Setting Up a Development Machine for Passport-enabled Applications
This section demonstrates the steps required to set up a development machine for a Passport-enabled site. Although very easy, this setup is a lengthy process that involves quite a lot of steps. The following sections describe each step.
Step 1. Create a Passport-enabled User Account
Create a Hotmail account at www.hotmail.com. If you already have an e-mail account at Hotmail or MSN, you can skip Step 1 because these accounts are Passport-enabled by default.
Step 2. Register Your Application with the Passport Server
To register your application with the Passport server, go to http://www.netservicesmanager.com. You will see a page labeled .NET Services Manager (as shown in Figure 4). Press the sign-in button at the upper right corner of the screen. You will receive a .NET Passport Sign-In page (see Figure 5). Enter the e-mail account and password you got from Step 1 and press the sign-in button. The next screen asks for some personal information (first name, last name, address, etc.). Entering the required information will take you to a screen that contains a "Create an application" link (as shown in Figure 6). This link returns the "Create application" screen, which contains a text field with a label named "Application Name." Enter the name of your application in this text field and press the "Continue" button.
|Figure 4: The Page Labeled .NET Services Manager|
|Figure 6: Screen with a "Create an application" Link|
The "Select Services" screen shown in Figure 7 is the next screen you'll see. It presents three options: Kids Passport, .NET Passport Single Sign-in, and .NET Passport Express Purchase. Select the .NET Passport Single Sign-In option and press the Continue button.
Author's Note: The Kids Passport service provides parental consent services for sites offering content that may not be appropriate for children under 13 years of age. The Express Purchase service shares user credit card and billing information with Passport-enabled sites.
Step 3. Enter All the Required Information About Your Site
You will now get a number of screens, one after the other, that gather information regarding the site you want to register with Microsoft Passport. Each screen contains several fields, some of which are mandatory (shown in bold on the screen) and others that are optional. Since each field offers explanatory text to help you enter data accordingly, I explain only the fields that are important for understanding how Passport-enabled applications operate:
Domain Name and Default Return URL Fields
You should enter the domain name of the Web application you are registering in the domain name field. For example, www.devx.com is a valid entry for the domain name field.
The Default Return URL field is the address of the ASP.NET page that will be displayed to the user after a successful sign-in. The top-level name of this URL should match the domain name field. For example, if the domain name field was www.devx.com then the default return URL should be something like http://www.devx.com/security.
During development, you may also test pre-production sites while they are being hosted on IIS on local machines. In such a case, use the name of a machine on your local network as the domain name. The default Return URL will also contain the name of the local machine. For example, if the name of the machine is bsiddiqui and the page that you want displayed on your local machine after successful sign-in is identified by the URL myPassportEnabledApplication/WebForm1.aspx, then you would use the following values for the domain name and return URL fields:
Domain name: bsiddiqui
Default Return URL: http://bsiddiqui/myPassportEnabledApplication/WebForm1.aspx
Microsoft allows Passport-enabled applications to give a customized look to the Passport Sign-In page through co-branding information. Co-branding information helps maintain the look and feel of your Passport-enabled application so it remains consistent during sign-in. Although co-branding information, which includes images and style sheets, is not mandatory requirement, it is recommended.
Expire Cookie URL
The ASP.NET page residing on this URL is invoked on logout. Its purpose is to delete any cookies written by Passport server in the Passport-enabled application domain during sign-in. Passport server, instead of deleting the cookies itself, lets the Passport-enabled application delete them and makes sure that deleting the cookies does not affect its business logic.
Step 4. Log Your Site ID
The registration process is now complete. You will get a congratulations screen (as shown in Figure 8) that provides you a site ID. Write this ID down; you will need it later. You can register as many applications as you want (with the same e-mail account you got in Step 1), and each successful registration results in a site ID.
|Figure 8: A Congratulations Screen with Your Site ID|
Step 5. Go to the "Manage My Applications" Page
The congratulations screen also contains a link named "Manage My Applications." Click this link to reach the "Manage My Applications" page (as shown in Figure 9).
|Figure 9: The "Manage My Applications" Page|