SEARCH
0-9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
PARTS:
Part 10
Part 11
Part 12
Part 13
Part 14
Part 15
Part 16
Part 17
Part 18
Part 19
Part 20
Part 21
Part 22
Part 23
Part 24
Part 25
Prev | Current Page 273 | Next

Vittorio Bertocci, Garrett Serack, Caleb Baker

"Understanding Windows CardSpace: An Introduction to the Concepts and Challenges of Digital Identities"

com.
After the user reviews the information that will be disclosed, the
card is sent to the site by clicking Send. This doesn??™t really send
a card, of course, but rather releases a security token to the website
that would be used to identify the user.
This should all look pretty simple. The UI ?¬‚ow is meant be usable
to the broad computer-using community, and the use of the
card metaphor in the UI really helps make the process tangible.
The information to
be disclosed about
the user can be
reviewed before
sending
Figure 3-4 The Card Details page lets the user review the information
that will be sent.
173
From the Web Developer??™s Perspective
CardSpace-enabling a website takes minimal work for a web
developer. However, a few key components must be
implemented:
 HTTPS Login page. The certi?¬?cate from the SSL connection
is shown to the users to help them identify the site.
 Information Card tag. This tag will open
CardSpace and allow the site to specify which claims it
is requesting, as well as other policy-related information.
 Token Processor page. When the security token is returned,
the website will need to verify the digital signature
on the token, as well as retrieve the requested claim
values
HTTPS Login Page
The requirement to use HTTPS is meant to help the user be able
to identify the page that is requesting a token, as well as provide
extra security as the token is transmitted back to the website.


Pages:
261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285
Beginners Guide to SQL Server Integration Services Using Visual Studio 2005 (page 135) Pro ASP.NET 3.5 Server Controls and AJAX Components (page 2098) Practical Reporting with Ruby and Rails (page 363)