tag:blogger.com,1999:blog-68945522009-11-09T08:59:02.016-08:00Read up on .NET news, tips, cautions... and other areas of technological interest.Andrewhttp://www.blogger.com/profile/13632400519774640095noreply@blogger.comBlogger13412547.71828-122.197026This is an XML content feed. It is intended to be viewed in a newsreader or syndicated to another site, subject to copyright and fair use.tag:blogger.com,1999:blog-6894552.post-57879164461474125722009-10-22T15:57:00.001-07:002009-10-22T15:57:44.216-07:002009-10-22T15:57:44.216-07:00Andrewhttp://www.blogger.com/profile/13632400519774640095noreply@blogger.com3OpenID RP login UX Live demo location: http://openidux.dotnetopenauth.net/ Design considerations The DNOA login UX design document contains the design spec, and some of the reasoning that went into that design. One high-level goal of all this work is to produce a set of HTML, CSS, and JS files that can work on any web platform, so that ruby, python, php, coldfusion, and (of course) ASP.NET <div class="feedflare"> <a href="http://feeds.feedburner.com/~ff/Jmpinline?a=-23YGt-4310:9F9XtGz4-1I:V_sGLiPBpWU"><img src="http://feeds.feedburner.com/~ff/Jmpinline?i=-23YGt-4310:9F9XtGz4-1I:V_sGLiPBpWU" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Jmpinline?a=-23YGt-4310:9F9XtGz4-1I:G79ilh31hkQ"><img src="http://feeds.feedburner.com/~ff/Jmpinline?d=G79ilh31hkQ" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Jmpinline?a=-23YGt-4310:9F9XtGz4-1I:gIN9vFwOqvQ"><img src="http://feeds.feedburner.com/~ff/Jmpinline?i=-23YGt-4310:9F9XtGz4-1I:gIN9vFwOqvQ" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Jmpinline?a=-23YGt-4310:9F9XtGz4-1I:F7zBnMyn0Lo"><img src="http://feeds.feedburner.com/~ff/Jmpinline?i=-23YGt-4310:9F9XtGz4-1I:F7zBnMyn0Lo" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Jmpinline?a=-23YGt-4310:9F9XtGz4-1I:cGdyc7Q-1BI"><img src="http://feeds.feedburner.com/~ff/Jmpinline?d=cGdyc7Q-1BI" border="0"></img></a> </div><img src="http://feeds.feedburner.com/~r/Jmpinline/~4/-23YGt-4310" height="1" width="1"/>http://blog.nerdbank.net/2009/10/feedback-requested-new-openid-rp-login.htmltag:blogger.com,1999:blog-6894552.post-26775415549013988472009-10-10T15:57:00.002-07:002009-10-13T15:28:49.820-07:002009-10-13T15:28:49.820-07:00Andrewhttp://www.blogger.com/profile/13632400519774640095noreply@blogger.com1If you write a C# or VB.NET class library that contains ASP.NET controls that also have .js or .css files embedded in your assembly, you probably want to minify those files for optimal download size in production, but keep the files readable for coding and debugging. What if you could add a single <Import&gt; to your class library’s project file that would automatically minify these files in <div class="feedflare"> <a href="http://feeds.feedburner.com/~ff/Jmpinline?a=ftINBIm0z1Y:40CCPlAS9Gg:V_sGLiPBpWU"><img src="http://feeds.feedburner.com/~ff/Jmpinline?i=ftINBIm0z1Y:40CCPlAS9Gg:V_sGLiPBpWU" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Jmpinline?a=ftINBIm0z1Y:40CCPlAS9Gg:G79ilh31hkQ"><img src="http://feeds.feedburner.com/~ff/Jmpinline?d=G79ilh31hkQ" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Jmpinline?a=ftINBIm0z1Y:40CCPlAS9Gg:gIN9vFwOqvQ"><img src="http://feeds.feedburner.com/~ff/Jmpinline?i=ftINBIm0z1Y:40CCPlAS9Gg:gIN9vFwOqvQ" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Jmpinline?a=ftINBIm0z1Y:40CCPlAS9Gg:F7zBnMyn0Lo"><img src="http://feeds.feedburner.com/~ff/Jmpinline?i=ftINBIm0z1Y:40CCPlAS9Gg:F7zBnMyn0Lo" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Jmpinline?a=ftINBIm0z1Y:40CCPlAS9Gg:cGdyc7Q-1BI"><img src="http://feeds.feedburner.com/~ff/Jmpinline?d=cGdyc7Q-1BI" border="0"></img></a> </div><img src="http://feeds.feedburner.com/~r/Jmpinline/~4/ftINBIm0z1Y" height="1" width="1"/>http://blog.nerdbank.net/2009/10/minify-your-embeddedresource-js-and-css.htmltag:blogger.com,1999:blog-6894552.post-5597638198218960162009-10-09T11:22:00.001-07:002009-10-09T12:08:31.418-07:002009-10-09T12:08:31.418-07:00Andrewhttp://www.blogger.com/profile/13632400519774640095noreply@blogger.com2I finally built a project template to make it easier to write an OpenID relying party web site using C# and ASP.NET.  Up to this point all we had were the sample RPs that ship with DotNetOpenAuth, which were deliberately kept simple.  They didn’t use a real database, didn’t follow some best practices, and weren’t very real.  Now you can start your next web site with OpenID and InfoCard logins <div class="feedflare"> <a href="http://feeds.feedburner.com/~ff/Jmpinline?a=Rm26dfekG7c:IysmceoA8Qc:V_sGLiPBpWU"><img src="http://feeds.feedburner.com/~ff/Jmpinline?i=Rm26dfekG7c:IysmceoA8Qc:V_sGLiPBpWU" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Jmpinline?a=Rm26dfekG7c:IysmceoA8Qc:G79ilh31hkQ"><img src="http://feeds.feedburner.com/~ff/Jmpinline?d=G79ilh31hkQ" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Jmpinline?a=Rm26dfekG7c:IysmceoA8Qc:gIN9vFwOqvQ"><img src="http://feeds.feedburner.com/~ff/Jmpinline?i=Rm26dfekG7c:IysmceoA8Qc:gIN9vFwOqvQ" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Jmpinline?a=Rm26dfekG7c:IysmceoA8Qc:F7zBnMyn0Lo"><img src="http://feeds.feedburner.com/~ff/Jmpinline?i=Rm26dfekG7c:IysmceoA8Qc:F7zBnMyn0Lo" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Jmpinline?a=Rm26dfekG7c:IysmceoA8Qc:cGdyc7Q-1BI"><img src="http://feeds.feedburner.com/~ff/Jmpinline?d=cGdyc7Q-1BI" border="0"></img></a> </div><img src="http://feeds.feedburner.com/~r/Jmpinline/~4/Rm26dfekG7c" height="1" width="1"/>http://blog.nerdbank.net/2009/10/vs2008-project-template-for-openid-and.htmltag:blogger.com,1999:blog-6894552.post-4633302104963487332009-09-25T21:47:00.001-07:002009-09-25T21:47:43.712-07:002009-09-25T21:47:43.712-07:00Andrewhttp://www.blogger.com/profile/13632400519774640095noreply@blogger.com2I’m finally making progress on building a set of HTML and javascript files that can be used on any OpenID relying party web site to allow visitors to easily log in with OpenID, without even knowing what OpenID is.  I mentioned my goal to do this some time ago, and now I have a small partially functional prototype.  Please try it out, and keep coming back and letting me know what you think of it <div class="feedflare"> <a href="http://feeds.feedburner.com/~ff/Jmpinline?a=EJ-ph-wW6ss:kUDdOy14KYU:V_sGLiPBpWU"><img src="http://feeds.feedburner.com/~ff/Jmpinline?i=EJ-ph-wW6ss:kUDdOy14KYU:V_sGLiPBpWU" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Jmpinline?a=EJ-ph-wW6ss:kUDdOy14KYU:G79ilh31hkQ"><img src="http://feeds.feedburner.com/~ff/Jmpinline?d=G79ilh31hkQ" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Jmpinline?a=EJ-ph-wW6ss:kUDdOy14KYU:gIN9vFwOqvQ"><img src="http://feeds.feedburner.com/~ff/Jmpinline?i=EJ-ph-wW6ss:kUDdOy14KYU:gIN9vFwOqvQ" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Jmpinline?a=EJ-ph-wW6ss:kUDdOy14KYU:F7zBnMyn0Lo"><img src="http://feeds.feedburner.com/~ff/Jmpinline?i=EJ-ph-wW6ss:kUDdOy14KYU:F7zBnMyn0Lo" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Jmpinline?a=EJ-ph-wW6ss:kUDdOy14KYU:cGdyc7Q-1BI"><img src="http://feeds.feedburner.com/~ff/Jmpinline?d=cGdyc7Q-1BI" border="0"></img></a> </div><img src="http://feeds.feedburner.com/~r/Jmpinline/~4/EJ-ph-wW6ss" height="1" width="1"/>http://blog.nerdbank.net/2009/09/optimal-openid-ux-finally-underway.htmltag:blogger.com,1999:blog-6894552.post-17521871039534604652009-09-07T16:20:00.001-07:002009-09-07T16:20:17.959-07:002009-09-07T16:20:17.959-07:00Andrewhttp://www.blogger.com/profile/13632400519774640095noreply@blogger.com0In a previous article, I bemoan the pain of writing an OpenID Relying Party that wants to fetch user attributes from their OpenID Provider, because of the at least 4 ways in which those attributes must be requested.  And then later I promised that DotNetOpenAuth would offer help to alleviate that pain.  That help has come.  It actually came way back on June 26, 2009.  But only now did I <div class="feedflare"> <a href="http://feeds.feedburner.com/~ff/Jmpinline?a=XR1ybdKL2JA:jAD80MlkTJA:V_sGLiPBpWU"><img src="http://feeds.feedburner.com/~ff/Jmpinline?i=XR1ybdKL2JA:jAD80MlkTJA:V_sGLiPBpWU" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Jmpinline?a=XR1ybdKL2JA:jAD80MlkTJA:G79ilh31hkQ"><img src="http://feeds.feedburner.com/~ff/Jmpinline?d=G79ilh31hkQ" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Jmpinline?a=XR1ybdKL2JA:jAD80MlkTJA:gIN9vFwOqvQ"><img src="http://feeds.feedburner.com/~ff/Jmpinline?i=XR1ybdKL2JA:jAD80MlkTJA:gIN9vFwOqvQ" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Jmpinline?a=XR1ybdKL2JA:jAD80MlkTJA:F7zBnMyn0Lo"><img src="http://feeds.feedburner.com/~ff/Jmpinline?i=XR1ybdKL2JA:jAD80MlkTJA:F7zBnMyn0Lo" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Jmpinline?a=XR1ybdKL2JA:jAD80MlkTJA:cGdyc7Q-1BI"><img src="http://feeds.feedburner.com/~ff/Jmpinline?d=cGdyc7Q-1BI" border="0"></img></a> </div><img src="http://feeds.feedburner.com/~r/Jmpinline/~4/XR1ybdKL2JA" height="1" width="1"/>http://blog.nerdbank.net/2009/09/how-to-easily-fetch-openid-attributes.htmltag:blogger.com,1999:blog-6894552.post-22538507658289539162009-06-27T08:04:00.001-07:002009-06-27T08:04:21.345-07:002009-06-27T08:04:21.345-07:00Andrewhttp://www.blogger.com/profile/13632400519774640095noreply@blogger.com5DotNetOpenAuth v3.2 just came off the presses.  Lots of feature work and a few interop fixes in this release.  The biggest highlights being: Very simple story for both RPs and OPs interested in interoperating with others whether they use sreg or one of the several AX formats (finally!) OAuth 1.0a support PPID generation for OPs to protect customers' privacy. Go download it. As <div class="feedflare"> <a href="http://feeds.feedburner.com/~ff/Jmpinline?a=h_IHh0wyms0:JRYCw-SE6xA:V_sGLiPBpWU"><img src="http://feeds.feedburner.com/~ff/Jmpinline?i=h_IHh0wyms0:JRYCw-SE6xA:V_sGLiPBpWU" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Jmpinline?a=h_IHh0wyms0:JRYCw-SE6xA:G79ilh31hkQ"><img src="http://feeds.feedburner.com/~ff/Jmpinline?d=G79ilh31hkQ" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Jmpinline?a=h_IHh0wyms0:JRYCw-SE6xA:gIN9vFwOqvQ"><img src="http://feeds.feedburner.com/~ff/Jmpinline?i=h_IHh0wyms0:JRYCw-SE6xA:gIN9vFwOqvQ" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Jmpinline?a=h_IHh0wyms0:JRYCw-SE6xA:F7zBnMyn0Lo"><img src="http://feeds.feedburner.com/~ff/Jmpinline?i=h_IHh0wyms0:JRYCw-SE6xA:F7zBnMyn0Lo" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Jmpinline?a=h_IHh0wyms0:JRYCw-SE6xA:cGdyc7Q-1BI"><img src="http://feeds.feedburner.com/~ff/Jmpinline?d=cGdyc7Q-1BI" border="0"></img></a> </div><img src="http://feeds.feedburner.com/~r/Jmpinline/~4/h_IHh0wyms0" height="1" width="1"/>http://blog.nerdbank.net/2009/06/dotnetopenauth-v32-is-done.htmltag:blogger.com,1999:blog-6894552.post-44145999076836888722009-06-24T20:37:00.001-07:002009-06-24T20:37:38.784-07:002009-06-24T20:37:38.784-07:00Andrewhttp://www.blogger.com/profile/13632400519774640095noreply@blogger.com1ILMerge is an excellent tool for “linking” multiple assemblies into one.  But one of its switches, /keyfile:, which allows it to sign the resulting merged assembly, only accepts .snk files.  It reports no error if you feed it a password-protected .pfx key-pair file, but the resulting assembly is invalid.  &gt;ilmerge /keyfile:some.pfx /out:merged\some.dll some.dll someother.dll &gt;sn -v merged\<div class="feedflare"> <a href="http://feeds.feedburner.com/~ff/Jmpinline?a=FbBKBOcTons:LhjI0wpgx3Y:V_sGLiPBpWU"><img src="http://feeds.feedburner.com/~ff/Jmpinline?i=FbBKBOcTons:LhjI0wpgx3Y:V_sGLiPBpWU" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Jmpinline?a=FbBKBOcTons:LhjI0wpgx3Y:G79ilh31hkQ"><img src="http://feeds.feedburner.com/~ff/Jmpinline?d=G79ilh31hkQ" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Jmpinline?a=FbBKBOcTons:LhjI0wpgx3Y:gIN9vFwOqvQ"><img src="http://feeds.feedburner.com/~ff/Jmpinline?i=FbBKBOcTons:LhjI0wpgx3Y:gIN9vFwOqvQ" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Jmpinline?a=FbBKBOcTons:LhjI0wpgx3Y:F7zBnMyn0Lo"><img src="http://feeds.feedburner.com/~ff/Jmpinline?i=FbBKBOcTons:LhjI0wpgx3Y:F7zBnMyn0Lo" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Jmpinline?a=FbBKBOcTons:LhjI0wpgx3Y:cGdyc7Q-1BI"><img src="http://feeds.feedburner.com/~ff/Jmpinline?d=cGdyc7Q-1BI" border="0"></img></a> </div><img src="http://feeds.feedburner.com/~r/Jmpinline/~4/FbBKBOcTons" height="1" width="1"/>http://blog.nerdbank.net/2009/06/how-to-get-ilmerge-to-work-with-pfx.htmltag:blogger.com,1999:blog-6894552.post-46631813563322106172009-06-20T07:23:00.001-07:002009-06-20T07:23:20.859-07:002009-06-20T07:23:20.859-07:00Andrewhttp://www.blogger.com/profile/13632400519774640095noreply@blogger.com2Just to get your mouth watering for DotNetOpenAuth v3.2... V3.2 has a new "behaviors" plugin capability that lets RPs and OPs get additional functionality with very little effort.  For example, OPs can add PPID identifier support very easily with just a few lines of code.  But of most interest I suspect is the sreg/AX interop behavior, which if activated in your web.config file (1 line), will <div class="feedflare"> <a href="http://feeds.feedburner.com/~ff/Jmpinline?a=B_LgVgQFaCE:jv70TF9MI4M:V_sGLiPBpWU"><img src="http://feeds.feedburner.com/~ff/Jmpinline?i=B_LgVgQFaCE:jv70TF9MI4M:V_sGLiPBpWU" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Jmpinline?a=B_LgVgQFaCE:jv70TF9MI4M:G79ilh31hkQ"><img src="http://feeds.feedburner.com/~ff/Jmpinline?d=G79ilh31hkQ" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Jmpinline?a=B_LgVgQFaCE:jv70TF9MI4M:gIN9vFwOqvQ"><img src="http://feeds.feedburner.com/~ff/Jmpinline?i=B_LgVgQFaCE:jv70TF9MI4M:gIN9vFwOqvQ" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Jmpinline?a=B_LgVgQFaCE:jv70TF9MI4M:F7zBnMyn0Lo"><img src="http://feeds.feedburner.com/~ff/Jmpinline?i=B_LgVgQFaCE:jv70TF9MI4M:F7zBnMyn0Lo" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Jmpinline?a=B_LgVgQFaCE:jv70TF9MI4M:cGdyc7Q-1BI"><img src="http://feeds.feedburner.com/~ff/Jmpinline?d=cGdyc7Q-1BI" border="0"></img></a> </div><img src="http://feeds.feedburner.com/~r/Jmpinline/~4/B_LgVgQFaCE" height="1" width="1"/>http://blog.nerdbank.net/2009/06/help-is-coming-for-sregax-interop.htmltag:blogger.com,1999:blog-6894552.post-91724576770128458432009-06-12T15:49:00.001-07:002009-06-12T15:50:38.494-07:002009-06-12T15:50:38.494-07:00Andrewhttp://www.blogger.com/profile/13632400519774640095noreply@blogger.com2I’m working on a project that was using the ASP.NET SQL Membership and I needed to remove the Membership provider from the system since we wanted more control over the user tables.  Our existing users had passwords that ASP.NET Membership had hashed and salted, and we needed to be able to maintain those user accounts, which means we have to be able to validate logins against the salted passwords.<div class="feedflare"> <a href="http://feeds.feedburner.com/~ff/Jmpinline?a=QrIWS02DAEc:mFHK70YdVMs:V_sGLiPBpWU"><img src="http://feeds.feedburner.com/~ff/Jmpinline?i=QrIWS02DAEc:mFHK70YdVMs:V_sGLiPBpWU" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Jmpinline?a=QrIWS02DAEc:mFHK70YdVMs:G79ilh31hkQ"><img src="http://feeds.feedburner.com/~ff/Jmpinline?d=G79ilh31hkQ" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Jmpinline?a=QrIWS02DAEc:mFHK70YdVMs:gIN9vFwOqvQ"><img src="http://feeds.feedburner.com/~ff/Jmpinline?i=QrIWS02DAEc:mFHK70YdVMs:gIN9vFwOqvQ" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Jmpinline?a=QrIWS02DAEc:mFHK70YdVMs:F7zBnMyn0Lo"><img src="http://feeds.feedburner.com/~ff/Jmpinline?i=QrIWS02DAEc:mFHK70YdVMs:F7zBnMyn0Lo" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Jmpinline?a=QrIWS02DAEc:mFHK70YdVMs:cGdyc7Q-1BI"><img src="http://feeds.feedburner.com/~ff/Jmpinline?d=cGdyc7Q-1BI" border="0"></img></a> </div><img src="http://feeds.feedburner.com/~r/Jmpinline/~4/QrIWS02DAEc" height="1" width="1"/>http://blog.nerdbank.net/2009/06/reverse-engineering-aspnet-membership.htmltag:blogger.com,1999:blog-6894552.post-5198037601224362802009-05-26T17:03:00.001-07:002009-05-26T17:06:45.563-07:002009-05-26T17:06:45.563-07:00Andrewhttp://www.blogger.com/profile/13632400519774640095noreply@blogger.com0If you're already familiar with generator methods and want to jump to intelligent caching of their results, skip further down in this blog post. In C#, generator methods are methods that use yield return to return an IEnumerable<T&gt; where the elements enumerated over are generated on-demand.  These are useful for a couple of scenarios.  One is deferred execution – not doing work until you <div class="feedflare"> <a href="http://feeds.feedburner.com/~ff/Jmpinline?a=XTGXyXcUfIo:mqfROuMzX5c:V_sGLiPBpWU"><img src="http://feeds.feedburner.com/~ff/Jmpinline?i=XTGXyXcUfIo:mqfROuMzX5c:V_sGLiPBpWU" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Jmpinline?a=XTGXyXcUfIo:mqfROuMzX5c:G79ilh31hkQ"><img src="http://feeds.feedburner.com/~ff/Jmpinline?d=G79ilh31hkQ" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Jmpinline?a=XTGXyXcUfIo:mqfROuMzX5c:gIN9vFwOqvQ"><img src="http://feeds.feedburner.com/~ff/Jmpinline?i=XTGXyXcUfIo:mqfROuMzX5c:gIN9vFwOqvQ" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Jmpinline?a=XTGXyXcUfIo:mqfROuMzX5c:F7zBnMyn0Lo"><img src="http://feeds.feedburner.com/~ff/Jmpinline?i=XTGXyXcUfIo:mqfROuMzX5c:F7zBnMyn0Lo" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Jmpinline?a=XTGXyXcUfIo:mqfROuMzX5c:cGdyc7Q-1BI"><img src="http://feeds.feedburner.com/~ff/Jmpinline?d=cGdyc7Q-1BI" border="0"></img></a> </div><img src="http://feeds.feedburner.com/~r/Jmpinline/~4/XTGXyXcUfIo" height="1" width="1"/>http://blog.nerdbank.net/2009/05/caching-results-of-net-ienumerable.htmltag:blogger.com,1999:blog-6894552.post-62771297819470550452009-05-11T16:59:00.002-07:002009-05-12T08:47:23.962-07:002009-05-12T08:47:23.962-07:00Andrewhttp://www.blogger.com/profile/13632400519774640095noreply@blogger.com2For some reason Microsoft defined URI escaping twice: Uri.EscapeDataString and HttpUtility.UrlEncode seem to cover the same need. There’s another pair: Uri.EscapeUriString and HttpUtility.UrlPathEncode which again seem to be redundant with each other. But in particular I found a small difference in behavior between the first two methods that should be called out. <div class="feedflare"> <a href="http://feeds.feedburner.com/~ff/Jmpinline?a=OzMCzuzk_QI:2opIDFKJ-nU:V_sGLiPBpWU"><img src="http://feeds.feedburner.com/~ff/Jmpinline?i=OzMCzuzk_QI:2opIDFKJ-nU:V_sGLiPBpWU" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Jmpinline?a=OzMCzuzk_QI:2opIDFKJ-nU:gIN9vFwOqvQ"><img src="http://feeds.feedburner.com/~ff/Jmpinline?i=OzMCzuzk_QI:2opIDFKJ-nU:gIN9vFwOqvQ" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Jmpinline?a=OzMCzuzk_QI:2opIDFKJ-nU:F7zBnMyn0Lo"><img src="http://feeds.feedburner.com/~ff/Jmpinline?i=OzMCzuzk_QI:2opIDFKJ-nU:F7zBnMyn0Lo" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Jmpinline?a=OzMCzuzk_QI:2opIDFKJ-nU:cGdyc7Q-1BI"><img src="http://feeds.feedburner.com/~ff/Jmpinline?d=cGdyc7Q-1BI" border="0"></img></a> </div><img src="http://feeds.feedburner.com/~r/Jmpinline/~4/OzMCzuzk_QI" height="1" width="1"/>http://blog.nerdbank.net/2009/05/uriescapedatapath-and.htmltag:blogger.com,1999:blog-6894552.post-37472449495454472392009-04-21T11:23:00.001-07:002009-04-21T18:32:10.531-07:002009-04-21T18:32:10.531-07:00Andrewhttp://www.blogger.com/profile/13632400519774640095noreply@blogger.com0The OSIS I5 OpenID interop testing is well underway.  Last weekend while testing some OpenID relying party web sites, John Bradley happened upon a web site that failed a particularly alarming test.  Further investigation revealed that the security hole affected all OpenID relying parties based on Janrain’s Ruby OpenID library.  Perhaps Janrain is using its Ruby library for RPXNow, because I <div class="feedflare"> <a href="http://feeds.feedburner.com/~ff/Jmpinline?a=AW6m_6GqOLU:LLXgT242y9w:V_sGLiPBpWU"><img src="http://feeds.feedburner.com/~ff/Jmpinline?i=AW6m_6GqOLU:LLXgT242y9w:V_sGLiPBpWU" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Jmpinline?a=AW6m_6GqOLU:LLXgT242y9w:gIN9vFwOqvQ"><img src="http://feeds.feedburner.com/~ff/Jmpinline?i=AW6m_6GqOLU:LLXgT242y9w:gIN9vFwOqvQ" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Jmpinline?a=AW6m_6GqOLU:LLXgT242y9w:F7zBnMyn0Lo"><img src="http://feeds.feedburner.com/~ff/Jmpinline?i=AW6m_6GqOLU:LLXgT242y9w:F7zBnMyn0Lo" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Jmpinline?a=AW6m_6GqOLU:LLXgT242y9w:cGdyc7Q-1BI"><img src="http://feeds.feedburner.com/~ff/Jmpinline?d=cGdyc7Q-1BI" border="0"></img></a> </div><img src="http://feeds.feedburner.com/~r/Jmpinline/~4/AW6m_6GqOLU" height="1" width="1"/>http://blog.nerdbank.net/2009/04/recent-openid-relying-party.htmltag:blogger.com,1999:blog-6894552.post-90822934041608205922009-04-16T11:40:00.001-07:002009-04-16T11:40:01.509-07:002009-04-16T11:40:01.509-07:00Andrewhttp://www.blogger.com/profile/13632400519774640095noreply@blogger.com1Download it now. Previously named DotNetOpenId in its v1.x and 2.x releases, the v3.0 release is rechristened DotNetOpenAuth to reflect its support for multiple authentication and authorization protocols.  Sporting OpenID, OAuth and InfoCard support in its initial incarnation, it has been re-architected and largely rewritten to make adding more protocols fast and less error-prone. Even if you’<div class="feedflare"> <a href="http://feeds.feedburner.com/~ff/Jmpinline?a=XQerRr-3pSI:YBpzvjc_9yo:V_sGLiPBpWU"><img src="http://feeds.feedburner.com/~ff/Jmpinline?i=XQerRr-3pSI:YBpzvjc_9yo:V_sGLiPBpWU" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Jmpinline?a=XQerRr-3pSI:YBpzvjc_9yo:gIN9vFwOqvQ"><img src="http://feeds.feedburner.com/~ff/Jmpinline?i=XQerRr-3pSI:YBpzvjc_9yo:gIN9vFwOqvQ" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Jmpinline?a=XQerRr-3pSI:YBpzvjc_9yo:F7zBnMyn0Lo"><img src="http://feeds.feedburner.com/~ff/Jmpinline?i=XQerRr-3pSI:YBpzvjc_9yo:F7zBnMyn0Lo" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Jmpinline?a=XQerRr-3pSI:YBpzvjc_9yo:cGdyc7Q-1BI"><img src="http://feeds.feedburner.com/~ff/Jmpinline?d=cGdyc7Q-1BI" border="0"></img></a> </div><img src="http://feeds.feedburner.com/~r/Jmpinline/~4/XQerRr-3pSI" height="1" width="1"/>http://blog.nerdbank.net/2009/04/dotnetopenauth-30-released.htmltag:blogger.com,1999:blog-6894552.post-19795168951006298052009-03-30T15:15:00.001-08:002009-03-30T15:15:28.004-08:002009-03-30T15:15:28.004-08:00Andrewhttp://www.blogger.com/profile/13632400519774640095noreply@blogger.com1OpenID itself is just an authentication protocol.  It takes OpenID extensions to get more information about the user like their name or email address.  In fact there are two popular extensions that can provide this kind of information: Simple Registration (sreg) and Attribute Exchange (AX).  A web site that wants to accept OpenID logins (this site is called a relying party, or “RP”) and also <div class="feedflare"> <a href="http://feeds.feedburner.com/~ff/Jmpinline?a=obXQM-giyn0:7XePlesnMxg:V_sGLiPBpWU"><img src="http://feeds.feedburner.com/~ff/Jmpinline?i=obXQM-giyn0:7XePlesnMxg:V_sGLiPBpWU" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Jmpinline?a=obXQM-giyn0:7XePlesnMxg:gIN9vFwOqvQ"><img src="http://feeds.feedburner.com/~ff/Jmpinline?i=obXQM-giyn0:7XePlesnMxg:gIN9vFwOqvQ" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Jmpinline?a=obXQM-giyn0:7XePlesnMxg:F7zBnMyn0Lo"><img src="http://feeds.feedburner.com/~ff/Jmpinline?i=obXQM-giyn0:7XePlesnMxg:F7zBnMyn0Lo" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Jmpinline?a=obXQM-giyn0:7XePlesnMxg:cGdyc7Q-1BI"><img src="http://feeds.feedburner.com/~ff/Jmpinline?d=cGdyc7Q-1BI" border="0"></img></a> </div><img src="http://feeds.feedburner.com/~r/Jmpinline/~4/obXQM-giyn0" height="1" width="1"/>http://blog.nerdbank.net/2009/03/how-to-pretty-much-guarantee-that-you.htmltag:blogger.com,1999:blog-6894552.post-65359094261244998692009-03-16T13:10:00.001-08:002009-03-16T13:10:22.206-08:002009-03-16T13:10:22.206-08:00Andrewhttp://www.blogger.com/profile/13632400519774640095noreply@blogger.com0The blessing and curse of open source is that the source can be easily changed.  Internal types and members don’t need to be backward compatible with previous versions. This makes fixing bugs and feature enhancements much easier in future versions of the software.  Making types and members internal cuts down on documentation that must be written, read and maintained.  It protects callers from <div class="feedflare"> <a href="http://feeds.feedburner.com/~ff/Jmpinline?a=O9c7Sq9cMnM:8UCX8Fz0gmk:V_sGLiPBpWU"><img src="http://feeds.feedburner.com/~ff/Jmpinline?i=O9c7Sq9cMnM:8UCX8Fz0gmk:V_sGLiPBpWU" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Jmpinline?a=O9c7Sq9cMnM:8UCX8Fz0gmk:gIN9vFwOqvQ"><img src="http://feeds.feedburner.com/~ff/Jmpinline?i=O9c7Sq9cMnM:8UCX8Fz0gmk:gIN9vFwOqvQ" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Jmpinline?a=O9c7Sq9cMnM:8UCX8Fz0gmk:F7zBnMyn0Lo"><img src="http://feeds.feedburner.com/~ff/Jmpinline?i=O9c7Sq9cMnM:8UCX8Fz0gmk:F7zBnMyn0Lo" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Jmpinline?a=O9c7Sq9cMnM:8UCX8Fz0gmk:cGdyc7Q-1BI"><img src="http://feeds.feedburner.com/~ff/Jmpinline?d=cGdyc7Q-1BI" border="0"></img></a> </div><img src="http://feeds.feedburner.com/~r/Jmpinline/~4/O9c7Sq9cMnM" height="1" width="1"/>http://blog.nerdbank.net/2009/03/need-access-to-that-internal-dont-touch.htmltag:blogger.com,1999:blog-6894552.post-41997508722842304692009-03-11T20:47:00.001-08:002009-03-11T20:47:26.342-08:002009-03-11T20:47:26.342-08:00Andrewhttp://www.blogger.com/profile/13632400519774640095noreply@blogger.com0DotNetOpenAuth, previously named DotNetOpenId, is getting nearer to its major 3.0 release.   With beta 2, we have a security reviewed, feature complete library for .NET use of the OAuth and OpenID protocols.  Although Beta 1 was very rough and was not recommended for use in production, Beta 2 has passed enough security, interop and stability tests to warrant live web sites to use this version.<div class="feedflare"> <a href="http://feeds.feedburner.com/~ff/Jmpinline?a=Xw3fkvjy680:wgWeA6_sTMs:V_sGLiPBpWU"><img src="http://feeds.feedburner.com/~ff/Jmpinline?i=Xw3fkvjy680:wgWeA6_sTMs:V_sGLiPBpWU" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Jmpinline?a=Xw3fkvjy680:wgWeA6_sTMs:gIN9vFwOqvQ"><img src="http://feeds.feedburner.com/~ff/Jmpinline?i=Xw3fkvjy680:wgWeA6_sTMs:gIN9vFwOqvQ" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Jmpinline?a=Xw3fkvjy680:wgWeA6_sTMs:F7zBnMyn0Lo"><img src="http://feeds.feedburner.com/~ff/Jmpinline?i=Xw3fkvjy680:wgWeA6_sTMs:F7zBnMyn0Lo" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Jmpinline?a=Xw3fkvjy680:wgWeA6_sTMs:cGdyc7Q-1BI"><img src="http://feeds.feedburner.com/~ff/Jmpinline?d=cGdyc7Q-1BI" border="0"></img></a> </div><img src="http://feeds.feedburner.com/~r/Jmpinline/~4/Xw3fkvjy680" height="1" width="1"/>http://blog.nerdbank.net/2009/03/dotnetopenauth-30-beta-2-released.htmltag:blogger.com,1999:blog-6894552.post-85849061557935224492009-03-07T21:34:00.001-08:002009-03-07T21:34:32.578-08:002009-03-07T21:34:32.578-08:00Andrewhttp://www.blogger.com/profile/13632400519774640095noreply@blogger.com0If you’re writing an OpenID Provider, you should have a strong appreciation for the security of your customers’ identities that you will be protecting.  One aspect of that protection is against replay attacks, where a man-in-the-middle sniffs the identity assertion from a Provider and replays it against the same relying party and manages to log in as the victim.  OpenID 2.0 provides built-in <div class="feedflare"> <a href="http://feeds.feedburner.com/~ff/Jmpinline?a=UXs9UQdgeMY:1UN75etIiAE:V_sGLiPBpWU"><img src="http://feeds.feedburner.com/~ff/Jmpinline?i=UXs9UQdgeMY:1UN75etIiAE:V_sGLiPBpWU" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Jmpinline?a=UXs9UQdgeMY:1UN75etIiAE:gIN9vFwOqvQ"><img src="http://feeds.feedburner.com/~ff/Jmpinline?i=UXs9UQdgeMY:1UN75etIiAE:gIN9vFwOqvQ" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Jmpinline?a=UXs9UQdgeMY:1UN75etIiAE:F7zBnMyn0Lo"><img src="http://feeds.feedburner.com/~ff/Jmpinline?i=UXs9UQdgeMY:1UN75etIiAE:F7zBnMyn0Lo" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Jmpinline?a=UXs9UQdgeMY:1UN75etIiAE:cGdyc7Q-1BI"><img src="http://feeds.feedburner.com/~ff/Jmpinline?d=cGdyc7Q-1BI" border="0"></img></a> </div><img src="http://feeds.feedburner.com/~r/Jmpinline/~4/UXs9UQdgeMY" height="1" width="1"/>http://blog.nerdbank.net/2009/03/replay-protection-for-openid-1x-relying.htmltag:blogger.com,1999:blog-6894552.post-76567719007511079832009-03-07T21:14:00.001-08:002009-03-07T21:14:22.017-08:002009-03-07T21:14:22.017-08:00Andrewhttp://www.blogger.com/profile/13632400519774640095noreply@blogger.com0As part of the OpenID protocol a relying party often establishes shared secrets (called ‘associations’) with identity providers that are used to verify identity assertions.  It occurred to me that an OpenID relying party might easily introduce a major security hole in the process of establishing an association that could allow identity spoofing. Each association is assigned a handle, which is a <div class="feedflare"> <a href="http://feeds.feedburner.com/~ff/Jmpinline?a=efdjYA48e2M:ZdIyEmFsgl8:V_sGLiPBpWU"><img src="http://feeds.feedburner.com/~ff/Jmpinline?i=efdjYA48e2M:ZdIyEmFsgl8:V_sGLiPBpWU" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Jmpinline?a=efdjYA48e2M:ZdIyEmFsgl8:gIN9vFwOqvQ"><img src="http://feeds.feedburner.com/~ff/Jmpinline?i=efdjYA48e2M:ZdIyEmFsgl8:gIN9vFwOqvQ" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Jmpinline?a=efdjYA48e2M:ZdIyEmFsgl8:F7zBnMyn0Lo"><img src="http://feeds.feedburner.com/~ff/Jmpinline?i=efdjYA48e2M:ZdIyEmFsgl8:F7zBnMyn0Lo" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Jmpinline?a=efdjYA48e2M:ZdIyEmFsgl8:cGdyc7Q-1BI"><img src="http://feeds.feedburner.com/~ff/Jmpinline?d=cGdyc7Q-1BI" border="0"></img></a> </div><img src="http://feeds.feedburner.com/~r/Jmpinline/~4/efdjYA48e2M" height="1" width="1"/>http://blog.nerdbank.net/2009/03/openid-association-poisoning.htmltag:blogger.com,1999:blog-6894552.post-1878752987155239662009-02-28T19:35:00.001-08:002009-02-28T19:35:38.290-08:002009-02-28T19:35:38.290-08:00Andrewhttp://www.blogger.com/profile/13632400519774640095noreply@blogger.com9The user experience of OpenID at Relying Party web sites is so important to get right.  OpenID is right for your web site's visitors – no doubt in my mind about that.  But we need to make sure it's very easy for your visitors to use so you don’t lose them when they've been pre-wired for the password anti-pattern.  Several big companies like Yahoo and Google have invested a lot of effort into <div class="feedflare"> <a href="http://feeds.feedburner.com/~ff/Jmpinline?a=Wm0QCz-jLcY:t5RXIJlAjPI:V_sGLiPBpWU"><img src="http://feeds.feedburner.com/~ff/Jmpinline?i=Wm0QCz-jLcY:t5RXIJlAjPI:V_sGLiPBpWU" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Jmpinline?a=Wm0QCz-jLcY:t5RXIJlAjPI:gIN9vFwOqvQ"><img src="http://feeds.feedburner.com/~ff/Jmpinline?i=Wm0QCz-jLcY:t5RXIJlAjPI:gIN9vFwOqvQ" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Jmpinline?a=Wm0QCz-jLcY:t5RXIJlAjPI:F7zBnMyn0Lo"><img src="http://feeds.feedburner.com/~ff/Jmpinline?i=Wm0QCz-jLcY:t5RXIJlAjPI:F7zBnMyn0Lo" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Jmpinline?a=Wm0QCz-jLcY:t5RXIJlAjPI:cGdyc7Q-1BI"><img src="http://feeds.feedburner.com/~ff/Jmpinline?d=cGdyc7Q-1BI" border="0"></img></a> </div><img src="http://feeds.feedburner.com/~r/Jmpinline/~4/Wm0QCz-jLcY" height="1" width="1"/>http://blog.nerdbank.net/2009/02/fixing-openid-login-user-experience.htmltag:blogger.com,1999:blog-6894552.post-81012427826984931782009-02-04T22:21:00.001-08:002009-02-04T22:21:41.103-08:002009-02-04T22:21:41.103-08:00Andrewhttp://www.blogger.com/profile/13632400519774640095noreply@blogger.com2Tonight DotNetOpenId, soon to be renamed DotNetOpenAuth, released beta 1 of the major v3.0 release.  You can download the bits from Ohloh.  Although downloads should remember that as a beta this version should not be used in production, there are several new features that should be worth investigating and building a web application around while the final release is still in development: OAuth<div class="feedflare"> <a href="http://feeds.feedburner.com/~f/Jmpinline?a=k3bw1Wwa"><img src="http://feeds.feedburner.com/~f/Jmpinline?i=k3bw1Wwa" border="0"></img></a> <a href="http://feeds.feedburner.com/~f/Jmpinline?a=2BQJbCJO"><img src="http://feeds.feedburner.com/~f/Jmpinline?i=2BQJbCJO" border="0"></img></a> <a href="http://feeds.feedburner.com/~f/Jmpinline?a=P8yioW7O"><img src="http://feeds.feedburner.com/~f/Jmpinline?i=P8yioW7O" border="0"></img></a> <a href="http://feeds.feedburner.com/~f/Jmpinline?a=UsRxCboq"><img src="http://feeds.feedburner.com/~f/Jmpinline?d=131" border="0"></img></a> </div><img src="http://feeds.feedburner.com/~r/Jmpinline/~4/NRlaONUHmRw" height="1" width="1"/>http://blog.nerdbank.net/2009/02/dotnetopenid-v30-beta-1-released.htmltag:blogger.com,1999:blog-6894552.post-59282352895475191372009-02-02T07:00:00.001-08:002009-02-02T07:00:52.690-08:002009-02-02T07:00:52.690-08:00Andrewhttp://www.blogger.com/profile/13632400519774640095noreply@blogger.com0DotNetOpenId started on Google Code.  But we’re outgrowing it.  We’d like to move to a shared hosting server where we can have automated tests, nightly builds, and a better web site and online documentation.  This new web site will cost real money though, which is beyond my FOSS-hobby budget. Please if you like DotNetOpenId, consider making a donation toward making this happen! <div class="feedflare"> <a href="http://feeds.feedburner.com/~f/Jmpinline?a=s9wAQilX"><img src="http://feeds.feedburner.com/~f/Jmpinline?i=s9wAQilX" border="0"></img></a> <a href="http://feeds.feedburner.com/~f/Jmpinline?a=dl2R3GR3"><img src="http://feeds.feedburner.com/~f/Jmpinline?i=dl2R3GR3" border="0"></img></a> <a href="http://feeds.feedburner.com/~f/Jmpinline?a=IQsXZt7u"><img src="http://feeds.feedburner.com/~f/Jmpinline?i=IQsXZt7u" border="0"></img></a> <a href="http://feeds.feedburner.com/~f/Jmpinline?a=x1sxvLBy"><img src="http://feeds.feedburner.com/~f/Jmpinline?d=131" border="0"></img></a> </div><img src="http://feeds.feedburner.com/~r/Jmpinline/~4/WluynKUr_1Y" height="1" width="1"/>http://blog.nerdbank.net/2009/02/dotnetopenid-is-looking-for-new-home.htmltag:blogger.com,1999:blog-6894552.post-60386942009492368192009-02-01T20:34:00.000-08:002009-02-02T06:11:23.259-08:002009-02-02T06:11:23.259-08:00Andrewhttp://www.blogger.com/profile/13632400519774640095noreply@blogger.com7 The next major release of DotNetOpenId, slated for a release in or around March 2009, will add OAuth support to the mix.  If you don’t know what OAuth is, it basically provides a way for your site’s visitors to authorize your site to download their email address book without giving you their email address and password.  It’s of course much bigger than that, but that’s the easiest way to start <div class="feedflare"> <a href="http://feeds.feedburner.com/~f/Jmpinline?a=GbOC4As2"><img src="http://feeds.feedburner.com/~f/Jmpinline?i=GbOC4As2" border="0"></img></a> <a href="http://feeds.feedburner.com/~f/Jmpinline?a=G8TLMECO"><img src="http://feeds.feedburner.com/~f/Jmpinline?i=G8TLMECO" border="0"></img></a> <a href="http://feeds.feedburner.com/~f/Jmpinline?a=bmkpGYhF"><img src="http://feeds.feedburner.com/~f/Jmpinline?i=bmkpGYhF" border="0"></img></a> <a href="http://feeds.feedburner.com/~f/Jmpinline?a=SFhe5CLp"><img src="http://feeds.feedburner.com/~f/Jmpinline?d=131" border="0"></img></a> </div><img src="http://feeds.feedburner.com/~r/Jmpinline/~4/_qjZmTb2ExY" height="1" width="1"/>http://blog.nerdbank.net/2009/02/dotnetopenid-v30-to-feature-built-in.htmltag:blogger.com,1999:blog-6894552.post-76880603214203195252009-01-17T11:07:00.001-08:002009-01-17T11:07:10.880-08:002009-01-17T11:07:10.880-08:00Andrewhttp://www.blogger.com/profile/13632400519774640095noreply@blogger.com4Janrain has been a great influence in the OpenID community and I thank them for all their efforts.  They are, nevertheless, a company that must generate profits, and their recent invention of RPXNow is one attempt at doing that.  It generates revenue for them: check.  But is it really in your web site’s best interest to use RPXNow instead of using OpenID directly?  I don’t think so. I have not <div class="feedflare"> <a href="http://feeds.feedburner.com/~f/Jmpinline?a=bxxH4h8N"><img src="http://feeds.feedburner.com/~f/Jmpinline?i=bxxH4h8N" border="0"></img></a> <a href="http://feeds.feedburner.com/~f/Jmpinline?a=q9JAtGJn"><img src="http://feeds.feedburner.com/~f/Jmpinline?i=q9JAtGJn" border="0"></img></a> <a href="http://feeds.feedburner.com/~f/Jmpinline?a=9QTNOn9A"><img src="http://feeds.feedburner.com/~f/Jmpinline?i=9QTNOn9A" border="0"></img></a> <a href="http://feeds.feedburner.com/~f/Jmpinline?a=2rUgQmpR"><img src="http://feeds.feedburner.com/~f/Jmpinline?d=131" border="0"></img></a> </div><img src="http://feeds.feedburner.com/~r/Jmpinline/~4/1ARhBdQbiX4" height="1" width="1"/>http://blog.nerdbank.net/2009/01/why-using-rpxnow-is-bad-idea.htmltag:blogger.com,1999:blog-6894552.post-67863356214076557412009-01-08T10:06:00.001-08:002009-01-08T10:06:50.574-08:002009-01-08T10:06:50.574-08:00Andrewhttp://www.blogger.com/profile/13632400519774640095noreply@blogger.com0Have you ever been away from your work PC, tried to Remote Desktop (RDP/mstsc) into it, only to realize that you’ve forgotten to enable RDP before you left work?  Ever shake your head at the irony that if you could only remote in, you could enable RDP? Well now you can: Method 1 The simplest way is to run a free tool: http://www.intelliadmin.com/blog/2006/06/<div class="feedflare"> <a href="http://feeds.feedburner.com/~f/Jmpinline?a=MVjUFqmb"><img src="http://feeds.feedburner.com/~f/Jmpinline?i=MVjUFqmb" border="0"></img></a> <a href="http://feeds.feedburner.com/~f/Jmpinline?a=QcTyqy4L"><img src="http://feeds.feedburner.com/~f/Jmpinline?i=QcTyqy4L" border="0"></img></a> <a href="http://feeds.feedburner.com/~f/Jmpinline?a=sI2UeUMQ"><img src="http://feeds.feedburner.com/~f/Jmpinline?i=sI2UeUMQ" border="0"></img></a> <a href="http://feeds.feedburner.com/~f/Jmpinline?a=PyiwOWTv"><img src="http://feeds.feedburner.com/~f/Jmpinline?d=131" border="0"></img></a> </div><img src="http://feeds.feedburner.com/~r/Jmpinline/~4/mX45qYYWpgg" height="1" width="1"/>http://blog.nerdbank.net/2009/01/remotely-enable-rdp.htmltag:blogger.com,1999:blog-6894552.post-1494378009574512332008-11-02T07:31:00.001-08:002008-11-02T07:31:36.136-08:002008-11-02T07:31:36.136-08:00Andrewhttp://www.blogger.com/profile/13632400519774640095noreply@blogger.com0Several people have asked for an OpenID library for Classic ASP.  Yes, it's several years deprecated, but there are still some major and smaller sites using it.  Classic ASP allows the consumption of COM/ActiveX objects, so it turns out DotNetOpenId can be used by Classic ASP! But DotNetOpenId isn't a COM server.  Not in its released form anyway.  But there is now a CTP of DotNetOpenId that does<div class="feedflare"> <a href="http://feeds.feedburner.com/~f/Jmpinline?a=7OKq8yiG"><img src="http://feeds.feedburner.com/~f/Jmpinline?i=7OKq8yiG" border="0"></img></a> <a href="http://feeds.feedburner.com/~f/Jmpinline?a=XV2re5xv"><img src="http://feeds.feedburner.com/~f/Jmpinline?i=XV2re5xv" border="0"></img></a> <a href="http://feeds.feedburner.com/~f/Jmpinline?a=4V0jVFQM"><img src="http://feeds.feedburner.com/~f/Jmpinline?i=4V0jVFQM" border="0"></img></a> <a href="http://feeds.feedburner.com/~f/Jmpinline?a=hqEVcAaa"><img src="http://feeds.feedburner.com/~f/Jmpinline?d=131" border="0"></img></a> </div><img src="http://feeds.feedburner.com/~r/Jmpinline/~4/_zqDixhOAVQ" height="1" width="1"/>http://blog.nerdbank.net/2008/11/openid-on-classic-asp.html