1 files changed, 30 insertions, 33 deletions

diff --git a/src/OAuth/OAuthConsumer/Web.config b/src/OAuth/OAuthConsumer/Web.config
index 3963433..09458df 100644
--- a/src/OAuth/OAuthConsumer/Web.config
+++ b/src/OAuth/OAuthConsumer/Web.config
@@ -3,16 +3,42 @@
   <configSections>

     <section name="log4net" type="log4net.Config.Log4NetConfigurationSectionHandler" requirePermission="false" />

     <sectionGroup name="dotNetOpenAuth" type="DotNetOpenAuth.Configuration.DotNetOpenAuthSection, DotNetOpenAuth.Core">

+      <section name="oauth" type="DotNetOpenAuth.Configuration.OAuthElement, DotNetOpenAuth.OAuth" requirePermission="false" allowLocation="true" />

       <section name="messaging" type="DotNetOpenAuth.Configuration.MessagingElement, DotNetOpenAuth.Core" requirePermission="false" allowLocation="true" />

       <section name="reporting" type="DotNetOpenAuth.Configuration.ReportingElement, DotNetOpenAuth.Core" requirePermission="false" allowLocation="true" />

-      <section name="oauth" type="DotNetOpenAuth.Configuration.OAuthElement, DotNetOpenAuth.OAuth" requirePermission="false" allowLocation="true" />

       <section name="openid" type="DotNetOpenAuth.Configuration.OpenIdElement, DotNetOpenAuth.OpenId" requirePermission="false" allowLocation="true" />

     </sectionGroup>

   </configSections>

   <!-- The uri section is necessary to turn on .NET 3.5 support for IDN (international domain names),

        which is necessary for OpenID urls with unicode characters in the domain/host name. 

        It is also required to put the Uri class into RFC 3986 escaping mode, which OpenID and OAuth require. -->

+  <uri>

+    <idn enabled="All" />

+    <iriParsing enabled="true" />

+  </uri>

+  <system.net>

+    <defaultProxy enabled="true" />

+    <settings>

+      <!-- This setting causes .NET to check certificate revocation lists (CRL) 

+			     before trusting HTTPS certificates.  But this setting tends to not 

+			     be allowed in shared hosting environments. -->

+      <!--<servicePointManager checkCertificateRevocationList="true"/>-->

+    </settings>

+  </system.net>

   <!-- this is an optional configuration section where aspects of dotnetopenauth can be customized -->

+  <dotNetOpenAuth>

+    <!-- Allow DotNetOpenAuth to publish usage statistics to library authors to improve the library. -->

+    <reporting enabled="true" />

+    <messaging>

+      <untrustedWebRequest>

+        <whitelistHosts>

+          <!-- Uncomment to enable communication with localhost (should generally not activate in production!) -->

+          <!--<add name="localhost" />-->

+        </whitelistHosts>

+      </untrustedWebRequest>

+    </messaging>

+    <openid></openid>

+  </dotNetOpenAuth>

   <appSettings>

     <!-- Fill in your various consumer keys and secrets here to make the sample work. -->

     <!-- You must get these values by signing up with each individual service provider. -->

@@ -101,40 +127,11 @@
       </endpoint>

     </client>

   </system.serviceModel>

-  <system.net>

-    <defaultProxy enabled="true" />

-    <settings>

-      <!-- This setting causes .NET to check certificate revocation lists (CRL) 

-			     before trusting HTTPS certificates.  But this setting tends to not 

-			     be allowed in shared hosting environments. -->

-      <!--<servicePointManager checkCertificateRevocationList="true"/>-->

-    </settings>

-  </system.net>

+  <system.webServer>

+    <modules runAllManagedModulesForAllRequests="true" />

+  </system.webServer>

   <runtime>

     <!-- This prevents the Windows Event Log from frequently logging that HMAC1 is being used (when the other party needs it). -->

     <legacyHMACWarning enabled="0" />

   </runtime>

-  <dotNetOpenAuth>

-    <messaging>

-      <untrustedWebRequest>

-        <whitelistHosts>

-          <!-- Uncomment to enable communication with localhost (should generally not activate in production!) -->

-          <!--<add name="localhost" />-->

-        </whitelistHosts>

-      </untrustedWebRequest>

-    </messaging>

-    <!-- Allow DotNetOpenAuth to publish usage statistics to library authors to improve the library. -->

-    <reporting enabled="true" />

-    <openid></openid>

-  </dotNetOpenAuth>

-  <uri>

-    <!-- See an error due to this section?  When targeting .NET 3.5, please add the following line to your <configSections> at the top of this file:

-		<section name="uri" type="System.Configuration.UriSection, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />

-		-->

-    <!-- The uri section is necessary to turn on .NET 3.5 support for IDN (international domain names),

-	     which is necessary for OpenID urls with unicode characters in the domain/host name. 

-	     It is also required to put the Uri class into RFC 3986 escaping mode, which OpenID and OAuth require. -->

-    <idn enabled="All" />

-    <iriParsing enabled="true" />

-  </uri>

 </configuration>
\ No newline at end of file