As you might know, it is possible to use Windows Live ID Web Authentication SDK in your websites as an authentication mechanism. You put an iframe in your homepage, which links to the Windows Live ID sign in page. After a successful authentication the user is redirected back to your website, where you receive the user’s ID. With this ID you can find your user data in your database, and do whatever you need.
Since ASP 2.0, you can use the ASP.NET Membership/Roles Provider as an authentication/authorization mechanism in your websites. You even have controls that make these tasks easy. If you are not familiar with these functionalities take a look at a nice video available in the ASP.NET website: Securing your Web Site with Membership and Login Controls.
Yesterday I started to build a new website, and I wanted to use Windows Live ID as the authentication mechanism. But since I was using an existing website framework that used ASP.NET Membership/Roles Provider not only for authentication but also for authorization purposes, I tried to integrate both. I wanted to eliminate the need for a new user/password for the user to remember, and maintain the benefits of Membership Provider.
You can download the demo website that I wrote which is a simplified version of the website that I am building. It is pretty simple. Do not forget to register you application and change the corresponding parameters in web.config.
The first step is to configure ASP.NET Membership provider. You can use a tool that allows you to add the membership provider tables to your database (C:\Windows\Microsoft.NET\Framework\v2.XXXXXX\aspnet_regsql.exe) or use Web Site > ASP.NET Configuration menu in Visual Studio that creates an SQL Server Express database to store the data.
In your web.config file you must setup the Membership Provider. I’ve done some configuration which allows you to create users using just an user name and a password (eliminating the usual e-mail, question and answer of password recovery, etc). You will be using Forms authentication.
I have a default.aspx page which has an iframe that has a link to Windows Live ID sign in page. When you click the sign in link you are redirected to the sign in page, and the forwarded back to your website, to a authentication handler page named webauth-handler.aspx. This page is part of a sample that comes with Windows Live ID Web Authentication SDK.
You will have just to add a few lines of code, that maps the Windows Live ID authentication to the Forms authentication of your website. You can see these lines in the demo website.
When you sign in with an account that is not registered in your website, a user account is created (only using the user ID as username and password), and you are redirected to a page where you can edit your profile.
Profile Provider is another great functionality of ASP.NET that allows you to assign custom data to your website users. In web.config you define which properties does a user profile has. Then you can access the Profile object from anywhere in your code, and read/write the current user profile properties. These properties can be changed, and Profile object has a Save method that persists the profile information into the Profile Provider (usually a database).
In default.aspx the current user profile is printed out into the page.
Can you try and explain how to display the a message that reads - Welcome ABC, where ABC is the full name to be extracted from Windows Live? I would like to get all the details from Windows Live and not create anything on my local database. Is that possible ?
Windows Live ID has a privacy policy that prevents the websites that use this authentication method from getting information about the user. Only a security token is associated with the authenticated user.
So, as far as I am concerned it is not possible to extract that information.
You can take a look http://msdn.microsoft.com/en-us/library/cc305075.aspx to learn how to access some user information, but I don’t think that it can give you what you want, just contact list and photos information