[Identity-dev] Our cards can be imported now!

Cool!

Sanjiva.

Ruchith Fernando wrote:
> Hi Devs,
>
> Thanks to the help of the folks at MSDN "CardSpace" forum [1] the
> InfoCards that our API produces can be imported into the MSFT CardSpace
> identity selector now!
>
> However we have a couple of issues related to Apache XML-Security:
>
> 1.) MSFT CardSpace expects the card not to contain any newlines between
> elements. Apache XML-Security adds a lot of whitespace and we are using
> a patched version of it. We have the jar uploaded here in the wso2 mvn2
> repo[2].
>
> 2.) CardSpace signature verification expects the complete certificate
> chain to be available in the KeyInfo/X509Data element within consecutive
> X509Certificate elements. AFAIK this is not supported by XML-Security
> and [2] contains the patch for this as well.
>
> I will send a proper patch to the xml-sec list for us to be able to
> depend on the xml-sec trunk!
>
> Thanks,
> Ruchith
>
> p.s.
>
> - *Please* make sure the build doesn't fail before you commit!
> - Please upgrade to maven-2.0.6
>
> [1] http://forums.microsoft.com/MSDN/ShowPost.aspx?PostID=1488839&SiteID=1
>
> [2]
> http://dist.wso2.org/maven2/org/apache/santuario/xmlsec/534045-patched/xmlsec-534045-patched.jar
>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> Identity-dev mailing list
> Identity-dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/identity-dev

--
Sanjiva Weerawarana, Ph.D.
Founder, Chairman & CEO; WSO2, Inc.; http://www.wso2.com/
email: sanjiva@wso2.com; cell: +94 77 787 6880; fax: +1 509 691 2000

"Oxygenating the Web Service Platform."

_______________________________________________
Identity-dev mailing list
Identity-dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/identity-dev

Hi friends,
One of the serious concerns is about identity fraud. In order to protect you i can show identity safety tips which can help you out..!
In order to protect yourself from identity fraud and name theft, you must carefully protect your personal records, and pursue online activities with caution. There are a number of things to prevent this.

Enterprises are inherently complex, comprising of hundreds of applications with completely different semantics. Some of these applications are custom built, where as some are acquired from third parties and some even can be a combination of both and they can be operating in different system environments.

WSO2 VMware Images helps you to try our products inside your virtualized environments without having to go through the trouble of installation and configuration. Download an image and get your hands on cutting edge, lightweight SOA middleware right away!

WSO2 Governance Registry is a product from WSO2 that facilitates you to govern the SOA platform of your organization by helping you store and manage SOA meta data. The product is free and open source with Apache licence and you can download it from http://wso2.org/projects/governance-registry

Hot

Topic

Google Gadgets are a nice way to develop user interfaces for distributed services. The fact that they can be hosted anywhere over a network, not necessarily in the very portal server they eventually run in makes them re-usable and allows users to quickly...

more>

In this webinar we'll share the range of concerns we've heard from the industry, and survey some of the new and sometimes subtle types of lock-in associated with cloud technologies.

Wednesday, 8 September, 10.00 AM (PDT)

[Identity-dev] Our cards can be imported now!

[Identity-dev] Our cards can be imported now!

Identity Safety Tips