser(UsernameTextbox.Text, password, _
                                                          EmailTextbox.Text)

    Msg.Text = "User <b>" & Server.HtmlEncode(UsernameTextbox.Text) & "</b> created. " & _
               "Your temporary password is " & password & "."
  
  Catch e As MembershipCreateUserException
    Msg.Text = GetErrorMessage(e.StatusCode)
  Catch e As HttpException
    Msg.Text = e.Message
  End Try
End Sub

Public Function GetErrorMessage(status As MembershipCreateStatus) As String

   Select Case status
      Case MembershipCreateStatus.DuplicateUserName
        Return "Username already exists. Please enter a different user name."

      Case MembershipCreateStatus.DuplicateEmail
        Return "A username for that email address already exists. Please enter a different email address."

      Case MembershipCreateStatus.InvalidPassword
        Return "The password provided is invalid. Please enter a valid password value."

      Case MembershipCreateStatus.InvalidEmail
        Return "The email address provided is invalid. Please check the value and try again."

      Case MembershipCreateStatus.InvalidAnswer
        Return "The password retrieval answer provided is invalid. Please check the value and try again."

      Case MembershipCreateStatus.InvalidQuestion
        Return "The password retrieval question provided is invalid. Please check the value and try again."

      Case MembershipCreateStatus.ProviderError
        Return "The authentication provider Returned an error. Please verify your entry and try again. If the problem persists, please contact your system administrator."

      Case MembershipCreateStatus.UserRejected
        Return "The user creation request has been canceled. Please verify your entry and try again. If the problem persists, please contact your system administrator."

      Case Else
        Return "An unknown error occurred. Please verify your entry and try again. If the problem persists, please contact your system administrator."
   End Select
End Function

</script>

<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
<title>Create User</title>
</head>
<body>

<form id="form1" runat="server">
  <h3>Create New User</h3>

  <asp:Label id="Msg" ForeColor="maroon" runat="server" /><br />

  <table cellpadding="3" border="0">
    <tr>
      <td>Username:</td>
      <td><asp:Textbox id="UsernameTextbox" runat="server" /></td>
      <td><asp:RequiredFieldValidator id="UsernameRequiredValidator" runat="server"
                                      ControlToValidate="UserNameTextbox" ForeColor="red"
                                      Display="Static" ErrorMessage="Required" /></td>
    </tr>

    <tr>
      <td>Email Address:</td>
      <td><asp:Textbox id="EmailTextbox" runat="server" /></td>
      <td><asp:RequiredFieldValidator id="EmailRequiredValidator" runat="server"
                                      ControlToValidate="EmailTextbox" ForeColor="red"
                                      Display="Static" ErrorMessage="Required" /></td>
    </tr>

    <tr>
      <td></td>
      <td><asp:Button id="CreateUserButton" Text="Create User" OnClick="CreateUser_OnClick" runat="server" /></td>
    </tr>
  </table>
</form>

</body>
</html>

注釈

メソッドは、 GeneratePassword ランダムなパスワードを生成するために使用され、 ResetPassword ユーザーのパスワードを新しい一時パスワードにリセットするために、メンバーシッププロバイダーによって実装されるメソッドによって最も一般的に使用されます。The GeneratePassword method is used to generate a random password and is most commonly used by the ResetPassword method implemented by a membership provider to reset the password for a user to a new, temporary password.

生成されるパスワードには、英数字と次の句読点が含まれてい !@#$%^&*()_-+=[{]};:<>|./? ます。The generated password only contains alphanumeric characters and the following punctuation marks: !@#$%^&*()_-+=[{]};:<>|./?. 生成されたパスワードには、表示されない、または印刷できない制御文字は含まれません。No hidden or non-printable control characters are included in the generated password.

注意

メソッドによって作成されたランダムパスワード GeneratePassword は、プロパティに正規表現を渡すことは保証されていません PasswordStrengthRegularExpressionThe random password created by the GeneratePassword method is not guaranteed to pass the regular expression in the PasswordStrengthRegularExpression property. ただし、ランダムなパスワードは、プロパティとパラメーターによって設定された条件を満たし MinRequiredPasswordLength numberOfNonAlphanumericCharacters ます。However, the random password will meet the criteria established by the MinRequiredPasswordLength property and the numberOfNonAlphanumericCharacters parameter.

適用対象