Welcome to Windows Communication Foundation (WCF)
Top Tasks :

WCF Team Bloggers

Adding CardSpace Support to DasBlog - Part 1

Over the break, I've been playing around with dasBlog. One of the projects I undertook was to add support for InfoCards to dasBlog (this was before I knew about Kevin Hammond's similar work). I just rolled out a version of dasBlog 1.9 with my InfoCard support that now powers www.gazitt.com/blog . I'm going to post a couple of entries that describe some of the learnings and a few snippets of code here and there... First, an intro into CardSpace and InfoCards. CardSpace is essentially a card-picking experience that we just shipped in Windows Vista (also available on XP and W2K3 through the .NET Framework 3.0 redist ). You create cards that contain personal information ("claims") about you - e.g. your first and last name, your e-mail address, your age, gender, etc - these are called Information Cards or InfoCards for short. The idea is that websites that support CardSpace can pull out some of those claims and personalize your experience, without having to create an account for you (at least one that is keyed by their own userid/password). The obvious question is - how does a site know that what you put down there in that card is "real"? And how does a site associate a particular card with a set of permissions (or a role)? Well, there's no magic here. If a site wants to "validate" the information in an InfoCard, it does it exactly like it would if it asked for all that information in a registration page - e.g. to verify an e-mail address, you send it an e-mail containing a link (with a guid) and if that link gets clicked, you have a real e-mail address. What about credit card numbers? That's where a "managed" card would come in - the credit card would issue you an InfoCard that is signed by them, and you could present that InfoCard to a site that trusts the issuer. A little like certs, except the idea is that InfoCards are much easier to use. What's cool about an InfoCard is that on the wire, it's just a SAML token. So it works very well with the WS-Trust architecture - for example, I can have a Security Token Service (STS) with whom I've registered, whose job it is to take the InfoCard I pass into it, and give me back a token that contains claims which the application that relies on that STS understands. The STS that we put up on sts.labs.live.com is exactly one such STS - it allows you to register an InfoCard, and it associates it with your Windows Live ID, so that when you use a site or service that trusts that STS (like the Relay service we also posted), you Read More...
Published Sunday, January 07, 2007 7:29 PM by OhmBlog

Comments

No Comments
Anonymous comments are disabled

  
More Search Options

<January 2007>
SuMoTuWeThFrSa
31123456
78910111213
14151617181920
21222324252627
28293031123
45678910

Copyright © 2006 Microsoft Corporation. All Rights Reserved. | Terms of Use | Privacy Statement | Contact Us