Published on WSO2 Oxygen Tank (http://wso2.org)

[Identity-dev] Our cards can be imported now!

By ruchith
Created 2007-05-01 07:52

Hi Devs,

Thanks to the help of the folks at MSDN "CardSpace" forum [1] the
InfoCards that our API produces can be imported into the MSFT CardSpace
identity selector now!

However we have a couple of issues related to Apache XML-Security:

1.) MSFT CardSpace expects the card not to contain any newlines between
elements. Apache XML-Security adds a lot of whitespace and we are using
a patched version of it. We have the jar uploaded here in the wso2 mvn2
repo[2].

2.) CardSpace signature verification expects the complete certificate
chain to be available in the KeyInfo/X509Data element within consecutive
X509Certificate elements. AFAIK this is not supported by XML-Security
and [2] contains the patch for this as well.

I will send a proper patch to the xml-sec list for us to be able to
depend on the xml-sec trunk!

Thanks,
Ruchith

p.s.

- *Please* make sure the build doesn't fail before you commit!
- Please upgrade to maven-2.0.6

[1] http://forums.microsoft.com/MSDN/ShowPost.aspx?PostID=1488839&SiteID=1

[2]
http://dist.wso2.org/maven2/org/apache/santuario/xmlsec/534045-patched/xmlsec-534045-patched.jar

Source URL:
http://wso2.org/forum/thread/1138