Tag: Google

Google OpenID Authentication In Your ASP.NET With DotNetOpenAuth

Eddlogic3 Comments

 

 


To secure websites, we usually create user database and develop a login page to authenticate the user. If you have several websites, creating separate user login for each site is time consuming and not favorable to your users because they have to login to each site separately. OpenID was developed to solved such authentication hassles. It is an open standard for developers that enables them to authenticate their users in a decentralized manner. For end-users, OpenID allows them to consolidate their digital identities. Major web services that supports OpenID are Google, Yahoo and Facebook. If you use OpenID with your website, you allow users to login to your site using their Google, Yahoo or Facebook accounts. The authentication will be hosted by the OpenID provider, so no need to maintain the user details on your side except the Identifier returned by the provider.On this article, I will show you a ASP.NET sample code I made that use OpenID Authentication to verify Google Account. To accomplish the authentication, I used the C# library called DotNetOpenAuth. Here is the step-by-step procedure to implement it on your ASP.NET application. 

  1. Download the DotNetOpenAuth  Libraries. Choose the most appropriate version for development platform.
  2. Extract the downloaded compressed file on your hard drive.
  3. On your project, Add Reference to “DotNetOpenAuth.dll”
  4. On your login page’s HTML Code, paste the following.

 

<form id=”form1″ runat=”server”>

Log in with

</div>
</form>

Take note of the URL: https://www.google.com/accounts/o8/id – this is the unique OpenID URL of Google Account.   5. Include the following namespaces on your “Using” directive.

 

6. On the Page_Load & OpenLogin_Click, use the following codes

  using DotNetOpenAuth.OpenId;
using DotNetOpenAuth.OpenId.RelyingParty;
protected void Page_Load(object sender, EventArgs e)
{
OpenIdRelyingParty rp = new OpenIdRelyingParty();
var r = rp.GetResponse();
if (r != null)
{
switch (r.Status)
{
case AuthenticationStatus.Authenticated:
NotLoggedIn.Visible = false;
Session[“GoogleIdentifier”] = r.ClaimedIdentifier.ToString();
Response.Redirect(“Main.aspx”); //redirect to main page of your website
break;
case AuthenticationStatus.Canceled:
lblAlertMsg.Text = “Cancelled.”;
break;
case AuthenticationStatus.Failed:
lblAlertMsg.Text = “Login Failed.”;
break;
}
} }protected void OpenLogin_Click(object src, CommandEventArgs e)
{
string discoveryUri = e.CommandArgument.ToString();
OpenIdRelyingParty openid = new OpenIdRelyingParty();
var b = new UriBuilder(Request.Url) { Query = “” };
var req = openid.CreateRequest(discoveryUri, b.Uri, b.Uri);
req.RedirectToProvider();
}

7. Run the project. It should look like the following screens.

Log in with Now the Login page look like ….

SEO Guidelines

Eddlogic

While SEOs can provide clients with valuable services, some unethical SEOs have given the industry a black eye through their overly aggressive marketing efforts and their attempts to manipulate search engine results in unfair ways. Practices that violate our guidelines may result in a negative adjustment of your site’s presence in Google, or even the removal of your site from our index. Here are some things to consider:

  • Be wary of SEO firms and web consultants or agencies that send you email out of the blue.Amazingly, we get these spam emails too:

    “Dear techsupportbase.net,
    I visited your website and noticed that you are not listed in most of the major search engines and directories…”

    Reserve the same skepticism for unsolicited email about search engines as you do for “burn fat at night” diet pills or requests to help transfer funds from deposed dictators.

  • No one can guarantee a #1 ranking on Google.Beware of SEOs that claim to guarantee rankings, allege a “special relationship” with Google, or advertise a “priority submit” to Google. There is no priority submit for Google. In fact, the only way to submit a site to Google directly is through our Add URL page or by submitting a Sitemap and you can do this yourself at no cost whatsoever.
  • Be careful if a company is secretive or won’t clearly explain what they intend to do.Ask for explanations if something is unclear. If an SEO creates deceptive or misleading content on your behalf, such as doorway pages or “throwaway” domains, your site could be removed entirely from Google’s index. Ultimately, you are responsible for the actions of any companies you hire, so it’s best to be sure you know exactly how they intend to “help” you. If an SEO has FTP access to your server, they should be willing to explain all the changes they are making to your site.
  • You should never have to link to an SEO.Avoid SEOs that talk about the power of “free-for-all” links, link popularity schemes, or submitting your site to thousands of search engines. These are typically useless exercises that don’t affect your ranking in the results of the major search engines — at least, not in a way you would likely consider to be positive.
  • Choose wisely.While you consider whether to go with an SEO, you may want to do some research on the industry. Google is one way to do that, of course. You might also seek out a few of the cautionary tales that have appeared in the press, including this article on one particularly aggressive SEO: http://seattletimes.nwsource.com/html/businesstechnology/2002002970_nwbizbriefs12.html. While Google doesn’t comment on specific companies, we’ve encountered firms calling themselves SEOs who follow practices that are clearly beyond the pale of accepted business behavior. Be careful.
  • Be sure to understand where the money goes.While Google never sells better ranking in our search results, several other search engines combine pay-per-click or pay-for-inclusion results with their regular web search results. Some SEOs will promise to rank you highly in search engines, but place you in the advertising section rather than in the search results. A few SEOs will even change their bid prices in real time to create the illusion that they “control” other search engines and can place themselves in the slot of their choice. This scam doesn’t work with Google because our advertising is clearly labeled and separated from our search results, but be sure to ask any SEO you’re considering which fees go toward permanent inclusion and which apply toward temporary advertising.
  • What are the most common abuses a website owner is likely to encounter?One common scam is the creation of “shadow” domains that funnel users to a site by using deceptive redirects. These shadow domains often will be owned by the SEO who claims to be working on a client’s behalf. However, if the relationship sours, the SEO may point the domain to a different site, or even to a competitor’s domain. If that happens, the client has paid to develop a competing site owned entirely by the SEO.Another illicit practice is to place “doorway” pages loaded with keywords on the client’s site somewhere. The SEO promises this will make the page more relevant for more queries. This is inherently false since individual pages are rarely relevant for a wide range of keywords. More insidious, however, is that these doorway pages often contain hidden links to the SEO’s other clients as well. Such doorway pages drain away the link popularity of a site and route it to the SEO and its other clients, which may include sites with unsavory or illegal content.
  • What are some other things to look out for?There are a few warning signs that you may be dealing with a rogue SEO. It’s far from a comprehensive list, so if you have any doubts, you should trust your instincts. By all means, feel free to walk away if the SEO:
    • owns shadow domains
    • puts links to their other clients on doorway pages
    • offers to sell keywords in the address bar
    • doesn’t distinguish between actual search results and ads that appear on search results pages
    • guarantees ranking, but only on obscure, long keyword phrases you would get anyway
    • operates with multiple aliases or falsified WHOIS info
    • gets traffic from “fake” search engines, spyware, or scumware
    • has had domains removed from Google’s index or is not itself listed in Google

    If you feel that you were deceived by an SEO in some way, you may want to report it.

    In the United States, the Federal Trade Commission (FTC) handles complaints about deceptive or unfair business practices. To file a complaint, visit: http://www.ftc.gov/ and click on “File a Complaint Online,” call 1-877-FTC-HELP, or write to:

    Federal Trade Commission
    CRC-240
    Washington, D.C. 20580

    If your complaint is against a company in a country other than the United States, please file it at http://www.econsumer.gov/.