Freigeben über


How to map Live ID with Domain (Active Directoy/AD) User Credential

Have you ever tried implementing Live ID Authentication into your asp.net web application? Well, it is not same as old Passport Authentication. From IIS 7 onwards we do not have option to implement Passport authentication. In place of it we have a Live ID SDK to implement Live ID Authentication in your public facing Web Site. You can register your site/URL to use Live ID from here:

https://msdn.microsoft.com/en-us/library/bb676626.aspx

Also you can try a sample code in your test server AKA localserver:

https://msdn.microsoft.com/en-us/library/bb676621.aspx

One of our partners proposed a unique solution and wanted me to develop a prototype for it. They have a public facing Web Site with multiple sub folders (virtual site) for different types of content. They implemented Windows Based authentication in such a way, so that different groups of users have permissions to browse different sub folders. Now they wanted to implement Live ID Authentication on this Web Application in such a way, so that each user can be mapped with a specific Live ID.

When a user logs-in for the first time he/she will be redirected to Live Site for authentication and then re-directed to the site and needs to insert their Domain login-id for the first time. Then, for consecutive usage, they will only enter with Live ID.

I implemented this by using HTTP Module and SQL Server additionally. The flow of entire application and the code is attached below. It is highly recommended to go through the above mentioned sample code first and try implementing it before implementing the proposed solution. Also get an Application ID for your Public Facing Web Site. One significant change, in sample, the webauth-handler.aspx remains under the /webauth/sample/ folder. Hence the default return URL is https://localhost/webauth/sample/webauth-handler.aspx. But in our case, it is https://www.contoso.com/webauth-handler.aspx i.e, in the root folder of the site. We also added the registration.aspx at the root folder. The SQL table Create statement is as below:

 CREATE TABLE [dbo].[AuthTable](

                [adusername] [varchar](50) NULL,

                [usertoken] [varchar](50) NULL

) ON [PRIMARY]

Demo download URL: https://blogs.msdn.com/pranab/attachment/9889567.ashx

LiveIDtoDomainUser.zip

Comments

  • Anonymous
    November 06, 2009
    Is it possible to have a list of e-mail or UID and when a user logs into Sharepoint via windows LiveID. I can map the e-mail to a sharepoint group.. i.e. students login an auto map their e-mails to a classroom.. Thank you, michael.pepe@gmail.com