I\'m building an ASP.NET MVC site where I want to use DotNetOpenAuth to implement OpenID login (I\'m completely dropping username/password-based login).
So far, I\'ve be
They will interface just fine, but you will need to do a bit of custom work.
What I have done in the past is this:
First I'm assuming you have a semi working openid implementation, meaning you can receive the actual identity from an openid provider but just not sure what to do with it.
I continue to use FormsAuthentication as a back end even without using it for Authentication.
You will need a database table that allows you to tie a FormsAuthentication user to one or more openids. You can simply store the FormsAuthentication username (which doesn't exist yet) with the identity URL you receive from the openid provider. We'll call this table AUTH
When someone authenticates to your site with an openid check whether it exists in the AUTH table. If not you need to do two things. Call Membership.CreateUser() passing in whatever generated username you want (or the email address if provided by openid). I user a GUID for the password since it won't be used. At the same time put an entry in the AUTH table mapping the Membership username to the openid claimed identity.
When someone authenticates to your site with an open id and it already exists call FormsAuthentication.RedirectFromLoginPage with the username associated with the openid and all the appropriate authentication tickets will be set.
Now you can use all the nice built in security objects just like you always could before implementing openid.
EDIT: As an added benefit of this setup you have the option in the future of allowing username/password logins.
You can also swap out your membership provider at any time.
Also, the many to one nature of the AUTH table allows you to easily associate multiple openids.