Monday, May 01, 2006

Firefox Identity Selector

I've just posted a prototype identity selector for firefox, which allows you to login to infocard enabled sites, without infocard, or even windows.

You can download it here: http://xmldap.org/xmldap.xpi

In order to get started, download and install the extension, and then browse over to one of the public relying parties. It also requires that you have a JVM installed, which you can pick up from java.com if need be.

Please note that this is of alpha quality. It only supports Self Asserted tokens, and many other desireable features have not been implemented. However, it should provide the based for some interesting discussions at IIW this week.

Enjoy, and please send feedback.

[Update: There seems to be a small bug with selecting cards. If you click on a card to select it, and its values do not fill in on the right side of the screen, then click it again until they do. If you attempt to submit with blank values it won't work]

[Update: Also - keep in mind that I haven't figured out how to make the Firefox warning that a plugin to handle the infocard object isn't installed. Simply ignore this, and please send me a note if you know how to make this go away]

15 comments:

Superpat said...

It works - see!

Nice work, Chuck!

nelson said...

don't work here :(
When enter in some of the test pages, a popup appear to install a missing pluging, but nothing happen....

I'm using Firefox 1.5.0.3 in Windows XP SP2 with a fresh profile.

I have the followings extensions intalled:

DOM Inspector 1.8.0.3
Talkback 1.5.0.3
Webdeveloper 1.0.2
Javascript debugger 0.9.87
XMLDAP Indentity Selector 0.1

nelson said...

don't work here :(
When enter in some of the test pages, a popup appear to install a missing pluging, but nothing happen....

I'm using Firefox 1.5.0.3 in Windows XP SP2 with a fresh profile.

I have the followings extensions intalled:

DOM Inspector 1.8.0.3
Talkback 1.5.0.3
Webdeveloper 1.0.2
Javascript debugger 0.9.87
XMLDAP Indentity Selector 0.1

cmort said...

Hi Nelson...

As noted in this posting, I haven't yet figured out how to disabled the warning that a plugin is missing. However, despite this message, you should still be able to invoke the plugin. Simply click on the picture that is asking for the card, and the selector interface should invoke.

Antoine Galland said...

You need to set a master password in FireFox:
Tools -> Options -> Privacy
Set/Change Master Password
(restart)

If you don't have one, the selector doesn't show up. It was the case for me before settings a master password.

Anonymous said...

doesn't work on Ubuntu 6.06 Beta 2

sun-java5-plugin installed from official repos, set my firefox master password, restarted, clicked send my info card, entered master password & the password dialog just stays there until I kill firefox.

Anonymous said...

any update on this?
inquiring minds want to know!

cmort said...

At the moment, I'm far too busy with my new job...

http://www.reardencommerce.com

Relaxedguy said...

The link to the extension is broken.

Daniel Marchant said...

Very interesting... Good to see you are coding

Anonymous said...

hi,
i am trying to write some small app on identity selector.. i am using opensaml to generate the saml token and xml encryption to encrypt.. the token.. but i am having problems.. when i am signing my saml token... it's giving me digest error.. and also xml encryption is also giving me tough time.. is these libraries you used or any other.. any help will be greatly appreciated..
thanks

cmort said...

Actually, the code for SAML and DSIG in my implementation is all homegrown.

If you'd like to check it out, you can fine a link to the opensource project at http://xmldap.org under the "Code and Bits" section

Anonymous said...

hi..
i checked that code..but i don't know i can use that code.. is it possible to develop smillar token you are generating using opensaml and xmlsignatures..

thank you.

cmort said...

I haven't tried, but its quite likely you'd be able to do this with opensaml. The SAML assertion used is fairly vanilla.

As far as using 'xmlsignatures' I'm not sure what you mean...this is using xml dsig, it jsut happens to be my own impl. Haven't tried with apache or anything myself.

My code should help you know what to do at least. Its bsd license do feel free to use it.

Drop em a line at cmort at xmldap.org if you'd like to discuss further

Anonymous said...

Thanks for the help, i'll keep you posted about my development .