{"id":909,"date":"2007-11-27T22:56:06","date_gmt":"2007-11-28T06:56:06","guid":{"rendered":"\/?p=909"},"modified":"2007-12-02T14:02:51","modified_gmt":"2007-12-02T22:02:51","slug":"getting-claims-when-using-no-ssl-cardspace","status":"publish","type":"post","link":"https:\/\/www.identityblog.com\/?p=909","title":{"rendered":"Getting claims when using no-ssl CardSpace"},"content":{"rendered":"

When\u00a0a user tells CardSpace to\u00a0“send” identity data from a self-issued card to a web site, \u00a0it posts a SAML token using the action attribute in the HTML form containing an x-informationCard Object tag.<\/p>\n

In the simple, no-ssl case, this information will not be encrypted, so you can just\u00a0treat it as an XML blob.\u00a0 You can test this out by making the form's action <\/a>a script like this one:<\/p>\n

<\/p>\n

This script just takes everything that is posted to the web server by CardSpace after processing the invocation form<\/a>, and reflects it back as an “XML encoding”.\u00a0 The result is shown in my demo<\/a>, and in the no-ssl zip file<\/a> as result.xml.<\/p>\n

As pedagogical as the XML dump may be, it isn't a good sample of how you would consume claims.\u00a0 For that, let's look at the following script:<\/p>\n

<\/p>\n

GetClaims() shown above\u00a0is just a way of pulling values out of an XML document – use your own instead.\u00a0 You will see that the givenname and privatepersonalidentifier claims used here <\/a>are retrieved with this simple code.<\/p>\n

I hope all of this will become very clear by watching the demo <\/a>and looking at the aforementioned zip file<\/a>, which you can cut and paste for your own experiments.<\/p>\n

[Note:\u00a0 the\u00a0raw XML display code above did not include the stripslashes function when I first posted it, which caused the function to fail in certain php configurations.\u00a0 Thanks to Alex Fung from Hong Kong for the report.]<\/p>\n","protected":false},"excerpt":{"rendered":"

In the simplest case, you can just look at the identity payload as an XML blob posted to a web site<\/p>\n","protected":false},"author":68,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[37,19,2,7,55,4],"tags":[],"_links":{"self":[{"href":"https:\/\/www.identityblog.com\/index.php?rest_route=\/wp\/v2\/posts\/909"}],"collection":[{"href":"https:\/\/www.identityblog.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.identityblog.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.identityblog.com\/index.php?rest_route=\/wp\/v2\/users\/68"}],"replies":[{"embeddable":true,"href":"https:\/\/www.identityblog.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=909"}],"version-history":[{"count":0,"href":"https:\/\/www.identityblog.com\/index.php?rest_route=\/wp\/v2\/posts\/909\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.identityblog.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=909"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.identityblog.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=909"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.identityblog.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=909"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}