OpenId does not compile when I uploading it to my hosting site(works locally) about dotnetopenauth HOT 10 CLOSED

The duplicate uri section error is an expected one if you try to run the
samples on ASP.NET 4.0. .NET 3.5 and 4.0 have different machine.config
files, and 4.0 defines the uri section whereas the 3.5 didn't.

Your fix is correct.

Andrew Arnott
"I [may] not agree with what you have to say, but I'll defend to the death
your right to say it." - S. G. Tallentyre

On Mon, May 30, 2011 at 8:46 AM, xiaobao <
[email protected]>wrote:

Hi

I am using dotnetopenauth library with an asp.net mvc 3 site.

It works on my local host but when I put it up on my testing server it does
not work.

When I click on say to go to "google" it comes back with this message

The OpenId url sent to the server
failed to redirect. Please Try again

To get my site to work on my live site I had to remove this line from my
web.config

I kept getting an error saying "There is a duplicate 'uri' section
defined". I am not sure if dotnetopenauth needs that.

I am using

asp.net mvc 3
C#
.net 4.0
iis 7(on a shared hosting plan)

Reply to this email directly or view it on GitHub:
#36

from dotnetopenauth.

@AArnott - If my fix is correct the why does OpenId not work then? Is there something wrong with my callback url then?

from dotnetopenauth.

Maybe I misunderstood you. When you said:

To get my site to work on my live site I had to remove this line from my
web.config

I took that to mean that you got your live site to work after making that
change. Is that incorrect?

Andrew Arnott
"I [may] not agree with what you have to say, but I'll defend to the death
your right to say it." - S. G. Tallentyre

On Mon, May 30, 2011 at 1:34 PM, xiaobao <
[email protected]>wrote:

@AArnott - If my fix is correct the why does OpenId not work then? Is there
something wrong with my callback url then?

Reply to this email directly or view it on GitHub:
#36 (comment)

from dotnetopenauth.

@AArnott

Correct that made my site show and load (with the line in the web.config not removed my site would not load up and I would get 500 server error).

When I go to my openId page and click on any openId account(google,yahoo and etc) I get

"The OpenId url sent to the server failed to redirect. Please Try again"

So that lead me to believe that I need maybe I needed that line in my web.config since the open Id works locally(through visual studios built in casinni) and I had that web.config line in there.

Now your telling me that the line should in fact be left out if I am using .net 4.0. So my site loads but for some reason something is still wrong with my openId as it always fails with the above stated message.

from dotnetopenauth.

Where is that error message you mentioned coming from? Is that an exception
thrown on your server or the remote server? If by your server, can you

please include the callstack of that exception?

Andrew Arnott
"I [may] not agree with what you have to say, but I'll defend to the death
your right to say it." - S. G. Tallentyre

On Mon, May 30, 2011 at 2:14 PM, xiaobao <
[email protected]>wrote:

@AArnott

Correct that made my show and load up the home page(with the line in the
web.config not removed my site would not load up and I would get 500 server
error).

When I go to my openId page and click on any openId account(google,yahoo
and etc) I get

"The OpenId url sent to the server failed to redirect. Please Try again"

So that lead me to believe that I need maybe I need that line in my
web.config since the open Id works locally(through visual studios built in
casinni) and I had that web.config line in there.

Reply to this email directly or view it on GitHub:
#36 (comment)

from dotnetopenauth.

@AArnott - I am getting a realm error

DotNetOpenAuth.Messaging.ProtocolExceptionreturn_to 'http://www.sub.mydomain.com/Account/OpenId' not under realm 'http://sub.mydomain.com/'.

DotNetOpenAuth.Messaging.ProtocolException: return_to 'http://www.sub.mydomain.com/Account/OpenId' not under realm 'http://sub.mydomain.com/'.
   at DotNetOpenAuth.Messaging.ErrorUtilities.VerifyProtocol(Boolean condition, String message, Object[] args)
   at DotNetOpenAuth.OpenId.RelyingParty.AuthenticationRequest.Create(Identifier userSuppliedIdentifier, OpenIdRelyingParty relyingParty, Realm realm, Uri returnToUrl, Boolean createNewAssociationsAsNeeded)
   at DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty.CreateRequests(Identifier userSuppliedIdentifier, Realm realm, Uri returnToUrl)
   at DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty.CreateRequest(Identifier userSuppliedIdentifier, Realm realm, Uri returnToUrl)
   at mydomain.Framework.Services.AccountService.SendOpenIdRequestToProvider(String openIdUrl) in AccountService.cs:line 63


IAuthenticationRequest outgoingWebResponse = openIdRelyingParty.CreateRequest(openIdUrl, Realm.AutoDetect, new Uri(OpenIdReturnUrl));
GetRequiredUserData(outgoingWebResponse);
return outgoingWebResponse.RedirectingResponse;

from dotnetopenauth.

Ok I think I see why it is not working(I wrote the url without www) and I guess auto detect gets with (www) and that makes them 2 different realms. So how can I handle this case since I cannot control what the user types in.

from dotnetopenauth.

The Realm.AutoDetect that you have in your code snippet will pull whatever the URL is that the user typed in. Your OpenIdReturnUrl parameter that you pass in should be equally flexible. These two parameters must agree with each other. If one has a "www." prefix then the other one must as well. The trouble is probably that one is constant while the other sniffs the current request. You should change either one to be like the other and you'll probably be good.

BTW, you should actually hold your Realm constant, as Providers use that to key off whether users "trust" your site. And especially since some Providers like Google actually use "directed identity" based on the realm, so if your realm isn't constant, each realm a given user logs in with will generate a new user account, which will lead to all kinds of chaos.

from dotnetopenauth.

@AArnott - How should I hold it as a constant? Are you saying not to use autodetect?

from dotnetopenauth.

If you allow multiple URLs to access your web site, then yes: you should not use Realm.AutoDetect.

from dotnetopenauth.