The
Windows Live team announced a
few months ago that their Live ID service will be a new provider for the OpenID system.
The Live team was quoted:
Beginning today, Windows Live™ ID is publicly committing to support the OpenID digital
identity framework with the announcement of the public availability of a Community
Technology Preview (CTP) of the Windows Live ID OpenID Provider.
You will soon be able to use your Windows Live ID account to sign in to any OpenID
Web site.
I saw the potential in OpenID a while ago, long before I heard about Microsoft’s intentions.
The only problem was that I didn’t really find a good way to implement such a system
on my website. Not only that, I didn’t really have a purpose for doing such
a thing. The only reason anyone would need to log into the site would be to
administer it. And seeing as I’m the only person who could log in, there was
never a need.
Then a brilliant idea hit me. Let users create accounts to make comment posting
easier. Originally, a user would leave a comment, and I would log in to verify
comments, at which point the comment would actually show up. Sometimes I wouldn’t
log in for a couple days, which meant no comments. So now, if a user wants to
post a comment, all they have to do is log in with their openID, and the comment will
appear.
Implementing OpenID
I used the ExtremeSwank OpenID
Consumer for ASP.NET 2.0. The beauty of this framework is that all I have
to do is drop a control on a webform and OpenID functionality is there. The
control handles all the communications, and when the authenticating site returns it’s
data, you access the data through the control’s properties. To handle the authentication
on my end, I tied the values returned from the control into my already in place Forms
Authentication mechanism:
if (!(OpenIDControl1.UserObject
== null)) { if (Membership.GetUser(OpenIDControl1.UserObject.Identity)
== null) { string email = OpenIDControl1.UserObject
.GetValue(SimpleRegistrationFields.Email); string username
= ""; if (HttpContext.Current.User.Identity
!= null) { username = HttpContext.Current.User.Identity.Name;
} else { username = OpenIDControl1.UserObject.Identity; }
MembershipCreateStatus membershipStatus; MembershipUser user = Membership.CreateUser(
username, RandomString(12, false), email, "This
is an OpenID Account. You should log in with your OpenID", RandomString(12, false), true, out membershipStatus
); if (membershipStatus != MembershipCreateStatus.Success)
{ lblError.Text
= "Cannot create account for OpenID Account: "
+ membershipStatus.ToString(); } } }
That’s all there is to it.
