I am using unsolicited assertions. I wrote an IOpenIdApplicationStore
implementation and configured it in the the provider using the store
element. The following is the config section.
> <dotNetOpenAuth> <openid> <provider> <security requireSsl="false" unsolicitedAssertionVerification="RequireSuccess" /> <behaviors> <!-- Behaviors activate themselves automatically for individual matching requests. The first one in this list to match an incoming request "owns" the request. If no profile matches, the default behavior is assumed. --> <!--<add type="DotNetOpenAuth.OpenId.Provider.Behaviors.PpidGeneration, DotNetOpenAuth" />--> </behaviors> <!-- Uncomment the following to activate the sample custom store. --> <!--<store type="OpenIdProviderWebForms.Code.CustomStore, OpenIdProviderWebForms" />--> <store type="MyApplication.DataAccess.OpenIdApplicationStoreDao, MyApplication.DataAccess" /> </provider> </openid> <messaging> <untrustedWebRequest> <whitelistHosts> <!-- since this is a sample, and will often be used with localhost --> <add name="localhost"/> </whitelistHosts> </untrustedWebRequest> </messaging> <!-- Allow DotNetOpenAuth to publish usage statistics to library authors to improve the library. --> <reporting enabled="false" /> </dotNetOpenAuth>
My implementation is never loaded.
In looking through the souce code, I only see
context.Application[ApplicationStoreKey]) read from in OpenIdProvider.cs in
the HttpApplicationStore property and never set anywhere.
Where would I look to find the code that should be instantiating an
instance of my implementation so that I can try to determine why it isn't
being instantiated? Am I correct that I do need to implement this
interface on the Provider for the unsolicited assertion use case when being
used in a web farm?
Also, my understanding at this point is that the relying party has no need
to implement this interface because they don't need to store nonce values
nor is there an association.