{"id":819,"date":"2007-06-25T14:14:02","date_gmt":"2007-06-25T22:14:02","guid":{"rendered":"\/?p=819"},"modified":"2007-06-30T13:24:51","modified_gmt":"2007-06-30T21:24:51","slug":"819","status":"publish","type":"post","link":"https:\/\/www.identityblog.com\/?p=819","title":{"rendered":"CardSpace control for ASP.NET"},"content":{"rendered":"

Dominick Baier at LeastPrivilege<\/a> has made leaps and bounds in his CardSpace control for the Microsoft ASP.NET environment (though it should work equally well for people using a Higgins identity selector or managed card).  It is very cleanly designed.  Amazingly, he's already added support for the new icon (does he ever sleep?).  His blog has an ongoing discussion <\/a>around the control and related issues:<\/p>\n

After I made some incremental changes and releases of my CardSpace control (found some bugs, got some feedback), I wanted to consolidate all the information along with a new version and some new features here. It now contains all the features I<\/strong> need and will be the last release for some time i guess.<\/p>\n

If you have any feedback or suggestions feel free to write me or leave me a comment. If you want to add support for XHTML, contact me too \ud83d\ude09<\/p>\n

Download here<\/font><\/a>. Have fun!<\/p>\n

PS. This was only possible with a little help of my friends…thanks Brock and JasonD!<\/p>\n

Features<\/h3>\n

Easy to use syntax<\/strong>
\nOne of my main goals was to have an easy to use markup syntax and intellisense support. I don't want to type in all those namespace URIs…<\/p>\n

<<\/span>lp<\/span>:<\/span>CardSpaceSelector<\/span> runat<\/span>=\"server\"<\/span> ID<\/span>=\"_selector_sic\"<\/span> AutoPostback<\/span>=\"true\" \r\n<\/span>    IssuerType<\/span>=\"SelfIssued\"> \r\n\r\n<\/span>    <<\/span>lp<\/span>:<\/span>ClaimType<\/span> Name<\/span>=\"givenname\"<\/span> \/> \r\n<\/span>    <<\/span>lp<\/span>:<\/span>ClaimType<\/span> Name<\/span>=\"surname\"<\/span> \/> \r\n<\/span>    <<\/span>lp<\/span>:<\/span>ClaimType<\/span> Name<\/span>=\"email\"<\/span> \/> \r\n\r\n<\/<\/span>lp<\/span>:<\/span>CardSpaceSelector<\/span>><\/span><\/pre>\n
Clean markup and independence of the server form<\/strong>
\nThe emitted markup works with Firefox and IE. I also made sure that the <object> tag is placed outside of the postback form. This allows you to have multiple postback controls on the form without triggering the identity selector.<\/p>\n
<\/p>\n
Designer integration<\/strong>
\nI never use the designer – but I acknowledge the fact that some people do \ud83d\ude09 The control renders correctly in the designer and has an editor to setup the required\/optional claims (including intellisense support).<\/p>\n
<\/p>\n
Event driven<\/strong>
\nThe control fires an event when a token is submitted.<\/p>\n
protected<\/span> void<\/span> _selector_sic_TokenSubmitted(object<\/span> sender, TokenSubmittedEventArgs<\/span> e) {     string<\/span> xmlToken = e.Token; }<\/pre>\n
Conditional rendering
\n<\/strong>You can choose to render the control only if the client browser supports InfoCards. You can specify an alternative <div \/> that would render in that case (e.g. to tell the user how to get CardSpace).<\/p>\n
Decoupling<\/strong>
\nI intentionally didn't couple the control with any user management semantics (like membership) or decryption clases (like the TokenProcessor). It is totally up to you how to proceed after you received the encrypted token. This is considered a feature \ud83d\ude09<\/p>\n
<\/h3>\n
Properties<\/h3>\n
InfoCard setup<\/strong><\/p>\n
IssuerType<\/em>
\nThis enum has two values \u00e2\u20ac\u02dcSelfIssued\u00e2\u20ac\u2122 and \u00e2\u20ac\u02dcManaged\u00e2\u20ac\u2122. If you select \u00e2\u20ac\u02dcSelfIssued\u00e2\u20ac\u2122 then the issuer URI for self-issued cards will be emitted. If you select \u00e2\u20ac\u02dcManaged\u00e2\u20ac\u2122 you have to set the issuer URI yourself. Defaults to ‘SelfIssued’<\/p>\n
Issuer and IssuerPolicy
\n<\/em>Specifies the URIs for the issuer and the issuer policy.<\/p>\n
TokenType<\/em>
\nSpecifies the token type. Defaults to SAML 1.0.<\/p>\n
PrivacyUrl and PrivacyVersion
\n<\/em>Specifies to the URL and version of the associated privacy policy (if any).<\/p>\n
Image<\/strong><\/p>\n
ImageUrl<\/em>
\nSpecifies a custom image to display. Defaults to the official InfoCard icon. <\/p>\n
StandardImageSize<\/em>
\nSelects one of the standard images sizes for the official InfoCard icon. Defaults to 114×80.<\/p>\n
Width & Height<\/em>
\nSpecifies the size of the image in pixels. Only relevant when a custom image is used.<\/p>\n
Rendering<\/strong><\/p>\n
RenderOnlyIfSupported<\/em>
\nWhen set to true, the control will only render if the client browser supports CardSpace. You have to embed the control into a <div \/> and specify the name in the DivToRender<\/em> attribute. Defaults to false<\/em>.<\/p>\n
DivToRender<\/em>
\nSpecifies which <div \/> to render\/make invisible based on client support.<\/p>\n
UnsupportedDiv
\nOptionally specifies a <div \/> to render when CardSpace is not supported on the client.<\/p>\n
RenderMode<\/em>
\nChoose between static and dynamic rendering. Static preserves the space for the control on the client. Defaults to Static<\/em>.<\/p>\n
Misc<\/strong><\/p>\n
HiddenFieldName<\/em>
\nName of the hidden field used to transmit the token back to the page. Defaults to __XMLTOKEN<\/em>.<\/p>\n
AutoPostBack<\/em>
\nSpecifies if the control posts back after a card has been selected. Defaults to false<\/em>.<\/p>\n
TriggerOnLoad<\/em>
\nSpecifies if the identity selector should be invoked directly after the page has finished loading. Defaults to false<\/em>.<\/p>\n
XmlToken<\/em>
\nHolds the encrypted token after the user has selected a card.<\/p><\/blockquote>\n
Dominick also did a set of four videos on CardSpace for UK MSDN that I would recommend:<\/p>\n
Implementation Strategies<\/font><\/a><\/p>\n
Support for standard InfoCard image<\/strong>
\nYou can choose between all standard sizes of the official InfoCard image<\/font><\/a>. You can also supply your own image and dimensions<\/p>\n