• ►ASP.NET
• ►Commerce
• ► Community
  • ►AddThis
  • ►Blog
  • ►Disqus Comments
  • ►Event Calendar
  • ►Extranet
  • ►Facebook Comments
  • ►Facebook Like Box
  • ►Facebook Like Button
  • ►Facebook Pages
  • ►Google PlusOne
  • ►Nabble Forum
  • ►Newsletter
  • ►OpenID
  • ►Page Comments
  • ►Quick Poll
  • ►Raty
  • ►Simple Wiki
  • ►Tell a Friend
  • ►Twitter Feed Aggregator
  • ►UserEcho Feedback Widget
  • ►WIF
• ►Contribution
• ►Feeds
• ►Forms
• ►Lists
• ►Localization
• ►Media
• ►Navigation
• ►News
• ►Search
• ►Tools
• ►Updates
• ►Web
• ►Packages FAQ

Protect pages or selected content on pages from unauthorized access by using OpenID

To view the pages or their content, users should sign in by selecting one of the OpenID providers (Google, Yahoo etc) or their OpenIDs directly. If the users have not signed in, they are redirected to the page with the OpenID based sign-in form.

Read information on OpenID.

How to implement OpenID on a website

First, install the Composite.Community.OpenID package.

Then, implement the protection of content on pages with OpenID:

1. Set up an OpenID-based sign-in form on the website
2. Protect pages or selected content on pages.

Additionally, you can:

• Set up the user profile information page.
• Have the sign-in status displayed on protected pages

Setting up an OpenID sign-in form

1. In the Content perspective, create or edit a page to have an OpenID based sign-in form.
2. Insert the Composite.Community.OpenID.SignInForm function ( Insert > Function) or add the following markup:
   

    
   <f:function name="Composite.Community.OpenID.SignInForm" xmlns:f="http://www.composite.net/ns/function/1.0"> 
     <f:param name="UserDetailsPage" value="c3e516ae-8b8b-4344-8cca-1606b0c7e783" /> 
   </f:function>

3. If necessary, set its optional parameter:
   • User Details Page: The page with a User Details form (user profile information allowed by the OpenID provider)

Protecting Pages

To protect multiple pages based on the same template or an individual page:

1. In the Layout perspective, edit a template or in the Content perspective, edit a page.
2. Insert the Composite.Community.OpenID.PageProtection function ( Insert > Function) or add the following markup:
   

    
   <f:function name="Composite.Community.OpenID.ContentProtection" xmlns:f="http://www.composite.net/ns/function/1.0"> 
     <f:param name="SignInPage" value="56b5e6f6-fb49-41c1-9b04-9075f001a124" /> 
   </f:function>

3. Set the Sign In Page parameter to the page with the sign-in form.

Protecting Content on Pages

To protect some content on a page:

1. In the Content perspective, edit a page.
2. Insert the Composite.Community.OpenID.ContentProtection function ( Insert > Function) or add the following markup:
   

    
   <f:function name="Composite.Community.OpenID.ContentProtection" xmlns:f="http://www.composite.net/ns/function/1.0"> 
     <f:param name="SignInPage" value="56b5e6f6-fb49-41c1-9b04-9075f001a124" /> 
     <f:param name="Message" value="This is a protected page. To continue, please" /> 
     <f:param name="ContentToProtect" value="&lt;html xmlns=&quot;http://www.w3.org/1999/xhtml&quot;&gt;&#xD;   &lt;head&gt;&lt;/head&gt;&#xD;   &lt;body&gt;&#xD;     &lt;p&gt;This is a protected content area on a page.&lt;/p&gt;&#xD;   &lt;/body&gt;&#xD; &lt;/html&gt;" /> 
   </f:function>

3. Set its required parameters:
   • Sign In Page: The page with an OpenID sign-in form.
   • Content To Protect: The content to protect on a page.
4. If necessary, set its optional parameter:
   • Message: The message to display to the user who has not signed in when not redirected. "This is a protected page. To continue, please" by default (followed by the URL to the sign-in page).

Displaying User Profile Information

1. In the Content perspective, create or edit a page for user profile information.
2. Insert the Composite.Community.OpenID.UserDetailsForm function ( Insert > Function) or add the following markup:
   

    
   <f:function name="Composite.Community.OpenID.UserDetailsForm" xmlns:f="http://www.composite.net/ns/function/1.0"> 
     <f:param name="SignInPage" value="7af6a791-5eda-4082-b6ce-451e4b58877a" /> 
   </f:function>

3. Set its required parameter:
   • Sign In Page: The page with an OpenID sign-in form.

Displaying user sign-in status on pages

1. In the Layout perspective, edit the templates used by protected pages or pages with protected content.
2. Add the Composite.Community.OpenID.SignInStatus function ( Insert > Function) or insert the following code:
   

    
   <f:function xmlns:f="http://www.composite.net/ns/function/1.0" name="Composite.Community.OpenID.SignInStatus"> 
     <f:param name="UserDetailsPage" value="856d4dc0-154d-48c3-9b64-d8909018494c" /> 
     <f:param name="SignInPage" value="56b5e6f6-fb49-41c1-9b04-9075f001a124" /> 
   </f:function>

3. Set the required parameters:
   • Sign In Page: The page with an OpenID sign-in form
   • User Details page: The page with a User Details form (user profile information allowed by the OpenID provider)

Requirements

Composite C1 version 2.0 or later