I am currently playing with DotNetOpenAuth so that the ASP.NET (C #) site uses OpenID instead of the usual login password to process users and sessions.
So far I have added DotNetOpenAuth.dllto my project and tried the login page with the following:
<rp:OpenIdLogin ID="OpenIdLogin1" runat="server" />
When I launch the page, I enter the valid myopenid URL, and the website is redirected to the myopenid page where I enter my password, and after success it returns back to mine default.aspx, due to the following in mine web.config:
<authentication mode="Forms">
<forms defaultUrl="/Default.aspx" loginUrl="~/Login.aspx"/>
</authentication>
Now that the user has "logged in", how can a session be handled? At the moment, I do not know how I can, for example, check if a session is alive or how to end a session.
My main question is: how can I manage a session after user authentication with OpenID?
[Update]
Now I use the following for authentication: HttpContext.Current.Userand with this now I can check if the user is authenticated by the session.
Now there is a possible way, how can I "link" user data that is stored in my database with an openid account?
source
share