In this example, the email address claim is required,
and a phone number is marked as optional. To specify a claim
as required or optional, the isOptional attribute can be set. By
default, isOptional is set to false, which means the claim
value is required. Again, the similarities between the WCF
con?¬?guration ?¬?le and the HTML used to invoke CardSpace are
apparent.
Decrypting the Token
After a card is used that meets the requirements of the site, the
Web service needs to decrypt the token. This is a good point at
which to discuss how the token was encrypted. Just like when
websites use CardSpace, Web services also identify themselves
with a certi?¬?cate. The certi?¬?cate is used to show the site??™s identity
on CardSpace??™s recipient identi?¬?cation site. Also, as with the
website, CardSpace encrypts tokens to this certi?¬?cate.
To specify which certi?¬?cate it will use, the Web service??™s endpoint
needs to be con?¬?gured with an identity that has a certi?¬?-
cate reference. This can be done in a WCF con?¬?guration ?¬?le.
name="HelloService.Hello"
behaviorCon?¬?guration="helloServiceBehavior">
address="helloEndpoint"
contract="HelloService.
Pages:
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387