CardSpace Managed Card Generator and Test Harness with Public STS
Tonight I launched a simple CardSpace Managed Card Generator and Test Harness. It lets you generate a managed card, with whatever claims you’d like and then generate a test harness form for that card.
The card can then be used to obtain claims from a Simple Security Token Service. Lastly, these claims can be consumed and parsed out to complete the end to end process.
This might seem like a trivial exercise but I have not come across any other publicly available service that demonstrates the end to end flow for Cardspace MANAGED cards or one that lets you play with the claims, generate your own Cards or build your own Relying Parties against an STS in this manner.
As such I think it’s a useful learning tool. I know I learned a lot from it. I didn’t build all of this, a lot of it is hacked together from samples available at http://cardspace.netfx3.com. There were some challenges in getting it to work on an external host (vs localhost). I hope it’ll benefit the Identity Community in some way.
You can try it out at https://francisshanahan.com/cardspace
and the sample Security Token Service is here http://francisshanahan.com/sts/fssts.svc.
This code has been verified working as recently as April 2009.
Not bad.Thanks for putting this up. What host are you using and what’s involved in deploying the sts??? Are you using wcf?v?
Hi Kevin, I’m using WebHost4Life as my host and have found them quite good to work with. They were willing to help me setup my x509 Certificate and grant the appropriate ACL rights for example.
Regarding the STS I’m using the Sample STS as a baseline from nefx3.com and have extended it to map the RST to the RSTR. I also used Martin Parry’s DisplayToken piece.
Hope that helps.
What is this thing exactly?
Way cool. Thx, I’m gonna use this to demo for the folks in my co.
Will you make the source available?
Tom, most of this source is available on NetFX3, I simply deployed it and added a bit to parse out claims to the STS. I may look to document some of the gotchas in setting it up if there’s interest.