Sunday, November 19, 2006

Managed Card Support for Firefox

One more important update for the Firefox selector - With this new release, I've added a simple proof-of-concept around Managed Cards.

The Firefox selector now supports importing managed cards, and retrieving tokens from an STS. It only has support for Username/Password authentication over the simple TransportBinding (this means transport security rather than message level security) Also, I've only tested against the xmldap.org STS...it may work against other implementations, but I haven't yet focused on interop.

That being said, this now demonstrates a complete end-to-end exchange without any Microsoft components. An opensource STS issuing a token to an opensource Relying Party, via an opensource selector...all on a Mac.

Here's a screencast of how it works:



As always, the selector and source are available at http://xmldap.org

5 comments:

Anonymous said...

Um, so if I try to do the Firefox create/download cycle, then pat the nice doggie and get an error like:

Error:
Sorry - you'll need to POST a security token.

what have I missed in the process?

Anonymous said...

Um, so if I try to do the Firefox create/download cycle, then pat the nice doggie and get an error like:

Error:
Sorry - you'll need to POST a security token.

what have I missed in the process?

cmort said...

You'll need to make sure you have Java 1.5 installed on your system. Do you?

Anonymous said...

J2SE 1.5 update 10. Still no joy.

Loosened up restrictions on what Javascript can do, and on whitelisted xmldap.org for popups.

Still no joy.

Ideas?

-jml

cmort said...

hmmm...

I don't suppose you could open up the javascript console and see what the last things that are being logged?

also - what platform are you on?

sorry you're having trouble.