IOpenIdApplicationStore implementation doesn't load for unsolicited assertion use case?

[Richard Collette]

I am using unsolicited assertions.  I wrote an IOpenIdApplicationStore implementation and configured it in the the provider using the store element.   The following is the config section.

 

  <dotNetOpenAuth>
    <openid>
      <provider>
        <security 
          requireSsl="false"             
          unsolicitedAssertionVerification="RequireSuccess"
          />
        <behaviors>
          <!-- Behaviors activate themselves automatically for individual matching requests. 
               The first one in this list to match an incoming request "owns" the request.  If no
               profile matches, the default behavior is assumed. -->
          <!--<add type="DotNetOpenAuth.OpenId.Provider.Behaviors.PpidGeneration, DotNetOpenAuth" />-->
        </behaviors>
        <!-- Uncomment the following to activate the sample custom store.  -->
        <!--<store type="OpenIdProviderWebForms.Code.CustomStore, OpenIdProviderWebForms" />-->
        <store type="MyApplication.DataAccess.OpenIdApplicationStoreDao, MyApplication.DataAccess" />
      </provider>
    </openid>
    <messaging>
      <untrustedWebRequest>
        <whitelistHosts>
          <!-- since this is a sample, and will often be used with localhost -->
          <add name="localhost"/>          
        </whitelistHosts>
      </untrustedWebRequest>
    </messaging>
    <!-- Allow DotNetOpenAuth to publish usage statistics to library authors to improve the library. -->
    <reporting enabled="false" />
  </dotNetOpenAuth>

 

My implementation is never loaded.

 

In looking through the souce code, I only see  context.Application[ApplicationStoreKey]) read from in OpenIdProvider.cs in the HttpApplicationStore property and never set anywhere.

 

Where would I look to find the code that should be instantiating an instance of my implementation so that I can try to determine why it isn't being instantiated?  Am I correct that I do need to implement this interface on the Provider for the unsolicited assertion use case when being used in a web farm?

 

Also, my understanding at this point is that the relying party has no need to implement this interface because they don't need to store nonce values nor is there an association.

 

Thank you,

Rich

[Richard Collette]

Ignore this.  Somehow the demo solution settings changed such that it was not starting up both the OP and RP sites which is why my breakpoints weren't working.  Turns out my implementation is working just fine.   Sorry for the distraction.  

I am still curious as to what sets  context.Application[ApplicationStoreKey])  or is this perhaps a left over artifact that only has the appearance of being used.

[Andrew Arnott]

Hi Richard,

I'm glad you got it working.

The Context.Application thing is still used.  You can find where it is set here.
--
Andrew Arnott
"I [may] not agree with what you have to say, but I'll defend to the death your right to say it." - S. G. Tallentyre

--
You received this message because you are subscribed to the Google Groups "DotNetOpenAuth" group.

To view this discussion on the web visit https://groups.google.com/d/msg/dotnetopenid/-/-89_0YA-xGUJ.

To post to this group, send email to dotnet...@googlegroups.com.
To unsubscribe from this group, send email to dotnetopenid...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/dotnetopenid?hl=en.

[Richard Collette]

Andrew,

 

Thank you, but what I was referring to is the fact that I don't see where a custom IOpenIdApplicaitonStore would be set for the context.  The line you referenced only sets a standard provider.  My code is working and this is not critical so feel free to delay any response, but I am still a little perplexed.

 

Thanks,

Rich

To unsubscribe from this group, send email to dotnetopenid+unsubscribe@googlegroups.com.

[Andrew Arnott]

Hi Richard,

Upon closer reading it appears that DNOA only uses the HttpApplication cache to reuse the standard IOpenIdApplicationStore if a custom one isn't specified in the .config file.  If reusing a cached instance is important to you, you can do it by caching it yourself and passing it in explicitly to the OpenIdProvider constructor.

To view this discussion on the web visit https://groups.google.com/d/msg/dotnetopenid/-/ittBXBLT0bcJ.

To post to this group, send email to dotnet...@googlegroups.com.

To unsubscribe from this group, send email to dotnetopenid...@googlegroups.com.

For more options, visit this group at http://groups.google.com/group/dotnetopenid?hl=en.

--