validating openid textbox

Question

How to validate open id text box as that of stackoverflow i am using dotnet open id what i have done is

<asp:CustomValidator runat="server" ID="openidValidator" ErrorMessage="Invalid OpenID Identifier"
    ControlToValidate="txtOpenId" EnableViewState="false" OnServerValidate="openidValidator_ServerValidate"
    ValidationGroup="validateOpenID" />  

in the code behind

protected void openidValidator_ServerValidate(object source, ServerValidateEventArgs args) 
    {

        // This catches common typos that result in an invalid OpenID Identifier.
        args.IsValid = Identifier.IsValid(args.Value);
    }

but it is not validating it in all cases

Answer 1

I guess you want to set the limit for your textbox. For that you have range field validater, using this you can set the limit to the letters or numbers. You can do this using property window.

Answer 2

There are two steps to validating an OpenID identifier. One is just validating its form without any network access. And Identifier.IsValid does this. Yes, a single letter is actually a valid OpenID "user-supplied identifier". It could be an OpenID identifier hosted by another computer on your local network. It's impossible to know for sure unless you actually take the next step, which is OpenIdRelyingParty.CreateRequest and see if it fails.

StackOverflow takes some additional validation steps by looking at what likely identifiers will be and writing custom rules that reject identifiers that don't look like likely real identifier (although technically they could be). There is no comprehensive list of what these are as far as I know so you'll have to write your own logic if you want additional validation. Just err on the side of allowing identifiers since if you're too selective on the input you select you might tick off some users.