tag:blogger.com,1999:blog-6822536077160579260.post513226285220076943..comments2023-06-05T14:25:52.227+01:00Comments on Sound Code: OpenID in ASP.NETAnonymoushttp://www.blogger.com/profile/17900587357903273800noreply@blogger.comBlogger7125tag:blogger.com,1999:blog-6822536077160579260.post-152115919611269362009-01-25T21:13:00.000+00:002009-01-25T21:13:00.000+00:00judekblog,Rather than using your web.config file t...judekblog,<BR/><BR/>Rather than using your web.config file to list the individual users allowed to log in, if the purpose is to whitelist who is allowed to log in at all then inside your openIdLogin_LoggedIn handler you should check e.ClaimedIdentifier and if it isn't on your whitelist, set e.Cancel = true, and display a message to the user saying that they're not allowed to log in.Andrew Arnotthttps://www.blogger.com/profile/13632400519774640095noreply@blogger.comtag:blogger.com,1999:blog-6822536077160579260.post-29767940657118719172009-01-25T21:05:00.000+00:002009-01-25T21:05:00.000+00:00Thanks your code works great. But now I am trying ...Thanks your code works great. But now I am trying to break it down indivigual users and allow only certain users in. For example, what would I set my xxx to in allow users="xxx" in the web.config file?judekbloghttps://www.blogger.com/profile/02230430409636198387noreply@blogger.comtag:blogger.com,1999:blog-6822536077160579260.post-83083178426510034452008-04-06T05:22:00.000+01:002008-04-06T05:22:00.000+01:00aaballboy,The source code is also available from t...aaballboy,<BR/>The source code is also available from the googlecode site that Mark pointed out. But FWIW, you don't need the source to change the OpenId Provider that is suggested in the OpenIdLogin control. You can change that through a property on the control itself. Much easier.Andrew Arnotthttps://www.blogger.com/profile/13632400519774640095noreply@blogger.comtag:blogger.com,1999:blog-6822536077160579260.post-54619087800166425622008-02-14T07:45:00.000+00:002008-02-14T07:45:00.000+00:00Thanks for ur reply!I have found dll.But now I hav...Thanks for ur reply!<BR/>I have found dll.<BR/>But now I have another problem.<BR/>where can I download source code?<BR/>Because I can't change the OpenID control.<BR/>For example,I want to change the OpenID provider from myopenid to yahoo.aaballboyhttps://www.blogger.com/profile/10470452782370431525noreply@blogger.comtag:blogger.com,1999:blog-6822536077160579260.post-5185100734103687582008-02-08T14:49:00.000+00:002008-02-08T14:49:00.000+00:00hi aaballboy,have you tried from the google projec...hi aaballboy,<BR/>have you tried from the google project link? ...<BR/>http://code.google.com/p/dotnetopenid/Anonymoushttps://www.blogger.com/profile/17900587357903273800noreply@blogger.comtag:blogger.com,1999:blog-6822536077160579260.post-26115165933880564562008-02-08T14:00:00.000+00:002008-02-08T14:00:00.000+00:00hi~ Mark!I can't download dll from the url.Do u kn...hi~ Mark!<BR/>I can't download dll from the url.<BR/>Do u know where I can find these dll?<BR/>Thank you!aaballboyhttps://www.blogger.com/profile/10470452782370431525noreply@blogger.comtag:blogger.com,1999:blog-6822536077160579260.post-90152405387402495372007-07-11T06:39:00.000+01:002007-07-11T06:39:00.000+01:00Thanks for your explanatory post. I'm sorry my in...Thanks for your explanatory post. I'm sorry my instructions weren't that good, but I see you've made up for that. <BR/><BR/>The LoggingIn event gives your site a chance to reject a particular URL <I>before</I> the user is redirected to his OpenID provider. You might do this if you only allowed, say, a given set of administrators with known OpenIDs to log into your site.<BR/><BR/>The unhandled exception isn't good. There should be a validation control to handle that, but I'll have to check.<BR/><BR/>In the meantime, you and your readers should know that the NerdBank.Tools version of my ASP.NET OpenID control is now deprecated. The controls were merged into the <A HREF="http://code.google.com/p/dotnetopenid" REL="nofollow">dotnetopenid project</A> and have been worked on there. You should give that library a try and see if you find it better. I welcome comments. Just post to the <A HREF="http://groups.google.com/group/dotnetopenid" REL="nofollow">dotnetopenid Google Group</A>.Andrew Arnotthttps://www.blogger.com/profile/13632400519774640095noreply@blogger.com