Ashish Jain of Ping Identity seems to have broken another barrier by demonstrating a “managed card” identity provider written in Java.
In the world of InfoCards, we talk about two kinds of “identity provider”. One is a “self-issued” card provider, through which individuals can make claims about themselves. The other is a “managed” card provider, which supports claims made by one party about another party.
Examples of managed card providers could include claims made by an employer about its employees; a financial institution about its customers; an enterprise about its customers; or a reputation service making claims about its users. While the technology for posting tokens from an identity selector like Cardspace to a web site can be very light weight (RESTful), that for building managed card providers is more challenging.
Here's how Ashish puts it:
Please do the following (you need to have RC1 client installed on your machine).
- Access the IdP Demo here.
- Enter your information and click â€˜Get Cardâ€™.
- When the popup happens, click â€œopenâ€ to save it to the CardSpace Client. Alternatively, you can save it to the disk and double-click to install it. (You can change the extension from .crd to .xml if you are interested in looking at the contents).
- Close the CardSpace Client.
- Next go to the RP site here.
- Click on the Managed Infocard Image.
- Your CardSpace client should pop-up at this time and only the relevant card should be available for selection.
- Select the card and it will challenge you to enter your IdP credentials. The server doesnâ€™t perform any password validation at this time (as long as the username is correct).
And you should be logged in to the Relying party. The relying party page also displays the IdP as well as the RP message flow.
I tried it and it definitely worked for me. I'll do a screen capture.
I don't know if the picture in Ashish's piece shows something he drank as a baby, but if so, a lot of other programmers may want to try some.