After configuring the settings, you can use the following two web parts on your website to allow OpenID authentication. The web parts are located under the Membership category in the web part catalog.
This web part can be used to let site visitors sign in to your website using their OpenID. It can be placed on any page of your website.
It lets users choose from a number of websites which support OpenID and where they might already have an account. If they choose one and click Sign In, they will be redirected to the logon page on that site. After a successful logon, they will be redirected back to the Kentico site. A new account is created on each first logon.
Some of the websites listed in the screenshot below may no longer support OpenID authentication.
Even though the web part works fine with default settings, it has the following specific properties to fine-tune its behavior:
- Providers - Providers used for OpenID login. Each provider must be specified on a single line. Total number of 3 parameters should be included for each provider:
- provider display name
- provider login URL
- provider icon name placed in ~/CMSWebParts/Membership/OpenID/OpenID_files/.
Each parameter must be separated by '|'. The third parameter is optional and if not supplied then the default OpenID icon will be displayed. Provided URL must be the login URL of the OpenID provider. If the username (or blog name, user id, etc.) is part of the URL, then use the ##username## macro to replace the username part of the URL.
- Display textbox - indicates if the OpenID provider textbox should be visible; if disabled then only the sign in button will be visible.
- Sign in text - if entered, a link with the entered text will be used instead of the default sign in image.
- Sign out text - if entered, a link with the entered text will be used instead of the default sign out image.
- Show sign out - if checked, the sign out link will be displayed after the user logs in.
- Show as button - if checked, buttons will be used instead of links.
- Sign in image - if set, the image will be used as the sign in link.
- Sign out image - if set, the image will be used as the sign out link.
- Required data for new users - using these settings, you can request additional data from the OpenID provider, which will be added to the newly created user account. In case that you are using the OpenID required data web part, the requested data will be pre-filled in the web part.
- Notify administrator about new registrations - if enabled, a notification e-mail is sent to the website administrator when a new registration is performed via the web part.
OpenID required data
In some cases, you may want new users to provide some extra details before their account is created. For example, if your site is configured to require registration approval or double opt-in, all users need a valid e-mail address to help activate their account.
This can be achieved using the Open ID required data web part. The web part must be placed on the page specified by the Required user data page value in Settings -> Security & Membership -> Authentication -> OpenID.
The following properties of the web part are the most important:
- Allow forms authentication - if checked, new users will be able to enter a password for their new account so that they can log in the usual way as well as via OpenID.
- Allow existing user - if enabled, users are allowed to join their existing account with OpenID.
- Default target URL - if no return URL is passed, users will be redirected to the URL entered here after merging or creating the account.
- Hide for no OpenID - if checked, the web part will be hidden if the page with it is displayed without OpenID logon (e.g. when accessed by entering its URL into the browser).