ASP.NET MVC 2 and OpenID

by 5. August 2010 01:10

In this post I’ll be showing you how to integrate OpenID authentication on your ASP.NET MVC 2 site. To this end, I’ll be integrating DotNetOpenAuth and openid-selector, so go ahead and download the latest versions of both and extract them to a folder of your choosing.

First, open Visual Studio 2010 and create a new project by going to File > New > Project > Web > ASP.NET MVC 2 Application:


Click “OK” and you will be asked if you want to create a unit test project or not. For the purpose of this article I’ll select no, but feel free to create one.

Now, after Visual Studio is done creating your project, you can hit F5 and you should see this page in your browser:


This is actually a fully functioning ASP.NET MVC site, but our aim is to replace the default “Log On” mechanism with an OpenID approach. To do this, we’ll be integrating DotNetOpenAuth as mentioned earlier. DotNetOpenAuth is a free library that allows you to integrate OpenID by simply adding an ASP.NET control to your page.

To use DotNetOpenAuth, right click “References” in the Solution Explorer, choose “Add Reference” and browse to where you extracted DotNetOpenAuth to. Go to the bin folder, select “DotNetOpenAuth.dll” and click “Open”, then “Add” and finally “Close”. Now we are almost ready to use DotNetOpenAuth, but first we need to add some lines to the Web.config file.

Add the following lines inside the <configuration> element in your Web.config file:

<section name="dotNetOpenAuth" type="DotNetOpenAuth.Configuration.DotNetOpenAuthSection" requirePermission="false" allowLocation="true"/>
<idn enabled="All"/>
<iriParsing enabled="true"/>
<security requireSsl="false"/>
<!-- The following OPTIONAL behavior allows RPs to use SREG only, but be compatible
with OPs that use Attribute Exchange (in various formats). -->
<add type="DotNetOpenAuth.OpenId.Behaviors.AXFetchAsSregTransform, DotNetOpenAuth"/>
<!-- since this is a sample, and will often be used with localhost -->
<add name="localhost"/>
<!-- Allow DotNetOpenAuth to publish usage statistics to library authors to improve the library. -->
<reporting enabled="true"/>

Now we are all set to use DotNetOpenAuth, but first we’ll integrate openid-selector. openid-selector is a simple JavaScript, where users instead of entering their full OpenID identifier, simply clicks the logo of their OpenID provider and then enter their username. Luckily it is really simple to integrate.

There are 4 steps to integrate openid-selector with your ASP.NET MVC 2 project:

  1. go to where you extracted it in the first place and open the css folder. Inside this you’ll find a file named openid.css. Copy the contents of this file and insert it at the end of the Site.css file in your Visual Studio project under the “Content” folder.
  2. Add a new folder to your project called “images”. Then, right click it and select “Add” > “Existing item…” and then browse to the openid-selector/images folder. Select all the files and click “Add”.
  3. In your Visual Studio project, right click the “Scripts” folder and select “Add” > “Existing Item…”  and then browse to the openid-selector/js folder, select the “openid-jquery.js” file and click “Add”. Before moving on, you need to open the newly added “openid-jquery.js” file and scroll down to the line (line number 88 in the version I tested):

    img_path: 'images/',

    and replace it with the line:

    img_path: '../images/',
  4. Finally, go to “Views” > “Shared” and open the “Site.Master” file and insert the following lines in the <head>-tag:
    <script type="text/javascript" src="../../Scripts/jquery-1.4.1.min.js"></script>
    <script type="text/javascript" src="../../Scripts/openid-jquery.js"></script>
    <script type="text/javascript">
    $(document).ready(function () {

Your project should now look something like this in the Solution Explorer:


Now, after all the configuration is done, it’s finally time to setup the OpenID integration. Open the “LogOn.aspx” in “Views” > “Account” and replace the <asp:Content ID=”loginContent”..> with this:

<asp:Content ID="loginContent" ContentPlaceHolderID="MainContent" runat="server">
<h2>Log On</h2>
Please enter your username and password. <%: Html.ActionLink("Register", "Register") %> if you don't have an account.
<form action="Authenticate?ReturnUrl=<%=HttpUtility.UrlEncode(Request.QueryString["ReturnUrl"]) %>" method="post" id="openid_form">
<input type="hidden" name="action" value="verify" />
<%: Html.ValidationSummary(true, "Login was unsuccessful. Please correct the errors and try again.") %>
<legend>Account Information</legend>
<div class="openid_choice">
<p>Please click your account provider:</p>
<div id="openid_btns"></div>
<div id="openid_input_area">
<%: Html.TextBox("openid_identifier") %>
<input type="submit" value="Log On" />
<p>OpenID is service that allows you to log-on to many different websites using a single indentity.
Find out <a href="">more about OpenID</a> and <a href="">how to get an OpenID enabled account</a>.</p>

Click F5 and browse to the “Log On” page, and you should see this:


Almost done now. Now we just need to hook up the Controller, so back in Visual Studio, expand “Controllers” and open AccountController.cs.

First we need to add several using statements, in order to use the DotNetOpenAuth library:

using DotNetOpenAuth.Messaging;
using DotNetOpenAuth.OpenId;
using DotNetOpenAuth.OpenId.Extensions.SimpleRegistration;
using DotNetOpenAuth.OpenId.RelyingParty;

Next, in the top of your class, add this static variable:

private static OpenIdRelyingParty openid = new OpenIdRelyingParty();

And then add the following method:

public ActionResult Authenticate(string returnUrl)
var response = openid.GetResponse();
if (response == null)
// Stage 2: user submitting Identifier
Identifier id;
if (Identifier.TryParse(Request.Form["openid_identifier"], out id))
var request = openid.CreateRequest(Request.Form["openid_identifier"]);
//Ask user for their email address
ClaimsRequest fields = new ClaimsRequest();
fields.Email = DemandLevel.Request;
return request.RedirectingResponse.AsActionResult();
catch (ProtocolException ex)
ViewData["Message"] = ex.Message;
return View("LogOn");
ViewData["Message"] = "Invalid identifier";
return View("LogOn");
// Stage 3: OpenID Provider sending assertion response
switch (response.Status)
case AuthenticationStatus.Authenticated:
MembershipUser user = MembershipService.GetUser(response.ClaimedIdentifier);
if (user == null)
MembershipCreateStatus membershipCreateStatus;
//Get custom fields for user
var sreg = response.GetExtension<ClaimsResponse>();
if (sreg != null)
membershipCreateStatus = MembershipService.CreateUser(response.ClaimedIdentifier, "12345", sreg.Email);
membershipCreateStatus = MembershipService.CreateUser(response.ClaimedIdentifier, "12345", "");
if (membershipCreateStatus == MembershipCreateStatus.Success)
FormsService.SignIn(response.ClaimedIdentifier, false /* createPersistentCookie */);
return RedirectToAction("Index", "home");
ViewData["Message"] = "Error creating new user";
return View("LogOn");
FormsAuthentication.SetAuthCookie(user.UserName, false);
if (!string.IsNullOrEmpty(returnUrl))
return Redirect(returnUrl);
return RedirectToAction("Index", "Home");
case AuthenticationStatus.Canceled:
ViewData["Message"] = "Canceled at provider";
return View("LogOn");
case AuthenticationStatus.Failed:
ViewData["Message"] = response.Exception.Message;
return View("LogOn");
return new EmptyResult();

Before this will compile, you need to make a change to the “Models” > “AccountModels.cs” file.

Add this line to the IMembershipService interface:

MembershipUser GetUser(string userName);

and then add the method implementation to  the AccountMembershipService class:

public MembershipUser GetUser(string userName)
MembershipUser currentUser = _provider.GetUser(userName, false /* userIsOnline */);
return currentUser;

And we’re done! Note: this code is based on the provided samples you get when downloading DotNetOpenAuth, and it is only a guide to get it setup with an ASP.NET MVC 2 project, not a ready-for-production solution.

Tags: , , , ,

ASP.NET 4 and MySQL Membership Provider

by 5. August 2010 01:07

Recently I had to setup an ASP.NET MVC 2 project which would utilize the built-in membership of ASP.NET. However, I didn't have access to a MS SQL database, so I had to use a MySQL data provider instead. The following is a quick guide on how to get it setup.

First, you need to download the MySQL Connector/Net from this page. This makes it possible to connect to MySQL databases from .NET applications and gives you access to the ADO.NET interfaces. I choose to download the latest development release (at the time of writing) Connector/Net 6.3.3 beta, as this fully integrates with Visual Studio 2010 which the latest public release (6.2.3 at the time of writing) does not. Download BOTH the source ( and the installation file ( I will explain why in a second.

Once you've downloaded both files, extract them and install the connector. Now, normally when using the membership provider, the database tables/schemas are automatically created. The MySQL membership provider does this as well, unfortunately it just doesn't do it right. At least it didn't work for me. Instead, you have to create the databases semi-manually. Go to the location where you extracted the source and browse to the following folder "\MySql.Web\Providers\Properties". In this folder you will see a number of .sql files: schema1.sql, schema2.sql, schema3.sql, schema4.sql, schema5.sql and schema6.sql. Run each of these, in turn and starting with schema1.sql, against your MySQL database.

Now, fire up Visual Studio 2010 and open your application. Add a reference to MySql.Web.dll which can be found in the directory you installed the Connector, e.g. C:\Program Files\MySQL\MySQL Connector Net 6.3.3\Assemblies\v2.0

Next, unless you haven’t done this already, add your MySQL connection string to the configuration/connectionStrings element in the Web.config, e.g.:

<add name="MySQLConn" connectionString="Server=SERVERADDRESS;Database=DATABASENAME;Uid=USERNAME;Pwd=PASSWORD;"/>

Finally, open up your Web.config and add these lines to the <system.web> element:

<membership defaultProvider="MySqlMembershipProvider">
<add name="MySqlMembershipProvider" 
type="MySql.Web.Security.MySQLMembershipProvider,MySql.Web,Version=, Culture=neutral,PublicKeyToken=c5687fc88969c44d" 
autogenerateschema="true" connectionStringName="MySQLConn" 
enablePasswordRetrieval="false" enablePasswordReset="true" 
requiresQuestionAndAnswer="false" requiresUniqueEmail="false" 
passwordFormat="Hashed" maxInvalidPasswordAttempts="5" 
minRequiredPasswordLength="6" minRequiredNonalphanumericCharacters="0" 
passwordAttemptWindow="10" passwordStrengthRegularExpression="" 
applicationName="/" />
<profile defaultProvider="MySqlProfileProvider">
<add name="MySqlProfileProvider" 
connectionStringName="MySQLConn" applicationName="/" />
<roleManager enabled="true" defaultProvider="MySqlRoleProvider">
<clear />
<add name="MySqlRoleProvider" 
connectionStringName="MySQLConn" applicationName="/" />

Now, you've (hopefully) got a fully working MySQL membership provider. To test it, go to Project > ASP.NET Configuration and go to the Security tab. Here you should be able to manage users and roles.

NOTE: Make sure you enter the correct connectionstring name, version number and PublicKeyToken in the Web.config. The version number is self-explanatory, but the PublicKeyToken can be a little trickier to figure out. The PublicKeyToken value is most likely the same, but to make sure see this link on how to find the PublicKeyToken for a .dll

Tags: , ,