public ActionResult Authenticate( string returnUrl )
        {
            var response = openid.GetResponse ();
            if ( response == null ) {
                //Let us submit the request to OpenID provider
                Identifier id;
                if ( Identifier.TryParse ( Request.Form["openid_identifier"], out id ) ) {
                    try {
                        var request = openid.CreateRequest (
                                             Request.Form["openid_identifier"] );
                        return request.RedirectingResponse.AsActionResult ();
                    } catch ( ProtocolException ex ) {
                        ViewBag.Message = ex.Message;
                        return View ( "LogOn" );
                    }
                }

                ViewBag.Message = "Invalid identifier";
                return View ( "LogOn" );
            }

            //Let us check the response
            switch ( response.Status ) {

                case AuthenticationStatus.Authenticated:
                    LogOnModel lm = new LogOnModel ();
                    lm.OpenID = response.ClaimedIdentifier;
                    // check if user exist
                    MembershipUser user = MembershipService.GetUser ( lm.OpenID );
                    if ( user != null ) {
                        lm.UserName = user.UserName;
                        FormsService.SignIn ( user.UserName, false );
                    }

                    return View ( "LogOn", lm );

                case AuthenticationStatus.Canceled:
                    ViewBag.Message = "Canceled at provider";
                    return View ( "LogOn" );
                case AuthenticationStatus.Failed:
                    ViewBag.Message = response.Exception.Message;
                    return View ( "LogOn" );
            }

            return new EmptyResult ();
        }
        public ActionResult LogOn(LogOnModel model, string returnUrl)
        {
            if (ModelState.IsValid) {
                if (Membership.ValidateUser(model.UserName, model.Password)) {
                    FormsAuthentication.SetAuthCookie(model.UserName, model.RememberMe);
                    if (Url.IsLocalUrl(returnUrl) && returnUrl.Length > 1 && returnUrl.StartsWith("/")
                        && !returnUrl.StartsWith("//") && !returnUrl.StartsWith("/\\")) {
                        return Redirect(returnUrl);
                    }
                    else {
                        return RedirectToAction ( "Index", "Admin", new { area = "_" } );
                    }
                }
                else {
                    ModelState.AddModelError("", "The user name or password provided is incorrect.");
                }
            }

            // If we got this far, something failed, redisplay form
            return View(model);
        }