.jpg)
PassportIdentity.GetLoginChallenge(string,int,int,string,int,string,int,int,object)
Returns the URL and header information to facilitate a Microsoft .NET Passport sign-in.
Syntax
public string GetLoginChallenge( string szRetURL, int iTimeWindow, int fForceLogin, string szCOBrandArgs, int iLangID, string strNameSpace, int iKPP, int iSecureLevel, object oExtraParams)
Parameters
- szRetURL
The return URL to which to return the user upon a successful sign-in. Sets the URL of the location to which the Login server should redirect users after they sign in. Pass a null reference to indicate that .NET Passport should use the return URL value specified in the Passport Manager Administration utility. The return URL must be fully qualified and point to a named file, not just a root.- iTimeWindow
Specifies the interval, in seconds, during which users must have last signed in to the calling domain. Pass -1 to indicate that .NET Passport should use the default value. The value entered for iTimeWindow must be -1, greater than or equal to 20, and less than 2678400 (between 20 seconds and 31 days). The iTimeWindow parameter is used in conjunction with the fForceLogin parameter.- fForceLogin
Determines how the iTimeWindow parameter is used. If set to a value other than 0, the Login server will compare iTimeWindow interval against the time since the user last manually signed in. If set to 0, then the Login server will compare iTimeWindow against the last time the Ticket was refreshed, either silently or manually.- szCOBrandArgs
A string specifying variables to be appended as query string variables to the URL of the cobranding template script page. Pass a null reference to indicate that .NET Passport should use the Cobrand Args value specified in the Passport Manager Administration utility.- iLangID
Specifies the language to be used for the Sign-in page that is displayed to the user. Pass -1 to indicate that .NET Passport should use the default value specified in the Passport Manager Administration utility.- strNameSpace
A domain namespace to which you want to direct users without .NET Passports to register. The specified namespace must appear as a "domain name" entry in the Partner.xml Component Configuration Document (CCD). The typical default namespace is "passport.com". Pass a null reference to indicate that .NET Passport should use the default value.- iKPP
Specifies data collection policies for the purpose of complying with the parental consent requirements of children's privacy laws, such as the Children's Online Privacy Protection Act (COPPA). Pass -1 to indicate that .NET Passport should use the default value.- iSecureLevel
An integer that declares the secure level with which the Sign-in page will be served. The value may be 0, 10, 100, or -1, which indicates that the default secure level value for the site should be used. For more information about the accepted values for iSecureLevel, see PassportIdentity.GetIsAuthenticated(int,int,int).- oExtraParams
Name-value pairs to be inserted directly into the challenge authentication header, specifically for .NET Passport-aware authentication interaction. Pass a null reference to indicate that .NET Passport should use the default value.
Return values
A string representing the .NET Passport login challenge.
Example
The following C# example uses the GetLoginChallenge() method to create a Web request and displays the response.
<%@ Page Language="C#"%> <%@ Import Namespace = "System.Web.Security" %> <HTML> <HEAD><TITLE>Mysample - Exercise - CS</TITLE></HEAD> <Script language="C#" runat="server"> string sServer; PassportIdentity oMgr; string sthisURL, sruURL; protected void Page_Load(Object src, EventArgs e) { sServer = Request.ServerVariables["SERVER_NAME"]; oMgr = (PassportIdentity)User.Identity; sthisURL = "https://" + sServer + Request.ServerVariables["SCRIPT_NAME"]; sruURL = "https://" + sServer + "/BriefCS/default.aspx"; } </Script> <% if (oMgr.IsAuthenticated) { //Set the sign-out URL - stay on this page sruURL = sthisURL; } else { //Set the sign-in URL - stay on this page sruURL = sthisURL; } //The LogoTag2 allows the user to sign in or sign out. Response.Write ("<DIV STYLE = 'position:absolute; right:50px'>" + oMgr.LogoTag2(sthisURL,100,-1,null,1033,-1,null,-1,-1) + "</DIV>"); int iTimeWindow = 100; int fForceLogin = 1; string szCOBrandArgs = null; int iLangID = 1033; string strNameSpace = null; int iKPP = -1; int iSecureLevel = 0; object oExtraParams = null; Response.Write("<br>" + oMgr.GetLoginChallenge(sthisURL,iTimeWindow, fForceLogin,szCOBrandArgs,iLangID,strNameSpace,iKPP,iSecureLevel,oExtraParams)); %> </HTML>The preceding example returns output similar to the following:
WWW-Authenticate:Passport1.4lc=1033,id=23248,tw=100,fs=1,ru=https://localhost/BriefCS/Exercise.aspx,ct=1018301720,kv=1,ver=2.1.0173.1,tpf=439893ba5b082669a1e0201310e4dead
Remarks
The iLangID is an integer representation of a standard locale ID (LCID). For example, U.S. English (EN/US) is 1033. For a table of LCIDs, see Localization and .NET Passport Services.
The returned response header field contains the URL of the calling page, plus a query string parameter containing the .NET Passport Login server with other parameters in the encoded query string. These query string arguments are then processed by the Login server if the user is redirected, and determine whether the Login server can refresh credentials silently or must display the Login form.
When a server receives a request that requires authentication, the server returns a 401 status code message. In that message, the server should include one or more WWW-Authenticate response headers. These headers include the authentication methods the server has available. The fForceLogin parameter is returned as 1 when the parameter is submitted as other than a 0. No fForceLogin parameter is returned when the parameter is submitted as a 0.
See Also