Integrate Passport into your ASP.Net apps
Published: 13 Apr 2003 19:59 BST
One of the toughest challenges faced by online retailers is the safe transmission of credit card, private, and financial data on the Web. Although establishing customer trust is the number one priority, this task is made difficult by a lack of standardised tools and methodologies.
Microsoft decided to tackle this problem by developing Passport. Microsoft Passport is a collection of authentication services designed to facilitate access and transmission of secure data. These services allow you to implement single sign-in (SSI), a process in which the user has to log on once using a username and password to have access to a host of Passport-enabled Web sites and services. All Passport authentication is done through Microsoft's own servers. Passport has had its share of problems in the past. Upon launching the service, a host of cross-scripting vulnerabilities were found, including intrusion hacks affecting Hotmail. On top of that, Microsoft discontinued its Passport Wallet and .Net Passport Express Purchase Service after numerous problems were found.
In spite of this, Passport is maturing as a technology and has the support of many large online companies, including Hotmail, eBay, Monster.com, NASDAQ, Starbucks, and a host of other sites. You can view a complete list here.
This article will outline how you can add the Passport functionality in your ASP.Net applications using the Microsoft Passport SDK.
Setting up Passport
To integrate Passport in your application, you must undertake three steps:
- Install the Passport Software Developer Kit (SDK) on your development machine.
- Create an application in the .Net Services Manager.
- Add Passport code to your ASP.Net application.
Install the Passport SDK
You can download the SDK from the following link at no cost here. The latest version of the .Net Passport SDK requires Microsoft Windows 2000 Server or Windows .Net Server. For development purposes, the SDK will also function on Windows XP Professional and Windows 2000 Professional. If you are running a system with NT 4.0, you should use the Passport SDK Version 1.4.
Once you install the SDK, the Passport Manager Administration Utility will allow you to make changes to your Passport environment, such as configuring language settings and forcing the user to log in within a predetermined span of time. Note that you must have the .Net Framework installed on your development machine before you can use the SDK. You can download the .Net Framework here.
Create an application in the .Net Services Manager
Now you must submit your application information to Microsoft using the Microsoft .Net Services Manager. This allows your ASP.Net application to access the Microsoft Passport servers.
You can set up your development Passport application at no cost, and the registration process is fairly straightforward. You will need to enter the particulars regarding your application server and cobranding details. The processing of your application may take up to two days.
At the end of the process, you will obtain a Site ID and a Passport encryption key for your Web site. All you have to do is run the Passport Manager Administration utility to set the correct Site ID by clicking Start | Programs | Microsoft Passport | Passport Management Administration.
To obtain the key, select the Download A Key option in .Net Services Manager. This will download an .exe file called Partner###_#.exe (where the series of #s corresponds to your Site ID). Then, enter the following line commands with options:
Partner###_#.exe /addkey
Partner###_#.exe /makecurrent /t 0
Just reboot your server, and you'll have completed the installation and configuration of Passport on your test development machine.
Previous
Did you find this article useful?
96 out of 211 people found this useful
- Share this article:
