Vittorio Bertocci, Garrett Serack, Caleb Baker
"Understanding Windows CardSpace: An Introduction to the Concepts and Challenges of Digital Identities"
GetToken(
XmlElement endpoint,
IEnumerable
policy,
XmlElement requireRemoteTokenIssuer,
SecurityTokenSerializer tokenSerializer);
The parameters of this call are dif?¬?cult to use. The ?¬?rst parameter,
endpoint, contains a ws-addressing element that represents
the relying party. This will contain the certi?¬?cate used to
identify the relying party, too. The second parameter, policy,
contains the ws-trust policy, containing the requested claims
and privacy policy information. The third parameter,
requireRemoteTokenIssuer, takes the ws-addressing
element that de?¬?nes the required token issuer. And ?¬?nally,
tokenSerializer returns the token from CardSpace.
The sample code in the following listing illustrates making a call
into CardSpace using the native GetToken call. As it is easy to
see, the required values are a bit hard to read. Of note, the relying
party http://relyingparty/endpoint would be the URL
that uniquely de?¬?nes the party the token will be released to. The
base 64-encoded blob inside the X509Certi?¬?cate element has
been truncated, but it is just the certi?¬?cate of the relying party
that the token will be encrypted to.
266 CardSpace Implementation
POLICY_ELEMENT policy;
policy.
Pages:
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396