WINDOWS

LIVE ID FOR
SHAREPOINT
1.0
1.0 RC
A Windows Live ID authentication provider
for Microsoft SharePoint
Combine the power of the Windows Live ID authentication and
the SharePoint platform to enhance your SharePoint based sites.

Created by Wictor Wilén, 2009

http://www.wictorwilen.se/
http://spwla.codeplex.com/
 Windows Live ID for SharePoint 1.0

Windows Live ID for SharePoint

1.0
BY WICTOR WILÉN

INSTALLATION
Follow these steps when installing Windows Live ID for SharePoint, 1.0 Release Candidate:

Prerequisites
Before installing Windows Live ID for SharePoint, verify that your system has:

 Windows SharePoint Services 3.0 or Microsoft Office SharePoint Server 2007 is installed
 Microsoft .NET Framework 3.5 SP1 installed

Prepare SharePoint
The Windows Live ID for SharePoint requires that you have extended your Web Application and configured
the extended to use Forms Authentication and enabled Anonymous Access. You should also specify the
Membership Provider Name to LiveID and Role Manager Name to LiveRoles.

Then go to the original site (the one with Windows authentication) and enable anonymous access.

Create an Administration site

The Windows Live ID Authentication for SharePoint uses some lists in SharePoint to store user information, these
lists are automatically created during the configuration, but you should create an administration to hold these
lists.

Page 1
 Windows Live ID for SharePoint 1.0

So create a site called Admin (use the Team Site or Blank Site as template), this site should use unique
permissions so that you can control which users have access to this site. Create a new visitor group, when asked
to (do not use the parent site visitors group)

Installing the solu tion

First of all you have to install the WSP, this is done by using the following stsadm.exe command:

stsadm -o addsolution -filename SPCS.WindowsLiveAuth.wsp

Deploy the solution

Once the installation of the WSP is installed you have to deploy the solution. Go to Central Administration ->
Operations -> Solution Management and click on the spcs.windowsliveauth.wsp solution. Click on Deploy.
Choose the web application on which you want to deploy the solution and deploy it.

Activate the Administration Featur e

To activate the administration feature, you have to go to Central Administration->Operations->Manage Farm
Features and activate the Windows Live ID Authentication Configuration feature.

Register your Windows Live ID enabled application

To configure your solution you have to register your application on the Azure Services Developer Portal
(https://lx.azure.microsoft.com/Cloud/Provisioning/Default.aspx). Create a new Live Services project.

Fill in a name and a description and then as return URL you specify your server address and add
/_layouts/liveauth-handler.ashx to the address.

Page 2
 Windows Live ID for SharePoint 1.0

You should also fill in your domain, if you don’t you will not be able to use presence information and other
present and upcoming features that requires Live ID Delegated authentication.
Note: You cannot change Url or domain. To change them you have to create a completely new
project. This also has the effect that all registered users get new unique Id’s for your site.

Once your application is created, you will get some parameters that are required later on when configuring
the Windows Live ID for SharePoint solution. Note down the Application ID and the Secret Key.

Configure the Web Application

When you have the Application ID and the Secret key go to Central Administration->Application
Management->Windows Live ID Configuration:

Page 3
 Windows Live ID for SharePoint 1.0

In this form you select the correct Web Application and choose the zone that you will enable Windows Live ID
on.
Fill in the Windows Live ID Application Key and Secret key that you generated in the Azure Services Portal.

The first time you configure the Windows Live ID authentication you also have to check the Create/Overwrite
Windows Live ID Profile lists. And then fill in the name of the Profile List (use LiveProfiles for example) and the
Profile Sync List (use LiveProfilesSync for example). The Profile List will contain all the registered users and the
Profile Sync list will contain all Windows Live ID enabled Site Collections and is used to synchronize member
information.

You also need to specify which site to contain the lists and a Url which is used to redirect users that are locked
out of your application (a Web Part Page or a publishing page for example).

Under the Advanced settings you have a number of options:

If you check Approve all new users all new users will automatically be approved (see information about groups
below).
If you site uses the HTTPS protocol, make sure to check Use HTTPS.
If you would like to use Delegated Authentication (and specified a domain when registered your project in the
Azure Services Portal) you can check the Enable Delegated Authentication and you also has to specify a Url to
a public page which contains the policy of your website.

Page 4
 Windows Live ID for SharePoint 1.0

Click Submit when you are done. Now the web.config files of your application should be updated with the
correct information.
Note: some changes of the web.config will not be retracted when uninstalling the Windows Live ID for
SharePoint.

Configure the Site Collection

Now you have to enable your Site Collection to use the Windows Live ID authentication. To do this go to Site
Collection Features of your web site (use the default site using Windows authentication) and activate the
Windows Live ID Authentication feature.

Now you are all set and done!

Give the authenticated Live ID users permissions

The users can log in but you have to set permissions manually on each one of them. The Windows Live ID for
SharePoint has four built-in groups that you can use to set permissions:

 Authenticated Live User – all registered and authenticated users

 Live Users – all approved and non-locked users

 Unapproved Live Users – all non-approved users

 Locked Live Users – all locked users

Web Parts
Windows Live ID for SharePoint has a set of Web Parts which you can use. You will find them in the Web Part
Gallery of you Site Collection.
Good Luck!

LICENSE

Microsoft Public License (Ms-PL)

This license governs use of the accompanying software. If you use the software, you

Page 5
 Windows Live ID for SharePoint 1.0

accept this license. If you do not accept the license, do not use the software.

1. Definitions
The terms "reproduce," "reproduction," "derivative works," and "distribution" have the
same meaning here as under U.S. copyright law.
A "contribution" is the original software, or any additions or changes to the software.
A "contributor" is any person that distributes its contribution under this license.
"Licensed patents" are a contributor's patent claims that read directly on its contribution.

2. Grant of Rights
(A) Copyright Grant- Subject to the terms of this license, including the license conditions
and limitations in section 3, each contributor grants you a non-exclusive, worldwide,
royalty-free copyright license to reproduce its contribution, prepare derivative works of
its contribution, and distribute its contribution or any derivative works that you create.
(B) Patent Grant- Subject to the terms of this license, including the license conditions
and limitations in section 3, each contributor grants you a non-exclusive, worldwide,
royalty-free license under its licensed patents to make, have made, use, sell, offer for
sale, import, and/or otherwise dispose of its contribution in the software or derivative
works of the contribution in the software.

3. Conditions and Limitations

(A) No Trademark License- This license does not grant you rights to use any contributors'
name, logo, or trademarks.
(B) If you bring a patent claim against any contributor over patents that you claim are
infringed by the software, your patent license from such contributor to the software
ends automatically.
(C) If you distribute any portion of the software, you must retain all copyright, patent,
trademark, and attribution notices that are present in the software.
(D) If you distribute any portion of the software in source code form, you may do so only
under this license by including a complete copy of this license with your distribution. If
you distribute any portion of the software in compiled or object code form, you may only
do so under a license that complies with this license.
(E) The software is licensed "as-is." You bear the risk of using it. The contributors
give no express warranties, guarantees or conditions. You may have additional consumer
rights under your local laws which this license cannot change. To the extent permitted
under your local laws, the contributors exclude the implied warranties of merchantability,
fitness for a particular purpose and non-infringement.

Page 6