[Identity-dev] Our cards can be imported now!

Home » Forums » Project: WSO2 Identity Server (WSO2 IS)
ruchith's picture
Submitted by ruchith on May 1, 2007 - 07:52
Hi Devs, Thanks to the help of the folks at MSDN "CardSpace" forum [1] the InfoCards that our API produces can be imported into the MSFT CardSpace identity selector now! However we have a couple of issues related to Apache XML-Security: 1.) MSFT CardSpace expects the card not to contain any newlines between elements. Apache XML-Security adds a lot of whitespace and we are using a patched version of it. We have the jar uploaded here in the wso2 mvn2 repo[2]. 2.) CardSpace signature verification expects the complete certificate chain to be available in the KeyInfo/X509Data element within consecutive X509Certificate elements. AFAIK this is not supported by XML-Security and [2] contains the patch for this as well. I will send a proper patch to the xml-sec list for us to be able to depend on the xml-sec trunk! Thanks, Ruchith p.s. - *Please* make sure the build doesn't fail before you commit! - Please upgrade to maven-2.0.6 [1] http://forums.microsoft.com/MSDN/ShowPost.aspx?PostID=1488839&SiteID=1 [2] http://dist.wso2.org/maven2/org/apache/santuario/xmlsec/534045-patched/xmlsec-534045-patched.jar
‹ [Identity-dev] [jira] Assigned: (IDENTITY-19) Merge inforcard-downloader and identity-provider web components into a single web [Identity-dev] Another Apache Authentication Module for CardSpace ????? ›
sanjiva's picture

[Identity-dev] Our cards can be imported now!

Submitted by sanjiva on May 1, 2007 - 19:00.
Cool! Sanjiva. Ruchith Fernando wrote: > Hi Devs, > > Thanks to the help of the folks at MSDN "CardSpace" forum [1] the > InfoCards that our API produces can be imported into the MSFT CardSpace > identity selector now! > > However we have a couple of issues related to Apache XML-Security: > > 1.) MSFT CardSpace expects the card not to contain any newlines between > elements. Apache XML-Security adds a lot of whitespace and we are using > a patched version of it. We have the jar uploaded here in the wso2 mvn2 > repo[2]. > > 2.) CardSpace signature verification expects the complete certificate > chain to be available in the KeyInfo/X509Data element within consecutive > X509Certificate elements. AFAIK this is not supported by XML-Security > and [2] contains the patch for this as well. > > I will send a proper patch to the xml-sec list for us to be able to > depend on the xml-sec trunk! > > Thanks, > Ruchith > > p.s. > > - *Please* make sure the build doesn't fail before you commit! > - Please upgrade to maven-2.0.6 > > [1] http://forums.microsoft.com/MSDN/ShowPost.aspx?PostID=1488839&SiteID=1 > > [2] > http://dist.wso2.org/maven2/org/apache/santuario/xmlsec/534045-patched/xmlsec-534045-patched.jar > > > ------------------------------------------------------------------------ > > _______________________________________________ > Identity-dev mailing list > Identity-dev@wso2.org > http://wso2.org/cgi-bin/mailman/listinfo/identity-dev -- Sanjiva Weerawarana, Ph.D. Founder, Chairman & CEO; WSO2, Inc.; http://www.wso2.com/ email: sanjiva@wso2.com; cell: +94 77 787 6880; fax: +1 509 691 2000 "Oxygenating the Web Service Platform." _______________________________________________ Identity-dev mailing list Identity-dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/identity-dev
peter's picture

Identity Safety Tips

Submitted by peter on May 28, 2007 - 00:32.
Hi friends, One of the serious concerns is about identity fraud. In order to protect you i can show identity safety tips which can help you out..! In order to protect yourself from identity fraud and name theft, you must carefully protect your personal records, and pursue online activities with caution. There are a number of things to prevent this.