To understand this discussion, start here and then follow the continuation links until you return to this posting. Click on the images below to see a larger and more readable version.
In the demo, as shown in the following screen shot, only the HelloWorld card is illuminated – all the other cards were “greyed out” as inappropriate:
This happened because in the Information Card login page, the “relying party” expressed a requirement that a HelloWorld card be presented. This was done by embedding “policy” in the “object tag” that tells the browser (and through it, CardSpace) what Information Cards will be accepted. To drill into this, let's look again at the login page:
Here's the HTML that created it:
You'll see that one of the PARAMs in the OBJECT tag is “tokenType”. It's set to a completely arbitrary value – one I made up to show you can do whatever you want – of http://kcameron11/identity/helloworldToken, Since I specified this specific token type, only Information Cards that support it will illuminate at selection time when you go to this web page. Further, the other PARAM specifies “requiredClaims”. Only Information Cards that support these values will be possible candidates.
The InfoCard Web App and Browser Guide has more information about the OBJECT tag.
In the next installment, I'll explain how the Identity Provider works, and you'll be able to examine the code.