Sql membership provider and password reset not working

I am using sitefinity 6.3 with a sql membership provider and trying to enable password reset. I followed the instructions at www.sitefinity.com/.../using_the_asp_net_sql_membership_provider_in_sitefinity to setup the membership provider. This is my provider line:
        <add name="AspNetAuth" connectionStringName="AspNetAuth" type="System.Web.Security.SqlMembershipProvider" applicationName="CUWebApp" maxInvalidPasswordAttempts="5" minRequiredNonalphanumericCharacters="1" minRequiredPasswordLength="7" passwordAttemptWindow="10" passwordFormat="Hashed" requiresQuestionAndAnswer="false" requiresUniqueEmail="true" enablePasswordRetrieval="false" enablePasswordReset="true"/>

This is my line in app settings
    <add key="AspNetAuth_RecoveryMailAddress" value="webmaster@somedomain.com"/>

The provider works fine however when i use the forgot your password link on the login widget with claims authentication it doesnt do anything, just reposts and asks for the email again, no email is ever set and the password is not changed. I did a little debugging and the problem appears to be in this method of the LoginWidget




private void SendRecoveryMailBtn_Click(object sender, System.EventArgs e)

        

            UserManager manager = UserManager.GetManager(this.MembershipProvider);

            User userByEmail = manager.GetUserByEmail(this.MailText.Text);

            if (userByEmail == null)

            

                this.LostPasswordError.Text = Res.Get<ErrorMessages>().EmailNotFound;

                this.LoginWidgetPanel.Visible = false;

                this.LostPasswordPanel.Visible = true;

                return;

            

            if (string.IsNullOrEmpty(userByEmail.Password))

            

                this.LoginWidgetPanel.Visible = false;

                this.LostPasswordPanel.Visible = true;

                return;

            

            this.PasswordResetSentPanel.Visible = true;

            this.LoginWidgetPanel.Visible = false;

            this.LostPasswordPanel.Visible = false;

            this.SendPasswordRecoveryEmail(userByEmail);

        

The line that says  "if (string.IsNullOrEmpty(userByEmail.Password))" is evaluating to false in my testing so the form never proceeds. If i use the build int membership provider it proceeds correctly and an email goes out with a link to reset my password. Is there something i can do to make this work correctly? At the moment i am looking at clearing the events on the SendRecoveryMailButton then calling SendPasswordRecoveryEmail using reflection since its private. Not sure if i will blow things up doing this but so far i haven't been able to find a better solution. I also looked into using the PasswordRecoveryForm however this seems to just immediately reset a users password without verifying their identity unless i enable security questions but the registration form and edit profile form dont support those fields so i would have to modify those. 

Any advice on what direction to go with this would be very helpful. Thanks

Hello David,

You could check this knowledge base for the solution you need.

I hope the information helps.

Regards,
Svetoslav Manchev
Telerik

Unfortunately I already have that line in my web.config and it doesn't help.  I ended up creating a custom login control inherited from the LoginWidget. I unhooked the normal base event that fires when the SendRecoveryMailBtn is clicked since it's private and wired it to my own event where i could by pass the password property check.Then I called SendPasswordRecoveryEmail using reflection since it is also private. Its a bit of a hack but it works and I don't think it will be a heavily used functionality on my site.