Dotnetopenauth OAuth Service Provider Explanation?
May 28, 2010
I am a total newbie in the oAuth area and have set up DotNetOpenAuth to set up an oAuth Service provider. The sample provided in the DotNetOpenAuth download is quite confusing for me...maybe cos i am new to this stuff. There is one default page that creates a database and populates the database. Now I browse to the login.aspx and it asks me to put an openid, actually I want to use DNN (which implements DotNetOpenAuth) and i want to use those credentials on another site which will be the oAuth consumer. Can someone explain how to test the oAuth Service provider in the samples of DotNetOpenAuth?
I am trying to integrate authentication for a cloud-based application with an Active Directory forest behind my cilent's firewall.
I am a Python developer from the open-source world... needless to say, .NET is not my forte and I'm not familiar with authentication technologies provided by IIS/WIF/etc.
I have installed DotNetOpenAuth and gotten the sample MVC OpenID provider working with the included ReadOnlyXmlMembershipProvider.
I have scoured Google for a sample config/implementation or any documentation at all that describes the appropriate membership provider to use. The only thing I have found are hints - "It's included out of the box," or "create a .NET app that authenticates off of AD and expose OpenID."
How can I query off my client's AD? Is there a provider included with DNoA?
I have google this subject and while I have gotten a lot of results none of them seem to help. I am a consumer of a webservice which I have created a reference for using "Add Service Reference" from Visual Studio. How do I configure this service to use OAuth? Most examples use other methods besides the classes "Add Service Reference" creates.
I'm trying to make API calls to a service provider. I've never tackled JSON requests before but I want to give it a go - as they seem less verbose than XML. Could someone be kind enough to give me a simple example here?
My confusion stems from some libraries I've come across. Do I need to add any libraries to my project? Or is it just a matter of creating a string that complies with JSON syntax and send it via a WebRequest?
Can I use the membership provider api on a hosted service? I can create mssql databases but have no control over iis. Will I be able to use the membership admin webpage on the hosted service?
Am I correct in stating that the api uses ASPNETDB.MDF in the app_data folder as it's database?
visual web developer is not loading the memebrship provider service. My memberhsip service provider has been acting kinda strange lately. Is there a way to try to repair it? Like repair Visual Studio? What can I do?
Every month I have to email out links to demo music tracks that I make. I have like 30 labels and it takes me ages to write out an email to each one. I dont want to purchase my own domain name yet so is there a free email provider that I can sign up to that will allow me to use .net library to automatically send out messages?
I have a SqlMembershipProvider store with Roles enabled. This is configured and has the user "devtest" in the roles "xxUser" and "xxAdmin".
I also have a WCF service, which I want to authenticate and authorize against. My problem is that:
the authorisation is not happening, code just executes despite the policy attribute I don't get any identity or security context so do not know who is calling the service I need: to know which user is calling the method some degree of rejecting users if permissions don't match (ideally this should be performed within the RoleProvider/MembershipProvider/WCF but can do it myself if I have to) SSL in transport
I have my service contract set up thus:
[ServiceContract] public interface ISupportService { [OperationContract] [PrincipalPermission(SecurityAction.Demand, Role = "ThisRoleDoesNotExist")] List<BaseInterestRate> GetAllBaseInterestRates(); } the code is simple enough: public class SupportService : ISupportService { public List<BaseInterestRate> GetAllBaseInterestRates() { OperationContext operationContext = OperationContext.Current; ServiceSecurityContext serviceSecurityContext = ServiceSecurityContext.Current; // is always null using (xxxEntities entities = new xxxEntities()) { return new List<BaseInterestRate>(entities.BaseInterestRates); } }} My service configuration is thus: --> <behaviors> <serviceBehaviors> <behavior name="SupportServiceBehavior"> <serviceMetadata httpGetEnabled="false" httpsGetEnabled="true" /> <serviceDebug includeExceptionDetailInFaults="false" /> <serviceAuthorization principalPermissionMode="UseAspNetRoles" roleProviderName="AspNetSqlRoleProvider" /> <serviceCredentials> <userNameAuthentication userNamePasswordValidationMode="MembershipProvider" membershipProviderName="SqlMembershipProvider" /> </serviceCredentials> </behavior> <behavior> <serviceMetadata httpGetEnabled="true"/> <serviceDebug includeExceptionDetailInFaults="false"/> </behavior> </serviceBehaviors> </behaviors> <serviceHostingEnvironment multipleSiteBindingsEnabled="true" />
I have followed the instructions at these pages to the letter:
How to: Use the SQL Server Role Provider with Windows Authentication in WCF Calling from Windows Forms (MSDN) How to: Create and Install Temporary Client Certificates in WCF During Development (MSDN) How to: Use wsHttpBinding with Username Authentication and TransportWithMessageCredentials in WCF Calling from Windows Forms (MSDN) Also quite useful found via SO: Use Asp.Net Membership provider with a WCF .svc service (Alkampfer's Place)
I would at lest expect an issue with certificates/transport/etc. to fail with exceptions, but I can debug right in and over the WCF call. I have no security context/ user context available to me and when I use a user not in the two mentioned roles (which I do in the code example above), I don't get "kicked out".
My client app is currently a Web App, but will ultimately also serve a Windows Forms app and Test suite. I'm currently using the ASP.NET WebDev server and am running .NET 4.0.
How to verify users login credentials using users login credentials of user's gmail account (like in stackoverflow on clicking gmail it takes to gmail login page and gmail verifies the user)
I'm developing a web application using EF4, POCO's, WCF Data Services and the presentation tier (HTML, CSS, JavaScript, Ajax - NO WebForms). For security I would like using ASP.NET Membership Provider (Authentication Service): from a *.htm file calling the AuthenticationService. I executed aspnet_regsql.exe (to create the necessary database tables) and modified my web.config file:
I want to send mail from user gmail account using OAuth to all user contacts.It's easy to get all contacts of user with google API, but i cant send email to these contacts from user gmail account without request his password.
I have an existing application that displays Google Analytics data. Currently, it stores the username and password which I do not like, so I wanted to convert it to use OAuth. I have isolated the authentication method to get the token in hopes that all I would have to do is change this method:
public static string getSessionTokenClientLogin(string email, string password) { //Google analytics requires certain variables to be POSTed string postData = "Email=" + email + "&Passwd=" + password; //defined - should not channge much
[Code]....
Is there an easy way to convert this to OAuth? I can change the parameters, but I am hoping I do not have to make architectural changes to the rest of my app.
I have a web aaplication which currently has a bunch of users and use Asp.net Membership to create and manage users.
I want to add OAuth functionality to my application and want to still using Asp.net Membership (login , etc ). ( and I also want my user login to application with any public social network ID , if that network use a OAuth membership.
How can I use Asp.net and OAuth (open ID) beside each other ?
I also want to add a new page for users to create a profile for themeselve.
how to use OAuth. Twitter has no longer supports Basic HTTP Auth, and now requires OAuth for all Twitter Applications. You no longer need to have your app use their twitter username/password. That's the point of OAuth. This is very similar to how Facebook App authorizations work. When someone wants to use your facebook app, they have to login to Facebook, and give your app permission to use your information.
It's the same thing with Twitter now. You will need to get a twitter API key for your app, then when users first want to tweet, you will make an OAuth request with your API key to Twitter, which will have your users first login to Twitter, then authorize your application. After that process, you application will be able to "post" users tweets to their respective twitter accounts. how to possible in asp.net with c#.net code?
Recently I was asked to express the DI in colloquial explanation.
I answered :
1)I am going to a hotel.I ordered food.The hotel management asks me to clean the plates and clean the tables.So here i am a client,I am responsible for managing the service (Instantiating,executing,disposing).But DI decouples such tasks so the service consumer no need not worry about controlling the life cycle of the service.
2)He also asked is there any microsoft API follows DI ?.I answered (This was my guess) In WCF you can create a Proxy using ChannelFactory that controls the life time of your factory.
for item (1) he said only 10% is correct
for item(2) he said that is factory pattern not dependency injection.
Actually what went wrong in my explanation (apart from my bad English) ? What is the real answers for those?
I am trying to unable the asp.net so that i can dev on windows azure, unfortunately going through windows features(in win7) to install it, always prompts and error with no explanation whatsoever. its the "an error has occured, some programs may not have been changed sucessfully" or something similar to that.I have tried uninstalling IIS and reinstalling afterwords, and have tried removing WAS.
I've been looking on the Internet for a fairly clear explanation of the different methods of registering javascript in an asp.net application. I think I have a basic understating of the difference between registerStartupScript and registerClientScriptBlock (the main difference being where in the form the script is inserted).I'm not sure I understand what the RegisterClientScriptInclude method does or when it is used. From what I can gather, it is used to register an external .js file. Does this then make any and all javascript functions in that file available to the aspx page it was registered on? For example, if it was registered in the onLoad event of a master page, would all pages using that master page be able to use the javascript functions in the .js file? What problems would arise when trying to use document.getElementById in this case, if any? Also, when it is necessary/advantageous to use multiple .js files and register them separately?
I created a simple page using the code provided by this page (the first sample): [URL] But I can't seem to get it to work, I can redirect to the provider but when the provider redirects back to my page, I get error 500, "The request was rejected by the HTTP filter". I already checked ISAPI filters which I have none.
