Passport Authentication

for RuBoard

Forms authentication is cool, but it has one potential failing. It requires users to create and maintain a set of credentials for every Web site that they visit. Wouldn't it be nice to have just one username and password that you could use at any site? That is the idea behind Microsoft Passport.

The first step to using Microsoft Passport is to request a Site ID. The Site ID identifies your site as a valid Passport partner and is used as a key by Passport to identify settings related to your site. When you have acquired a Site ID, you can configure your site to use Passport. Change the mode attribute of <authentication> element to Passport. A second optional element <passport> enables you to specify the location of the Passport login page via the redirectUrl attribute. A sample web.config for Passport authentication is shown in Listing 7.6.

Listing 7.6 A web.config Setup for Passport Authentication
 <?xml version="1.0" encoding="utf-8" ?> <configuration>     <system.web>         <compilation defaultLanguage="c#" debug="true" />         <authentication mode="Passport">             <passport redirectUrl="login.aspx" />         </authentication>         <authorization>             <allow users="*" /> <!-- Allow all users -->         </authorization>     </system.web>     <location path="attendees">         <system.web>             <authorization>             <deny users="?" />             </authorization>         </system.web>     </location> </configuration> 

The rest of the web.config is very similar to what you used before with forms authentication. Now you need to provide a way for the user to log in. This is typically done with most participating Passport sites using a Passport logo that indicates whether the user is logged in or out. The PassportIdentity object provides a method LogoTag2() that returns the HTML necessary to display this logo.

PassportIdentity

This class contains functionality for interacting with the Passport authentication service.

If the user is not logged in, however, no PassportIdentity object is available. If User.Identity.IsAuthenticated returns false, you need to create a new instance of PassportIdentity and use it to output the login logo. This logo is frequently placed in a number of locations around a site, so it is a good idea to wrap it up in a Web user control. Listing 7.7 shows an example of this control.

Listing 7.7 A Web User Control That Wraps the Display of the Passport Logo
 namespace Passport {     using System;     using System.Data;     using System.Drawing;     using System.Web;     using System.Web.UI.WebControls;     using System.Web.UI.HtmlControls;     /// <summary>     ///        Summary description for passportlogo.     /// </summary>     public abstract class passportlogo : System.Web.UI.UserControl     {         /// <summary>         public passportlogo()         {             this.Init += new System.EventHandler(Page_Init);         }         private void Page_Load(object sender, System.EventArgs e)         {             System.Web.Security.PassportIdentity pi;         if(HttpContext.Current.User.Identity.IsAuthenticated)             pi = (System.Web.Security.PassportIdentity) HttpContext.Current.User.Identity;         else             pi = new System.Web.Security.PassportIdentity();         if(Request["ReturnURL"] == null)             Response.Write(pi.LogoTag2("http://" + Request.ServerVariables["SERVER_NAME"].ToString() + HttpContext.Current.Request.Path, 600, false, "", 1033, false, "", 0, false));         else             Response.Write(pi.LogoTag2(Request["ReturnURL"], 600, false, "", 1033, false, "", 0, false));         }         private void Page_Init(object sender, EventArgs e)         {             //             // CODEGEN: This call is required by the ASP.NET Web Form Designer.             //             InitializeComponent();         }         #region Web Form Designer generated code         ///        Required method for Designer support - do not modify         ///        the contents of this method with the code editor.         /// </summary>         private void InitializeComponent()         {             this.Load += new System.EventHandler(this.Page_Load);         }         #endregion     } } 

The user control first looks to see whether the user has been authenticated. If he is authenticated, the user control then grabs the PassportIdentity of the user. If he is not authenticated, a new PassportIdentity is created. The LogoTag2 method of the PassportIdentity object is then used to output the appropriate login or logout logo for Passport.

This user control can now be placed on the home page to provide a way to log in. When a user attempts to access a page for which he has insufficient permissions, he is redirected to the URL indicated in the redirectUrl attribute of the <passport> element. This page should show a message indicating to the user that he attempted to access authenticated content and provide a way to log in. The easiest way to do this is to include the passportlogo user control that you created in Listing 7.7. A sample login.aspx page is shown in Listing 7.8.

Listing 7.8 The login.aspx Page That Is Shown When Users Attempt to Access Content When They Are Not Authenticated
 <%@ Page language="c#" Codebehind="login.aspx.cs" AutoEventWireup="false" Inherits="Passport.login" %> <%@ Register TagPrefix="uc1" TagName="passportlogo" Src="passportlogo.ascx" %> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML>     <HEAD>         <meta name="GENERATOR" Content="Microsoft Visual Studio 7.0">         <meta name="CODE_LANGUAGE" Content="C#">         <meta name="vs_defaultClientScript" content="JavaScript (ECMAScript)">         <meta name="vs_targetSchema" content="http://schemas.microsoft.com/ intellisense/ie5">     </HEAD>     <body>         <form id="login" method="post" runat="server">             <P>                 You must login to access that content... Click on the passport logo to log in...             </P>             <P>                 &nbsp;                 <uc1:passportlogo id="Passportlogo1" runat="server">                 </uc1:passportlogo>             </P>         </form>     </body> </HTML> 

If you want to use the personalization features of Microsoft Passport, you will also be interested in the Profile collection. The GetProfileObject method of the PassportIdentity allows you to retrieve attributes from the user's Passport profile. The valid attributes are listed in Table 7.1.

Table 7.1. Valid Passport Attributes
Attribute Name Description Validation Rules
Accessibility Indicates whether accessibility features should be enabled on participant sites for this user. 0=no; 1=yes. Must be 0 or 1.
BDay_precision Defines the precision of the Birthdate attribute. 0, 1, 2, 3, or Null.
Birthdate Contains the user's birth year or birth date. Only dates since 12/30/1899 are valid.
City GeoID that maps to the user's city. Must be a valid GeoID.
Country ISO 3166 country code for the user's country.  
Gender Gender of user. Must be Null, M, F, or U.
Lang_Preference LCID of the user's preferred language.  
MemberName A legacy attribute that no longer contains a sign-in name, but can be used to determine a user's domain. Use DomainFromMemberName() .  
Nickname Friendly name the user would like to be greeted by.  
PreferredEmail The user's e-mail address.  
PostalCode Stores the postal code for the United States and other countries , where appropriate.  
ProfileVersion Represents the version of the user's core profile. N/A
Region GeoID that maps to the region within the user's country. Must be a valid GeoID.
Wallet Indicates whether the user has established a Passport wallet. 0=no; 1=yes.

To use the profile data, just pass the name of the core attribute you are interested in to the GetProfileAttribute() method. Listing 7.9 shows a page that retrieves the e-mail address and member name of a user.

Listing 7.9 A Page That Displays the PUID, E-mail Address, and Member Name of a Logged-in Passport User
 using System; using System.Collections; using System.ComponentModel; using System.Data; using System.Drawing; using System.Web; using System.Web.SessionState; using System.Web.UI; using System.Web.UI.WebControls; using System.Web.UI.HtmlControls; namespace Passport {     /// <summary>     /// Summary description for CDefault.     /// </summary>     public class CDefault : System.Web.UI.Page     {         public CDefault()         {             Page.Init += new System.EventHandler(Page_Init);         }         private void Page_Load(object sender, System.EventArgs e)         {             if(User.Identity.IsAuthenticated)             {                 System.Web.Security.PassportIdentity pi = (System.Web.Security.PassportIdentity)User.Identity;                 Response.Write("<BR>");                 Response.Write("User.Identity.Name: " + User.Identity.Name);                 Response.Write("<BR>");                 Response.Write("Preferred Email: " + pi["preferredemail"].ToString());                 Response.Write("<BR>");                 Response.Write("Member name: " + pi["membername"].ToString());                 Response.Write("<BR>");             }         }         private void Page_Init(object sender, EventArgs e)         {             //             // CODEGEN: This call is required by the ASP.NET Web Form Designer.             //             InitializeComponent();         }         #region Web Form Designer generated code         /// <summary>         /// Required method for Designer support - do not modify         /// the contents of this method with the code editor.         /// </summary>         private void InitializeComponent()         {                 this.Load += new System.EventHandler(this.Page_Load);         }         #endregion     } } 

When using Passport authentication, User.Identity.Name does not return the login name of the user; instead, it returns a Passport User ID (PUID). You should use this as a key to any user-specific data you are storing, rather than using the member name or e-mail address (which can change) from the profile.

for RuBoard


C# Developer[ap]s Guide to ASP. NET, XML, and ADO. NET
C# Developer[ap]s Guide to ASP. NET, XML, and ADO. NET
ISBN: 672321556
EAN: N/A
Year: 2005
Pages: 103

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net