VS2008 project template for OpenID and InfoCard relying parties
I finally built a project template to make it easier to write an OpenID relying party web site using C# and ASP.NET. Up to this point all we had were…
Optimal OpenID UX finally underway
I’m finally making progress on building a set of HTML and javascript files that can be used on any OpenID relying party web site to allow visitors to easily log…
How to easily fetch OpenID attributes, regardless of the Provider
In a previous article, I bemoan the pain of writing an OpenID Relying Party that wants to fetch user attributes from their OpenID Provider, because of the at least 4…
DotNetOpenAuth v3.2 is done
DotNetOpenAuth v3.2 just came off the presses. Lots of feature work and a few interop fixes in this release. The biggest highlights being: Very simple story for both RPs and…
How to get ILMerge to work with .PFX files
ILMerge is an excellent tool for “linking” multiple assemblies into one. But one of its switches, /keyfile:, which allows it to sign the resulting merged assembly, only accepts .snk files. …
Help is coming for the Sreg/AX interop problem for OpenID
Just to get your mouth watering for DotNetOpenAuth v3.2… V3.2 has a new "behaviors" plugin capability that lets RPs and OPs get additional functionality with very little effort. For example,…
Reverse engineering ASP.NET Membership passwords and salts
I’m working on a project that was using the ASP.NET SQL Membership and I needed to remove the Membership provider from the system since we wanted more control over the…
Caching results of .NET IEnumerable generator methods
If you’re already familiar with generator methods and want to jump to intelligent caching of their results, skip further down in this blog post. In C#, generator methods are methods…
Uri.EscapeDataPath and HttpUtility.UrlEncode are NOT the same
For some reason Microsoft defined URI escaping twice: Uri.EscapeDataString and HttpUtility.UrlEncode seem to cover the same need. There’s another pair: Uri.EscapeUriString and HttpUtility.UrlPathEncode which again seem to be redundant with…
Recent OpenID relying party vulnerabilities
The OSIS I5 OpenID interop testing is well underway. Last weekend while testing some OpenID relying party web sites, John Bradley happened upon a web site that failed a particularly…