Search Results

Search found 25 results on 1 pages for 'dotnetopenid'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 1/1 | 1 

  • DotNetOpenId openIdRelyingParty Setup

    - by Sohrab Hejazi
    Hi all, I'm new to .Net and am trying to setup dotNetOpenID. I'm simply trying to get the following line to build ok without getting any errors: var openIdRelyingParty = new OpenIdRelyingParty(); Currently when I build, I get the following error: The tpe or namspace name'OpenIdrelyingParty' could not be found (are you missing a using directive or an assembly reference?) How do I fix this?

    Read the article

  • dotnetopenid attribute extensions just not working for me!

    - by Rob Ellis
    So here's some code on the request:- IAuthenticationRequest req = openid.CreateRequest(Request.Form["openid_identifier"]); //add extention requests here req.AddExtension(new ClaimsRequest { Email = DemandLevel.Request, BirthDate = DemandLevel.Request, Country = DemandLevel.Request, FullName = DemandLevel.Request, Gender = DemandLevel.Request, Language = DemandLevel.Request, Nickname = DemandLevel.Request, PostalCode = DemandLevel.Request, TimeZone = DemandLevel.Request } ); //get the request from openid return req.RedirectingResponse.AsActionResult(); And here's some on the pickup:- //get attributes from site var sreg = response.GetExtension<ClaimsResponse>(); string sreg_email = "Unknown Email"; DateTime sreg_birthdate; string sreg_birthdateraw; Gender sreg_gender; Version sreg_version; string sreg_timezone; string sreg_nickname; string sreg_postalcode; System.Globalization.CultureInfo sreg_culture; string sreg_country; string sreg_fullname; System.Net.Mail.MailAddress sreg_mailaddress; string sreg_language; if (sreg != null) { sreg_email = sreg.Email; sreg_birthdate = sreg.BirthDate.Value; sreg_birthdateraw = sreg.BirthDateRaw; sreg_country = sreg.Country; sreg_culture = sreg.Culture; sreg_fullname = sreg.FullName; sreg_gender = sreg.Gender.Value; sreg_language = sreg.Language; sreg_mailaddress = sreg.MailAddress; sreg_nickname = sreg.Nickname; sreg_postalcode = sreg.PostalCode; sreg_timezone = sreg.TimeZone; sreg_version = sreg.Version; } But it's all coming back as null no matter which OpenId provider I use... Am I missing something obvious? Rob

    Read the article

  • DotNetOpenID / DotNetOpenAuth

    - by Jeff
    Does anyone have any documentation on DotNetOpenAuth and the way it handles while lists and black lists? My config <untrustedWebRequest> <blacklistHosts> <add name="*" /> </blacklistHosts> <whitelistHosts> <add name="www.mysite.ca" /> <add name="mysite.ca" /> <add name="devel.mysite.ca" /> <add name="devel.mysite.com" /> <add name="mysite.com" /> <add name="www.mysite.com" /> </whitelistHosts> </untrustedWebRequest> What I want is to have it cancel the request if it's any site not in the whilelist. I'm currently running version 2.5.49045 but plan to update soon. using <blacklistHostsRegex> <add name=".*" /> </blacklistHostsRegex> blocked ever site even ones in the whitelist.

    Read the article

  • dotnetopenauth token ? is it required?

    - by df
    Hi, I've implementend openId login system on my site and it works ok, but when i compare what is send to openidprovider and back is different with that what is send by stackoverflow.com for example whis send s paramenter and token parameter? Are these parameteres custom parameters send by stackoverflow or dotnetopenid can sand them but you have to turn it on? Is that token against CSRF attack?

    Read the article

  • OpenId ASP MVC Authentication with long expiry

    - by Khash
    Stackoverflow uses OpenId as many other websites. However, I rarely need to provide my OpenId to Stackoverflow while with other OpenId enabled websites, I have to do it once a day or week. This suggests to me that the expiry of the session is with the website and not the OpenId provider. Looking at the DotNetOpenId code in ASP MVC, I can see that after a successful authentication by the OpenId provider FormsAuthentication.SetAuthCookie is called with the identifier and a boolean parameter to determine if the cookie should be persisted. How can I force this cookie to expire, say in 2020 instead of whatever the default value is.

    Read the article

  • No OpenID endpoint found

    - by azamsharp
    I am trying to use the DotNetOpenId library to add OpenID support on a test website. For some reason it keeps giving me the following error when running on FireFix. Keep in mind that I am using localhost as I am testing it on my local machine. using System; using System.Collections.Generic; using System.Linq; using System.Web; using System.Web.UI; using System.Web.UI.WebControls; using DotNetOpenAuth.OpenId.Extensions.ProviderAuthenticationPolicy; using DotNetOpenAuth.OpenId.Extensions.SimpleRegistration; using DotNetOpenAuth.OpenId.RelyingParty; namespace TableSorterDemo { public partial class Login : System.Web.UI.Page { protected void Page_Load(object sender, EventArgs e) { var openid = new OpenIdRelyingParty(); if (openid.GetResponse() != null) { switch (openid.GetResponse().Status) { case AuthenticationStatus.Authenticated: var fetch = openid.GetResponse().GetExtension(typeof(ClaimsResponse)) as ClaimsResponse; var nick = fetch.Nickname; var email = fetch.Email; break; } } } protected void OpenIdLogin1_LoggedIn(object sender, OpenIdEventArgs e) { var openid = new OpenIdRelyingParty(); if(openid.GetResponse() != null) { switch(openid.GetResponse().Status) { case AuthenticationStatus.Authenticated: var fetch = openid.GetResponse().GetExtension(typeof (ClaimsResponse)) as ClaimsResponse; var nick = fetch.Nickname; var email = fetch.Email; break; } } } protected void OpenIdLogin1_LoggingIn(object sender, OpenIdEventArgs e) { var openid = new OpenIdRelyingParty(); var req = openid.CreateRequest(OpenIdLogin1.Text); var fetch = new ClaimsRequest(); fetch.Email = DemandLevel.Require; fetch.Nickname = DemandLevel.Require; req.AddExtension(fetch); req.RedirectToProvider(); return; } } } Also, if I run the same page in Chrome then I get the following: Login failed: This message has already been processed. This could indicate a replay attack in progress.

    Read the article

  • DotNetOpenAuth OpenID Provider "Sequence contains more than one element"

    - by Matthew Johnson
    Hello, all, I'm having trouble implementing my OpenID provider with DNOA 3.4.3. Everything was going absolutely peachy until I needed AX support as well. I set AXFetchAsSregTransform in the web config, as recommended by Andrew at http://groups.google.com/group/dotnetopenid/browse_thread/thread/5629a24c0a7e8d99. Doing this caused me to get the exception "Sequence Contains More Than One Element" on my decide.aspx page, however, and I haven't been able to get past it. The following line is throwing the exception: Edit: Strangely enough, this is not the line throwing the error anymore. The SendResponse() is now triggering the exception ClaimsRequest requestedFields = ProviderEndpoint.PendingRequest.GetExtension(); ProviderEndpoint.SendResponse() Any thoughts on why this may be? Any help would be greatly appreciated! The logs leading up to the error are as follows: 2010-04-28 12:38:20,247 (GMT-7) [5] INFO DotNetOpenAuth.Messaging.Channel - Scanning incoming request for messages: https://myprovider/provider.ashx?openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns.ext1=http%3A%2F%2Fopenid.net%2Fsrv%2Fax%2F1.0&openid.ext1.mode=fetch_request&openid.ext1.type.email=http%3A%2F%2Faxschema.org%2Fcontact%2Femail&openid.ext1.type.fullname=http%3A%2F%2Faxschema.org%2FnamePerson&openid.ext1.type.language=http%3A%2F%2Faxschema.org%2Fpref%2Flanguage&openid.ext1.required=email&openid.return_to=http%3A%2F%2Fmyrelyingparty%2Flogin.jsp%3Foidreturn%3D%252Fhome&openid.assoc_handle=%7B634080802953194640%7D%7BHxjFNw==%7D%7B20%7D&openid.realm=http%3A%2F%2Fmyrelyingparty 2010-04-28 12:38:20,285 (GMT-7) [5] INFO DotNetOpenAuth.Messaging.Channel - Processing incoming CheckIdRequest (2.0) message: openid.claimed_id: http://specs.openid.net/auth/2.0/identifier_select openid.identity: http://specs.openid.net/auth/2.0/identifier_select openid.assoc_handle: {634080802953194640}{HxjFNw==}{20} openid.return_to: http://myrelyingparty/login.jsp?oidreturn=%2Fhome openid.realm: http://myrelyingparty/ openid.mode: checkid_setup openid.ns: http://specs.openid.net/auth/2.0 openid.ns.ext1: http://openid.net/srv/ax/1.0 openid.ext1.mode: fetch_request openid.ext1.type.email: http://axschema.org/contact/email openid.ext1.type.fullname: http://axschema.org/namePerson openid.ext1.type.language: http://axschema.org/pref/language openid.ext1.required: email 2010-04-28 12:38:22,773 (GMT-7) [14] INFO DotNetOpenAuth.Messaging.Channel - Scanning incoming request for messages: https://myprovider/login.aspx?ReturnUrl=%2fdecide.aspx 2010-04-28 12:38:36,167 (GMT-7) [5] INFO DotNetOpenAuth.Messaging.Channel - Scanning incoming request for messages: https://myprovider/login.aspx?ReturnUrl=%2fdecide.aspx 2010-04-28 12:38:38,147 (GMT-7) [14] ERROR DotNetOpenAuth.Messaging - Protocol error: An HTTP request to the realm URL (http://myrelyingparty/) resulted in a redirect, which is not allowed during relying party discovery. at DotNetOpenAuth.Messaging.ErrorUtilities.VerifyProtocol(Boolean condition, String message, Object[] args) at DotNetOpenAuth.OpenId.Realm.Discover(IDirectWebRequestHandler requestHandler, Boolean allowRedirects) at DotNetOpenAuth.OpenId.Realm.DiscoverReturnToEndpoints(IDirectWebRequestHandler requestHandler, Boolean allowRedirects) at DotNetOpenAuth.OpenId.Provider.HostProcessedRequest.IsReturnUrlDiscoverableCore(OpenIdProvider provider) at DotNetOpenAuth.OpenId.Provider.HostProcessedRequest.IsReturnUrlDiscoverable(OpenIdProvider provider) at OpenIdProviderWebForms.decide.Page_Load(Object src, EventArgs e) at System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp, Object o, Object t, EventArgs e) at System.Web.Util.CalliEventHandlerDelegateProxy.Callback(Object sender, EventArgs e) at System.Web.UI.Control.OnLoad(EventArgs e) at System.Web.UI.Control.LoadRecursive() at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) at System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) at System.Web.UI.Page.ProcessRequest() at System.Web.UI.Page.ProcessRequest(HttpContext context) at ASP.decide_aspx.ProcessRequest(HttpContext context) at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) at System.Web.HttpApplication.PipelineStepManager.ResumeSteps(Exception error) at System.Web.HttpApplication.BeginProcessRequestNotification(HttpContext context, AsyncCallback cb) at System.Web.HttpRuntime.ProcessRequestNotificationPrivate(IIS7WorkerRequest wr, HttpContext context) at System.Web.Hosting.PipelineRuntime.ProcessRequestNotificationHelper(IntPtr managedHttpContext, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags) at System.Web.Hosting.PipelineRuntime.ProcessRequestNotification(IntPtr managedHttpContext, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags) at System.Web.Hosting.PipelineRuntime.ProcessRequestNotificationHelper(IntPtr managedHttpContext, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags) at System.Web.Hosting.PipelineRuntime.ProcessRequestNotification(IntPtr managedHttpContext, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags) 2010-04-28 12:38:38,149 (GMT-7) [14] INFO DotNetOpenAuth.Yadis - Relying party discovery at URL http://myrelyingparty/ failed. DotNetOpenAuth.Messaging.ProtocolException: An HTTP request to the realm URL (http://myrelyingparty/) resulted in a redirect, which is not allowed during relying party discovery. at DotNetOpenAuth.Messaging.ErrorUtilities.VerifyProtocol(Boolean condition, String message, Object[] args) in c:\TeamCity\buildAgent\work\bf9e2ca68b75a334\src\DotNetOpenAuth\Messaging\ErrorUtilities.cs:line 235 at DotNetOpenAuth.OpenId.Realm.Discover(IDirectWebRequestHandler requestHandler, Boolean allowRedirects) in c:\TeamCity\buildAgent\work\bf9e2ca68b75a334\src\DotNetOpenAuth\OpenId\Realm.cs:line 446 at DotNetOpenAuth.OpenId.Realm.DiscoverReturnToEndpoints(IDirectWebRequestHandler requestHandler, Boolean allowRedirects) in c:\TeamCity\buildAgent\work\bf9e2ca68b75a334\src\DotNetOpenAuth\OpenId\Realm.cs:line 424 at DotNetOpenAuth.OpenId.Provider.HostProcessedRequest.IsReturnUrlDiscoverableCore(OpenIdProvider provider) in c:\TeamCity\buildAgent\work\bf9e2ca68b75a334\src\DotNetOpenAuth\OpenId\Provider\HostProcessedRequest.cs:line 142 2010-04-28 12:38:42,076 (GMT-7) [8] ERROR OpenIdProviderWebForms.Global - An unhandled exception was raised. Details follow: System.Web.HttpUnhandledException: Exception of type 'System.Web.HttpUnhandledException' was thrown. --- System.InvalidOperationException: Sequence contains more than one element at System.Linq.Enumerable.SingleOrDefault[TSource](IEnumerable`1 source) at DotNetOpenAuth.OpenId.Provider.Request.GetExtension[T]() in c:\TeamCity\buildAgent\work\bf9e2ca68b75a334\src\DotNetOpenAuth\OpenId\Provider\Request.cs:line 176 at DotNetOpenAuth.OpenId.Extensions.ExtensionsInteropHelper.ConvertSregToMatchRequest(IHostProcessedRequest request) in c:\TeamCity\buildAgent\work\bf9e2ca68b75a334\src\DotNetOpenAuth\OpenId\Extensions\ExtensionsInteropHelper.cs:line 180 at DotNetOpenAuth.OpenId.Behaviors.AXFetchAsSregTransform.DotNetOpenAuth.OpenId.Provider.IProviderBehavior.OnOutgoingResponse(IAuthenticationRequest request) in c:\TeamCity\buildAgent\work\bf9e2ca68b75a334\src\DotNetOpenAuth\OpenId\Behaviors\AXFetchAsSregTransform.cs:line 139 at DotNetOpenAuth.OpenId.Provider.OpenIdProvider.ApplyBehaviorsToResponse(IRequest request) in c:\TeamCity\buildAgent\work\bf9e2ca68b75a334\src\DotNetOpenAuth\OpenId\Provider\OpenIdProvider.cs:line 482 at DotNetOpenAuth.OpenId.Provider.OpenIdProvider.SendResponse(IRequest request) in c:\TeamCity\buildAgent\work\bf9e2ca68b75a334\src\DotNetOpenAuth\OpenId\Provider\OpenIdProvider.cs:line 325 at OpenIdProviderWebForms.decide.Yes_Click(Object sender, EventArgs e) in C:\Projects\OpenIdProviderWebForms\decide.aspx.cs:line 130 at System.Web.UI.WebControls.Button.OnClick(EventArgs e) at System.Web.UI.WebControls.Button.RaisePostBackEvent(String eventArgument) at System.Web.UI.Page.RaisePostBackEvent(IPostBackEventHandler sourceControl, String eventArgument) at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) --- End of inner exception stack trace --- at System.Web.UI.Page.HandleError(Exception e) at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) at System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) at System.Web.UI.Page.ProcessRequest() at System.Web.UI.Page.ProcessRequest(HttpContext context) at ASP.decide_aspx.ProcessRequest(HttpContext context) in c:\Windows\Microsoft.NET\Framework64\v2.0.50727\Temporary ASP.NET Files\root\7f580b93\b3e4d917\App_Web_tulh9ymv.1.cs:line 0 at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)

    Read the article

  • Invalid message signature when running OpenId Provider on Cluster

    - by Garth
    Introduction We have an OpenID Provider which we created using the DotNetOpenAuth component. Everything works great when we run the provider on a single node, but when we move the provider to a load balanced cluster where multiple servers are handling requests for each session we get issue with the message signing as the DotNetOpenAuth component seems to be using something unique from each cluster node to create the signature. Exception DotNetOpenAuth.Messaging.Bindings.InvalidSignatureException: Message signature was incorrect. at DotNetOpenAuth.OpenId.ChannelElements.SigningBindingElement.ProcessIncomingMessage(IProtocolMessage message) in c:\BuildAgent\work\7ab20c0d948e028f\src\DotNetOpenAuth\OpenId\ChannelElements\SigningBindingElement.cs:line 139 at DotNetOpenAuth.Messaging.Channel.ProcessIncomingMessage(IProtocolMessage message) in c:\BuildAgent\work\7ab20c0d948e028f\src\DotNetOpenAuth\Messaging\Channel.cs:line 940 at DotNetOpenAuth.OpenId.ChannelElements.OpenIdChannel.ProcessIncomingMessage(IProtocolMessage message) in c:\BuildAgent\work\7ab20c0d948e028f\src\DotNetOpenAuth\OpenId\ChannelElements\OpenIdChannel.cs:line 172 at DotNetOpenAuth.Messaging.Channel.ReadFromRequest(HttpRequestInfo httpRequest) in c:\BuildAgent\work\7ab20c0d948e028f\src\DotNetOpenAuth\Messaging\Channel.cs:line 378 at DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty.GetResponse(HttpRequestInfo httpRequestInfo) in c:\BuildAgent\work\7ab20c0d948e028f\src\DotNetOpenAuth\OpenId\RelyingParty\OpenIdRelyingParty.cs:line 493 Setup We have the machine config setup to use the same machine key on all cluster nodes and we have setup an out of process session with SQL Server. Question How do we configure the key used by DotNetOpenAuth to sign its messages so that the client will trust responses from all servers in the cluster during the same session?

    Read the article

  • DotNetOpenAuth RelayParty not working on load balanced cluster

    - by Garth
    We're trying to move an ASP.NET MVC application, which uses DotNetOpenAuth OpenID Version 3.4.1, from a single server web garden to a physical server cluster held behind a hardware load balancer. Our old setup (OpenID RP working): Browser = SHTTP = Server = WebGarden = Nonce/Session Store Our new setup (OpenID RP not working): Browser = SHTTP = Load Balancer = HTTP = Cluster Node = WebGarden = Nonce/Session Store DB When we authenticate with the new setup we are correctly redirected to the OpenID Provider but after authenticated we are redirected back to our cluster (relay party) and get the following exception: Exception DotNetOpenAuth.Messaging.ProtocolException: Redirects on POST requests that are to untrusted servers is not supported. at DotNetOpenAuth.Messaging.ErrorUtilities.VerifyProtocol(Boolean condition, String message, Object[] args) in c:\TeamCity\buildAgent\work\bf9e2ca68b75a334\src\DotNetOpenAuth\Messaging\ErrorUtilities.cs:line 235 at DotNetOpenAuth.Messaging.UntrustedWebRequestHandler.GetResponse(HttpWebRequest request, DirectWebRequestOptions options) in c:\TeamCity\buildAgent\work\bf9e2ca68b75a334\src\DotNetOpenAuth\Messaging\UntrustedWebRequestHandler.cs:line 258 at DotNetOpenAuth.OpenId.ChannelElements.OpenIdChannel.GetDirectResponse(HttpWebRequest webRequest) in c:\TeamCity\buildAgent\work\bf9e2ca68b75a334\src\DotNetOpenAuth\OpenId\ChannelElements\OpenIdChannel.cs:line 277 at DotNetOpenAuth.Messaging.Channel.RequestCore(IDirectedProtocolMessage request) in c:\TeamCity\buildAgent\work\bf9e2ca68b75a334\src\DotNetOpenAuth\Messaging\Channel.cs:line 542 at DotNetOpenAuth.Messaging.Channel.Request(IDirectedProtocolMessage requestMessage) in c:\TeamCity\buildAgent\work\bf9e2ca68b75a334\src\DotNetOpenAuth\Messaging\Channel.cs:line 425 at DotNetOpenAuth.Messaging.Channel.Request[TResponse](IDirectedProtocolMessage requestMessage) in c:\TeamCity\buildAgent\work\bf9e2ca68b75a334\src\DotNetOpenAuth\Messaging\Channel.cs:line 405 at DotNetOpenAuth.OpenId.ChannelElements.SigningBindingElement.ProcessIncomingMessage(IProtocolMessage message) in c:\TeamCity\buildAgent\work\bf9e2ca68b75a334\src\DotNetOpenAuth\OpenId\ChannelElements\SigningBindingElement.cs:line 154 at DotNetOpenAuth.Messaging.Channel.ProcessIncomingMessage(IProtocolMessage message) in c:\TeamCity\buildAgent\work\bf9e2ca68b75a334\src\DotNetOpenAuth\Messaging\Channel.cs:line 992 at DotNetOpenAuth.OpenId.ChannelElements.OpenIdChannel.ProcessIncomingMessage(IProtocolMessage message) in c:\TeamCity\buildAgent\work\bf9e2ca68b75a334\src\DotNetOpenAuth\OpenId\ChannelElements\OpenIdChannel.cs:line 172 at DotNetOpenAuth.Messaging.Channel.ReadFromRequest(HttpRequestInfo httpRequest) in c:\TeamCity\buildAgent\work\bf9e2ca68b75a334\src\DotNetOpenAuth\Messaging\Channel.cs:line 386 at DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty.GetResponse(HttpRequestInfo httpRequestInfo) in c:\TeamCity\buildAgent\work\bf9e2ca68b75a334\src\DotNetOpenAuth\OpenId\RelyingParty\OpenIdRelyingParty.cs:line 501 We have added a machines involved into the trusted machine list and turned off requires ssl but it makes no difference. We even tried removing out nonce store and using a stateless connection, but that didn't work either. We always get the same error. We suspected the issue is arising as a result of the cluster node having a different IP from the load balancer when it connects to the OpenID Provider, but we're not sure. Any ideas?

    Read the article

  • Facebook and dotnetopenauth issue

    - by Adiel
    Hi We established an OpenID provider at BioSignID.com base on DotNetOpenAuth. (the authentication is base on signaturs with silverlight client...) As we tried to login to facebook we encounter a problem with IE (6,7,8). In FF and Chrome the loggin process was fine. On the server logs I can see the FB reqeust but the user somehow is NOT authenticated. In fiddler I can see that the authentication cookie not sent. I've tried to transfer the server.aspx calls to https but then I cannot make the connection between my FB account and my BioSignId account. Any ideas? Thanks

    Read the article

  • How do DotNetOpenAuth whitelist and blacklists work?

    - by Jeff
    Does anyone have any documentation on DotNetOpenAuth and the way it handles while lists and black lists? My config <untrustedWebRequest> <blacklistHosts> <add name="*" /> </blacklistHosts> <whitelistHosts> <add name="www.mysite.ca" /> <add name="mysite.ca" /> <add name="devel.mysite.ca" /> <add name="devel.mysite.com" /> <add name="mysite.com" /> <add name="www.mysite.com" /> </whitelistHosts> </untrustedWebRequest> What I want is to have it cancel the request if it's any site not in the whilelist. I'm currently running version 2.5.49045 but plan to update soon. using <blacklistHostsRegex> <add name=".*" /> </blacklistHostsRegex> blocked ever site even ones in the whitelist.

    Read the article

  • ASP.NET MVC: Implementing an OpenID sign-in page ala NerdDinner v2

    - by pcampbell
    Consider the log in page on NerdDinner.com: http://www.nerddinner.com/Account/LogOn Some nice features: jQuery effects on the OpenID choice popups for the other major providers Is this revision of the NerdDinner AccountController and its View available for public download? How would you reinvent this implementation? Any code you can post would be fine. Calling Jon Galloway!

    Read the article

  • DotNetOpenAuth OpenIdTextBox For Google/Yahoo

    - by user300992
    If I want to integrate DotNetOpenAuth (primary for people to use their Google/Yahoo accounts to login, not act as provider) into my existing site, is this one line control good enough? <rp:OpenIdTextBox ID="OpenIdTextBox1" runat="server" /> Say, if a user wants to login as Google, I can simply set the textbox to "https://www.google.com/accounts/o8/id" and then they can login. I tried it with my Google account, it seems working and I can get the token from HttpContext.Current.User.Identity.Name. Is this "one line" solution secure enough for production? or is it a "must" that I have to use "OpenIdSelector" or "OpenIDLogin" control? I also opened the .net template and some samples, they are very complicated. There are PAPE policies, xrds.aspx (for discovery), ConsumerKey + ConsumerSecret...etc. As a newbie, I am very confused. Any tips on this will be really appreciated. Thanks

    Read the article

  • IAuthenticationRequest.RedirectToProvider is not supposed to return, yet it does

    - by ripper234
    The method DotNetOpenAuth.OpenId.RelyingParty.IAuthenticationRequest.RedirectToProvider() is documented never to return: Redirects the user agent to the provider for authentication. Execution of the current page terminates after this call. However, it does return under the latest implementation (3.4.3). I'm using the following code: using (var relayingParty = new OpenIdRelyingParty()) { var response = relayingParty.GetResponse(); if (response == null) { // Stage 2: user submitting Identifier var openId = Request.Form["openId"]; relayingParty.CreateRequest(openId).RedirectToProvider(); throw new Exception("Never gets here"); } ... } (The line with "Never gets here" is reached). I need to return an ActionResult from this method ... Is this a known bug? Is there a aorkaround? Should I return EmptyResult? As far as I understand this is a bug - I submitted it in the project issue tracker.

    Read the article

  • dotnetopenauth pending request lost

    - by Graham
    I have dotnetopenauth working fine as a provider except when a user clicks the submit button multible times. Then the following error occurs: Throw New InvalidOperationException("There's no pending authentication request!") What is the best way to prevent this happening?

    Read the article

  • OpenID: Trying to Get Email Address from Google OP

    - by Zaff
    I’m using dotnetopenauth 3.2 to implement Openid and can’t figure out how to get Google to pass the email address in the Claims Response. I know that Google doesn’t support simple registration, but I can’t determine what they do support. Caveat to this question is that I just started learning OpenID and I know I don’t have a solid grasp on the specification which I think is leading to my confusion. Any help would be appreciated!

    Read the article

  • DotNetOpenAuth Remember Me

    - by user300992
    I am using OpenIdLogin (with OpenIdButton) control on my login page, I noticed that there are properties "RememberMe", "RememberMeText" and "RememberMeVisible". However I can't get it to work, is there any example? Say, after the user logged on to my site successufully via Google, the user then decided to close the browser. If the user launch a new browser again, the user should not have to type the login/password again, right? Thanks for help

    Read the article

  • Google's OpenID identifier is different depending on the "consumer" domain name. How to avoid potent

    - by JohnnyO
    I'm currently testing an OpenID implementation, and I'm noticing that Google sends a different identifier for different consuming host name / domain name, even for the same user. For example, Google sends a different identifier when the requesting site is localhost, compared to the identifier they send when the requesting site is 127.0.0.1 for the same user. Note: I haven't actually tested this using public domain names, but I can't see why the behavior would be any different. My concern with Google's behavior is that if we ever choose to change our website domain name in the future, then users will no longer be able to log in to the website using Google's OpenId as the identity provider. This seems to be a big problem. Am I missing something, or are all OpenID consuming sites faced with this potential problem? I've also tested this with MyOpenId, but the identifier that MyOpenId creates is fixed, so this wouldn't be a problem with them. Thanks.

    Read the article

  • DotNetOpeId - Using OpenIdButton for Google Apps

    - by JediPotPie
    I am an ASP.NET newbie and I am trying to design an OpenID/SSO system for an internal web application. The web application is pretty simple and the authentication is currently being managed by a database with usernames and passwords. I want to replace the existing accounts stored in the database with Google Apps accounts. I have downloaded the latest DotNetOpenAuth-3.4.3.10103 package and got the OpenIdRelyingPartyWebForms sample up and running on IIS. I have built my own login page using just a OpenIdButton object that points to a development Google domain. The button seems to work fine in FireFox, at least it is forwarding me to the Google Apps login, but nothing happens when I load the same page in IE. When I click the Google button, nothing happens, zip. The same is true for the Yahoo button in the login.aspx page given in the sample. Here is the .aspx code I am using... <rp:OpenIdButton runat="server" ImageUrl="http://www.google.com/accounts/google_transparent.gif" Text="Login with Google!" ID="googleLoginButton" Identifier="https://www.google.com/accounts/o8/site-xrds?hd=dev.connexcloud.com" />

    Read the article

  • DotNetOpenAuth: Message signature was incorrect

    - by Shawn Miller
    I'm getting a "Message signature was incorrect" exception when trying to authenticate with MyOpenID and Yahoo. I'm using pretty much the ASP.NET MVC sample code that came with DotNetOpenAuth 3.4.2 public ActionResult Authenticate(string openid) { var openIdRelyingParty = new OpenIdRelyingParty(); var authenticationResponse = openIdRelyingParty.GetResponse(); if (authenticationResponse == null) { // Stage 2: User submitting identifier Identifier identifier; if (Identifier.TryParse(openid, out identifier)) { var realm = new Realm(Request.Url.Root() + "openid"); var authenticationRequest = openIdRelyingParty.CreateRequest(openid, realm); authenticationRequest.RedirectToProvider(); } else { return RedirectToAction("login", "home"); } } else { // Stage 3: OpenID provider sending assertion response switch (authenticationResponse.Status) { case AuthenticationStatus.Authenticated: { // TODO } case AuthenticationStatus.Failed: { throw authenticationResponse.Exception; } } } return new EmptyResult(); } Working fine with Google, AOL and others. However, Yahoo and MyOpenID fall into the AuthenticationStatus.Failed case with the following exception: DotNetOpenAuth.Messaging.Bindings.InvalidSignatureException: Message signature was incorrect. at DotNetOpenAuth.OpenId.ChannelElements.SigningBindingElement.ProcessIncomingMessage(IProtocolMessage message) in c:\Users\andarno\git\dotnetopenid\src\DotNetOpenAuth\OpenId\ChannelElements\SigningBindingElement.cs:line 139 at DotNetOpenAuth.Messaging.Channel.ProcessIncomingMessage(IProtocolMessage message) in c:\Users\andarno\git\dotnetopenid\src\DotNetOpenAuth\Messaging\Channel.cs:line 992 at DotNetOpenAuth.OpenId.ChannelElements.OpenIdChannel.ProcessIncomingMessage(IProtocolMessage message) in c:\Users\andarno\git\dotnetopenid\src\DotNetOpenAuth\OpenId\ChannelElements\OpenIdChannel.cs:line 172 at DotNetOpenAuth.Messaging.Channel.ReadFromRequest(HttpRequestInfo httpRequest) in c:\Users\andarno\git\dotnetopenid\src\DotNetOpenAuth\Messaging\Channel.cs:line 386 at DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty.GetResponse(HttpRequestInfo httpRequestInfo) in c:\Users\andarno\git\dotnetopenid\src\DotNetOpenAuth\OpenId\RelyingParty\OpenIdRelyingParty.cs:line 540 Appears that others are having the same problem: http://trac.dotnetopenauth.net:8000/ticket/172 Does anyone have a workaround?

    Read the article

  • Cannot deploy asp.net openid library on shared hosting service

    - by asksuperuser
    I have deployed successfully the dotnetopenid dll under IIS7 but on my shared hosting service it says: Compilation Error Description: An error occurred during the compilation of a resource required to service this request. Please review the following specific error details and modify your source code appropriately. Compiler Error Message: CS0246: The type or namespace name 'DotNetOpenId' could not be found (are you missing a using directive or an assembly reference?) Why ?

    Read the article

  • DotNetOpenAuth occasionally throws a NotImplementedException

    - by Chris Moschini
    I have DotNetOpenAuth running on a background thread making calls to Google authorized with OAuth on a regular basis. About once a day, which is about one in 10,000 calls, I get the following Exception: An unhandled exception occurred and the process was terminated. Application ID: DefaultDomain Process ID: 3316 Exception: System.NotImplementedException Message: The method or operation is not implemented. StackTrace: at DotNetOpenAuth.Messaging.ProtocolException.GetObjectData(SerializationInfo info, StreamingContext context) in c:\Users\andarno\git\dotnetopenid\src\DotNetOpenAuth\Messaging\ProtocolException.cs:line 90 at System.Runtime.Serialization.Formatters.Binary.WriteObjectInfo.InitSerialize(Object obj, ISurrogateSelector surrogateSelector, StreamingContext context, SerObjectInfoInit serObjectInfoInit, IFormatterConverter converter, ObjectWriter objectWriter, SerializationBinder binder) at System.Runtime.Serialization.Formatters.Binary.WriteObjectInfo.Serialize(Object obj, ISurrogateSelector surrogateSelector, StreamingContext context, SerObjectInfoInit serObjectInfoInit, IFormatterConverter converter, ObjectWriter objectWriter, SerializationBinder binder) at System.Runtime.Serialization.Formatters.Binary.ObjectWriter.Serialize(Object graph, Header[] inHeaders, __BinaryWriter serWriter, Boolean fCheck) at System.Runtime.Serialization.Formatters.Binary.BinaryFormatter.Serialize(Stream serializationStream, Object graph, Header[] headers, Boolean fCheck) at System.Runtime.Remoting.Channels.CrossAppDomainSerializer.SerializeObject(Object obj, MemoryStream stm) at System.AppDomain.Serialize(Object o) at System.AppDomain.MarshalObject(Object o) If it was thrown and caught once a day I'd be fine, but this is a big one - I'm getting this in the Application Error log on the server, and it's crashing the process entirely - the site goes down and restarts. Has anyone else run into this? Something I'm clearly doing wrong?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

1