Setting up Infocard/ Cardspace Today I’m going to explain how to enable accepting CardSpace cards (formerly known as Infocards) on your website. This is a topic that took a little figuring out and navigating various documentation etc. so I figured I’d write it down as I’ll probably forget how to do it and need this in the future.
1) Enable SSL on your page – The Infocard ID selector only works for pages running under SSL. This means you need to purchase a certificate and install it on your web server. That’s easy. The hard part is figuring out how to create a test certificate for use on your personal web server. Turns out this is easy too. Download the "Internet Information Services (IIS) 6.0 Resource Kit Tools" HERE. Install it and then navigate to "C:Program FilesIIS ResourcesSelfSSL". Run "SelfSSL.exe" in that folder.
2) Install IE 7 – only IE 7 supports the Cardspace Info selector. Download IE 7 here.. There are some home-grown plugins you can find for FireFox but I will not focus on these for now.
3) Install the cert in your browser. Now you can launch your page under SSL using IE7. The browser bar at the top will turn pink as this site is running under a test certificate. If you try and launch the ID selector now you’ll get an error "An incoming identity could not be validated." The ID selector will then close. To fix this click "Certificates" button in the Browser Bar in IE 7. Click "View Certificates" then click "Install Certificate". Now you’ll be able to launch your ID selector.
4) The markup required on the page is just this:
<object type="application/x-informationCard" name="xmlToken">
<param Name="tokenType" Value="urn:oasis:names:tc:SAML:1.0:assertion" />
<param Name="requiredClaims" value="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" />
Then submit the form like this:
That’s it. You still need to parse the token (you can use the TokenHelper.cs Lab code for this). and so on but you now can launch the ID selector and have a nice test environment.