Integrate Windows Live ID Authentication Into Your Website
Microsoft recently released an SDK that allows you to integrate Windows Live ID authentication into your Website (ASP.NET or any other). To get started you'll need to register your application and get an application ID. From there it's quite straightforward especially since a sample application that uses Windows Live ID is available to download. Sample code is available for ASP.NET, Java, Perl, PHP, Python, and Ruby.
Once you've registered your site and obtained an application ID you can embed an iframe into the page where users need to sign-in. The iframe points to the windows Live ID authentication page and passes it your application ID:
<iframe id="WebAuthControl" name="WebAuthControl" src="http://login.live.com/controls/WebAuth.htm?appid=<%=AppId%>&style=font-size%3A+10pt%3B+font-family%
3A+verdana%3B+background%3A+white%3B" width="80px" height="20px" marginwidth="0" marginheight="0" align="middle" frameborder="0" scrolling="no"> </iframe>
Once the end user signs-in they'll be redirected to the landing page you specified when you registered the application with WIndows Live ID services. This page needs to process the response and set a cookie if the user successfully signed-in to Windows Live ID. The following code (from the SDK sample) shows how you can check what action is being performed and then log the user into or out of your site as appropriate through cookies. The code relies upon a class named WindowsLiveLogin that is available in the SDK sample code mentioned above.
public partial class HandlerPage : System.Web.UI.Page { const string LoginPage = "default.aspx"; const string LogoutPage = LoginPage; const string LoginCookie = "webauthtoken"; static DateTime ExpireCookie = DateTime.Now.AddYears(-10); static DateTime PersistCookie = DateTime.Now.AddYears(10); // Initialize the WindowsLiveLogin module. static WindowsLiveLogin wll = new WindowsLiveLogin(true); protected void Page_Load(object sender, EventArgs e) { HttpRequest req = HttpContext.Current.Request; HttpResponse res = HttpContext.Current.Response; // Extract the 'action' parameter from the request, if any. string action = req.QueryString.Get("action"); /* If action is 'logout', clear the login cookie and redirect to the logout page. If action is 'clearcookie', clear the login cookie and return a GIF as response to signify success. By default, try to process a login. If login was successful, cache the user token in a cookie and redirect to the site's main page. If login failed, clear the cookie and redirect to the main page. */ if (action == "logout") { HttpCookie loginCookie = new HttpCookie(LoginCookie); loginCookie.Expires = ExpireCookie; res.Cookies.Add(loginCookie); res.Redirect(LogoutPage); res.End(); } else if (action == "clearcookie") { HttpCookie loginCookie = new HttpCookie(LoginCookie); loginCookie.Expires = ExpireCookie; res.Cookies.Add(loginCookie); string type; byte[] content; wll.GetClearCookieResponse(out type, out content); res.ContentType = type; res.OutputStream.Write(content, 0, content.Length); res.End(); } else { WindowsLiveLogin.User user = wll.ProcessLogin(req.Form); HttpCookie loginCookie = new HttpCookie(LoginCookie); if (user != null) { loginCookie.Value = user.Token; if (user.UsePersistentCookie) { loginCookie.Expires = PersistCookie; } } else { loginCookie.Expires = ExpireCookie; } res.Cookies.Add(loginCookie); res.Redirect(LogoutPage); res.End(); } } }
You can also integrate other Windows Live controls into your pages. An example of integrating the Windows Live Contacts Control into a page is available here. More information about integrating Windows Live ID services into your applications can be found here.