Reputation: 599
DotNetOpenAuth - What do "Nonce" and "OpenIDAssociation" tables do?
This is a specific question to DotNetOpenAuth. I opened up the .NET template, and found that there are 2 tables "Nonce" and "OpenIDAssociation" and there are 2 SPs that do the cleanup upon on expiration date.
What exactly do these 2 tables do? Why do we need to keep track of the association?
Upvotes: 1
Views: 789
Answers (1)
Reputation: 81791
Nonces provides replay protection and OpenID associations allow for faster logins and (in some cases) enhanced security. While nonces and associations can be stored in memory without a database table behind it, a database is more secure because nonces won't be lost from memory when a web app restart causes memory to be cleared. Also, in web farms a database is the primary way to share state between web servers in the farm, so these tables facilitate that.
Upvotes: 1
Related Questions
- Purpose of state and nonce in OpenID Connect Code flow
- What's the nonce function on Oauth authentication process?
- How does the DotNetOpenAuth OAuth 2.0 example work?
- Purpose of ProviderUserName column in DotNetOpenAuth sample
- How DotNetOpenAuth works
- How is OpenID implemented?
- Some questions about OpenId
- Confused about OpenID and ASP.NET
- Dotnetopenauth oAuth Service provider explanation
- DotNetOpenAuth IAuthenticationRequest member explanation request