Email After DotNetOpenAuth
17 views
Skip to first unread message
Manojraj C. Teli
Feb 22, 2012, 4:49:36 AM2/22/12
to DotNetOpenAuth
Hello everyone,
I am new to DotNetOpenAuth . I have implemented the login to my
company website using company email ID.
I have question that is it possible to send the mail after
authorization from the using DotNetOpenAuth from the same email id
which used has used for authentication/authorization ..??? Thank you
in advance.
Regards
manojraj Teli
ma...@transervetechnologies.com
I am new to DotNetOpenAuth . I have implemented the login to my
company website using company email ID.
I have question that is it possible to send the mail after
authorization from the using DotNetOpenAuth from the same email id
which used has used for authentication/authorization ..??? Thank you
in advance.
Regards
manojraj Teli
ma...@transervetechnologies.com
Andrew Arnott
Feb 22, 2012, 10:18:01 AM2/22/12
to dotnet...@googlegroups.com
Do you mean if the user logs into your web site as m...@mine.com, you'd like your web site to be able to send an email to someone else claiming to be from m...@mine.com?
--
Andrew Arnott
"I [may] not agree with what you have to say, but I'll defend to the death your right to say it." - S. G. Tallentyre
If so, anyone can send an email as anybody (SMTP protocol isn't very secure). All you need is to set up an SMTP server. On the other hand, if you want it to be a bit more legit (so it won't stop working when Google, Yahoo, Microsoft add their secure email sender protocol to it) you need to know exactly how to send email on behalf of others through the web services offered behind the particular domain that the user is logging in with. For example, if the email ended in @gmail.com (or any other domain hosted by Google Apps for Domains) you could have code in your app that logs the user into Google with an OAuth request for the permission to send email on the users' behalf, then invoke their web services to send that email. But the point is that that is custom code per service provider. OpenID provides no general way of sending emails impersonating the logged in user.
In fact, OpenID 2.0 isn't designed for logging users in based on their email at all -- the security isn't built for that. You should be recognizing users by their ClaimedIdentifier instead.
--
Andrew Arnott
"I [may] not agree with what you have to say, but I'll defend to the death your right to say it." - S. G. Tallentyre
--
You received this message because you are subscribed to the Google Groups "DotNetOpenAuth" group.
To post to this group, send email to dotnet...@googlegroups.com.
To unsubscribe from this group, send email to dotnetopenid...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/dotnetopenid?hl=en.
Reply all
Reply to author
Forward
0 new messages