Home » Digital Identity, Things I've Made

CardSpace Simple STS Bug + Fix

25 October 2006 One Comment

If you’ve downloaded the Simple STS sample from the NetFX3 website over here:
http://cardspace.netfx3.com/files/folders/samples-july-ctp/entry5204.aspx
You’ll find the sample does not run out of the box. When generating managed cards you get the error "Can’t find claim specification for [http://schemas.microsoft.com/ws/2005/05/identity/claims/givenname]"

This is because CardSpace claims have recently been updated to use the xmlsoap.org namespace. Update any references you find to http://schemas.microsoft.com to http://schemas.xmlsoap.org for the fix.

Here’s what the updated FabrikamUP.ini file should look like:

-====================== CUT BELOW ===============================-
[CARD]
; type is one of UserNamePassword,KerberosAuth,SelfIssuedAuth,SmartCard,
TYPE=UserNamePassword

[Details]
Name=My Card (U/P backed)
ID=http://www.fabrikam.com/card/unpw/randomnnumber123
version=1
image=imagesfabrikam.jpg

[Issuer]
Name=Fabrikam Auto Group
Address=http://www.fabrikam.com:3074/sts
MexAddress=https://www.fabrikam.com:4074/sts/mex
PrivacyPolicy=http://www.fabrikam.com/PrivacyPolicy.xml
; certificate should be either a STORELOCATION/STORE/Subject name
; or
; c:pathtocert.pfx — in which case you also need a CertificatePassword=
Certificate=LOCALMACHINE/MY/www.fabrikam.com
;CertificatePassword=foo

[Claims]
; add claims required for card. standard (self issued) are listed below.
; keynames are not important (just don’t duplicate them)
1=http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname
2=http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname
3=http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress
;3=http://schemas.xmlsoap.org/ws/2005/05/identity/claims/streetaddress
;4=http://schemas.xmlsoap.org/ws/2005/05/identity/claims/locality
;5=http://schemas.xmlsoap.org/ws/2005/05/identity/claims/stateorprovince
;6=http://schemas.xmlsoap.org/ws/2005/05/identity/claims/postalcode
;7=http://schemas.xmlsoap.org/ws/2005/05/identity/claims/country
;8=http://schemas.xmlsoap.org/ws/2005/05/identity/claims/homephone
;9=http://schemas.xmlsoap.org/ws/2005/05/identity/claims/otherphone
;10=http://schemas.xmlsoap.org/ws/2005/05/identity/claims/mobilephone
;11=http://schemas.xmlsoap.org/ws/2005/05/identity/claims/dateofbirth
;12=http://schemas.xmlsoap.org/ws/2005/05/identity/claims/gender
;13=http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier
4=http://my-uri.com/test

[http://my-uri.com/test]
display=My Super Claim
description=A claim for all to see

[TokenTypes]
; add token types.
; keynames are not important (just don’t duplicate them)
1=urn:oasis:names:tc:SAML:1.0:assertion
;2=http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1

[Token Details]
RequiresAppliesTo=false

[Credentials]
; if the Auth type is UserNamePassword the value is the Username
; if the Auth type is SmartCard the value is the Certificate Path(Localmachine/my/www.fabrikam.com), hash, filename (in which case you may need certificatepassword=)
; if the Auth type is SelfIssuedAut the value is the PPID
value=FrankLee
Hint=Enter your username and password

-=================== CUT ABOVE =====================-

One Comment »

Leave your response!

Add your comment below, or trackback from your own site. You can also subscribe to these comments via RSS.

Be nice. Keep it clean. Stay on topic. No spam.

You can use these tags:
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

This is a Gravatar-enabled weblog. To get your own globally-recognized-avatar, please register at Gravatar.