This project is read-only.

Live ID

Sep 6, 2007 at 7:04 PM

Would be difficult integrate Live ID authentication in BlogEngine.NET ? Live ID Web Authentication 1.0 SDK/url

In Community server is posible yet, and i think that is a better idea than :D

Sep 6, 2007 at 9:42 PM
it is impossible because you have to register every instance of BE with microsoft in order to use Live ID. It is not something we can do centrally. It would be cool though.
Sep 7, 2007 at 11:38 AM
What do you mean? You just have to get an id for your specific site to enable it. You can make it an optional addon and just disable it when not in use. I have some code for it already that I'm using in another project. It even uses the built-in membership provider. All it does is set the username and password to the Guid that Live ID returns in the db. The one downside is that once you switch to live id the way i have it setup you can't switch away from it easily. You could build a custom membership provider for it, but I am too lazy to do that. :p
Sep 7, 2007 at 1:20 PM
Do you really think it is a good idea to use Live ID? I am not a programmer, I am a system engineer and I am responsible for security area too in my work. Live ID can be used on many sensitive webs - MSDN, Gold&Certified, MOET, MCP site. It is necessary to use HTTPS while entering your e-mail address and password and ensure secure channel in transport.

I did not find an easy way how to enable SSL on BE for login and admin pages. As I said I am not programmer, but before implementing Live ID I would prefer SSL implementation first.
Sep 7, 2007 at 2:39 PM
Great ideas! What about an OpenID implementation?

Cause frankly, I'm not the biggest fan of the Gravatar integration either (or the new Monster extension for that matter)
Sep 7, 2007 at 3:22 PM
rdolezel i think that Live ID authentication don't permit that the website can see the password or use the "cookie" to perform other thing than be authenticate in this site.

Is like a kerberos, you authenticate in a extern server, this authentication in Live ID is secure.

Sep 7, 2007 at 4:59 PM
It is true that authentication is done via I am not convinced that it is absolutely safe to return to http:// based BE blog. Plus remember that annoying browser warning.

All web sites, which I used with Live ID, called with SSL and continued with https://. Using SSL certificate could be problem for all BE users without dedicated IP address.

But just know I tried I signed in with Live ID (and and returned to without any browser warning message. Interesting, but not sure if it will work for non-ms web sites.
Sep 11, 2007 at 8:20 PM
OpenID has been suggested, but it has nothing to do with Gravatar or MonsterID. None of those have anything to do with authentication or security. They just display icons and that's it.
Feb 17, 2010 at 2:47 PM


Is it possible to use Window live id feature for loggin process in Blogengine.Net. If yes then Please tell me how it could be implemented.


Thanks & Regards,

Parveen Punia