The one indication that the card may actually
be sent to an STS instead of directly to the website is the text
that appears in CardSpace: ???Cards that are sent to this site may
be sent to the site??™s designated agents.???
The federated deployment is not limited to a single R-STS. There
can be any number of R-STSs chained, which can allow business
logic to be spread out between them (see Figure 4-8).
However, each R-STS adds to the time it takes for a user to use a
card because each STS interaction can take several seconds.
The transaction time is added to both the beginning and end of
the CardSpace interaction: At the start of the transaction, the
requirements of the STSs are collected from the MEX endpoints;
at the end, as the tokens are requested and returned by the STSs.
During both of these actions, the CardSpace progress dialog is
shown.
Identity
Provider Website
CardSpace
Resource
STS
Resource
STS
Figure 4-8 Multiple R-STSs
252 CardSpace Implementation
CardSpace and Windows Communication
Foundation
As well as offering website support, CardSpace can be easily
integrated into Web services that use Windows Communication
Foundation (WCF). In fact, CardSpace is very tightly integrated
with WCF and easily used with rich-client applications.
Pages:
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379