I am starting to build a new web application that will require user accounts. Now that I have an OpenID that I am using for this site I thought it would be cool if I could use OpenID for authentication in my application. Are there any good tutorials on how to integrate OpenID with an ASP.NET site? ...
Encouraged by SO, I'm trying to write an ASP.NET site that uses OpenID for user authentication. It's a regular WinForms site (not MVC.NET), using the DotNetOpenId library for authentication. Is it safe for me to permit/deny administrative functions on the site by simply comparing the current session's "ClaimedID" (as returned in the Op...
How would you design and implement OpenID components? (Was "How does OpenId work") I realize this question is somewhat of a duplicate, and yes, I have read the spec and the wikipedia article. After reading the materials mentioned above, I still don't have a complete picture in my head of how each step in the process is handled. Maybe...
I have a ASP.Net 2.0 website that is currently using a custom MembershipProvider and the standard login control. I would like to replace the login control with the one from DotNetOpenId. I override the ValidateUser which checks the username and password, but I shouldn't need to implement this when using OpenId. Is it possible to use O...
What's the secret to getting ClaimsResponse working with DotNetOpenId? For example, in this bit of code (from Scott Hanselman's blog) the ClaimsResponse object should have lots of nice little things like 'nickname' and 'email address', but the ClaimsResponse object itself is 'null': OpenIdRelyingParty openid = new OpenIdRelyingParty()...
I'm using DotNetOpenID to provide relying party OpenID support for our website. All external requests have to be brokered via a proxy server, and I'm looking for a way to tell DotNetOpenID to use this proxy. I know I can set up a global proxy config in web.config, but I currently only want this to apply to the calls made to the OpenID pr...
Now that idselector has been upgraded to RPXNow and you can't "just use" the selector code, what is a good replacement? I want to implement OpenId on a new website that I am using, but the users are going to be just dumb when it comes to logging in unless I provide an easy way for them to. As a reference, I will be using .Net Open Id f...
I have been thinking of maybe writing a little tool that logs into SO and updates my profile info with some topical/current info on a regular basis (eg. my latest blog post or questions I need help on, etc...) To get this to work I will need to somehow log on to SO from a console app. Is there a .Net library that streamlines logging o...
If I have the ClaimedIdentifier is the a way to get the FriendlyIdentifierForDisplay using the dotNetOpenId? Thanks ...
Hello All, I'm looking to implement OpenID as a provider for a group of partner sites. The thing is this site is for kids (younger than 13) so I have business restrictions that need to be dealt with - mainly the account can't be used on any non-partner sites (we work with every approved partner to ensure they meet industry privacy/secu...
Hi, I'm implementing OpenID and I would like to retrieve the user's email address and other information about the user, I'm doing this: var fetch = new FetchRequest(); fetch.AddAttribute(new AttributeRequest(WellKnownAttributes.Contact.Email)); request.AddExtension(fetch); But the provider doesn't return anything. I'm using DotNetOpen...
When an user clicks a link in my site that requires authentication, the browser is redirected to the login page. The login page includes a returnUrl querystring parameter. The problem is that if the user authenticates using OpenID, the providers redirects the user back to the login page and doesn't include the returnUrl parameter, which ...
I am trying to install openID into my web site project that is using ASP.NET MVC, specifically with Yahoo Yahoo keeps giving me this : "Warning: This website has not confirmed its identity with Yahoo! and might be fraudulent. Do not share any personal information with this website unless you are certain it is legitimate." However I hav...
Hi, I am using Dotnetopenid for my openid solution, everything is fine when using the built-in user control, but when I want to implement it programmaticaly, like the below code, openid.Response.GetExtension<DotNetOpenId.Extensions.SimpleRegistration.ClaimsResponse>(); is always null. any idea? OpenIdRelyingParty openid = creat...
I couldn't find anything in documentations about how to add the policy URL to the request when using the dotnetopenid programmatically? ...
Hi folks, some of my MyOpenId persona's have avatars. Is there any way to programmatically request them with dotNetOpenId, like i can request email, etc? I'm assuming it can't be done because i'm guessing they are not part of the standard openid schema? ...
I'm Trying to login with dotNetOpenId to GMail accounts. It works but I'm not able to retrieve any claims. I know I could retrieve email addresses or user names as well, but no claims are being returned only the ClaimedIdentifier is available. Anyone know how to retrieve this data from Gmail accounts? If you could please provide me an ex...
I'm starting with OpenId using the dotnetopenid library and, so far, so good, but when I try to login, it shows me the following message: This message has already been processed. This could indicate a replay attack in progress. The first time I used my app it failed and, after that, the above message it is always returned. How...
Hi all, I'm trying to make use of OpenID to allow me to login to my website via Google. Eventually it'll be used by visitors, but for now it's simply hard-coded as Google to verify my own login only. My code looks like this: var openId = new OpenIdRelyingParty(); // If we have no response, start if (openId.Response == null) { // ...
Using DotNetOpenAuth 3 in ASP.NET MVC and implementing a RememberMe facility ... I'm finding that even if I set createPersistentCookie to true in FormsAuthentication.RedirectFromLoginPage and FormsAuthentication.SetAuthCookie the user is not remembered once the ASP.NET session times out. If I inspect the cookie I find it is marked as ...