Setting up OpenID Provider with SubDomains Identifiers using DotNetOpenAuth

Question

Hi! I am currently trying to implement an OpenID Provider on my own domain name. Thus, I would like the OpenID Identifier of a user to be user.example.com instead of the default example.com/user.aspx/user..

Is it possible for DotNetOpenAuthto do that? If so, roughly what changes do i need to make?

Answer 1

Yes, it's absolutely possible.

1. Configure your DNS and web site(s) and IIS to actually respond to user.example.com.
2. Place a default.aspx file such that it responds to requests for that domain, and make that URL an OpenID Claimed Identifier by placing the tags in it that you find in the user.aspx sample. Be sure in those tags that point to your OP Endpoint that it uses the absolute URL (which may be http://www.example.com/provider.ashx)
3. Modify your provider.ashx (or server.aspx, or MVC action, whatever you're using for your OP Endpoint) to be willing to send assertions for user.example.com

And you're done. I haven't gone into great detail on these steps because it's the same steps you take when you customize the URL of your claimed identifiers in any way -- special host name or not. The only really special step is #1: Configuring IIS. To accept any random host name requires special DNS configuration, but since it's just your own user name you can just hard-code your username into DNS.