Step 7:  Configure the ForgotUser.aspx page

When the Database security User table is configured with an Email field, then additional configuration is required for the ForgotUser.aspx page in the Security folder. This page initially contains a Google Recaptcha control. This control provides a facility to help you stop bots from abusing your data input page. This control requires your application to be running in Full Trust. If your application uses a lower trust level, then you must delete the control from your application. The control may be safely deleted from the page. If it is not deleted, it must be configured with your own API keys obtained from Google. See: http://code.google.com/apis/recaptcha/intro.html

Once configured, the Recaptcha control requires access to the domain google.com for proper operation. In particular, this means that if the client browser is in trusted mode, then the trusted sites list must contain *.google.com. This applies to Internet Explorer using Enhanced Security Configuration. Also, Sharepoint pages may force browsing in trusted mode, in which case the Recaptcha control will not display unless google.com  is in the list of trusted sites.

To remove the recaptcha control from the page, delete row 3 in the grid shown. If the control is not deleted, then the Public and Private keys in the properties must be set to the API keys obtained from Google.

 

See Also

Configuring Application Security