SEARCH
0-9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
PARTS:
Part 14
Part 15
Part 16
Part 17
Part 18
Part 19
Part 20
Part 21
Part 22
Part 23
Part 24
Part 25
Prev | Current Page 359 | Next

Vittorio Bertocci, Garrett Serack, Caleb Baker

"Understanding Windows CardSpace: An Introduction to the Concepts and Challenges of Digital Identities"

aspx"
>
type='application/x-informationcard'
name='CardSpaceToken'
>
NAME="issuer"
Value="http://issuer/departmento?¬‚icensing"
>
NAME="requiredClaims"
VALUE="http://id4less/claims/legalToDrink"
>

type="submit"
value="Submit A Card >"
/>


When CardSpace comes up, the user is directed to select the
correct Managed Card, because other cards are disabled.
When they select the card, the user authenticates to the
Managed Card provider??™s token service, as discussed in Chapter
3, and the token is sent to the website.
After decrypting the token, the site veri?¬?es the identity of the
signer of the token. Because the token was created by a
Managed Card provider, it would normally be signed using the
certi?¬?cate of the card provider. As long as the website has previously
obtained a copy of the public certi?¬?cate, it can use it to
verify that the token was signed by Identities 4 Less.
246 CardSpace Implementation
After validating the tokens expiration time and audience restriction
attributes, the value of the "http://id4less/claims/
legalToDrink" claim can be pulled from the token and
checked to see whether it is true or false and either block or
allow the purchase accordingly.


Pages:
347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371
Beginners Guide to SQL Server Integration Services Using Visual Studio 2005 (page 92) Pro ASP.NET 3.5 Server Controls and AJAX Components (page 595) Practical Reporting with Ruby and Rails (page 318)