Skip to content

Windows CardSpace: FAQ for ASP.NET Developers



 

Few frequently asked question for ASP.NET developers:

  1. The Identity Selector dialog box is displayed only for SSL protected pages. Therefore you are required to deploy your application on a Web server and install a SSL Certificate.
  2. Windows CardSpace does not work with Self Signed Certificates and will die horribly. These certificates do not have CRL field. It contains a URL that CardSpace will check for the revocation list.
  3. For ASP.NET developers there is Toolbox control written by Christian Arnold. Add this to your Toolbox and you won’t need to write a single line of code. Watch demo.
  4. When you use CardSpaceLogin controls you must run application over SSL. The application pool also need to be run under Local Systems identify; otherwise w3wp.exe process will not be able to retrieve server’s private key. In such case you may end up with error stating Keyset does not exist. Note: This is not advisory if the application pool is shared with other Web applications. [ Edited: Refer Barry Dorrans comment for more details.]
  5. When using Information cards there is nothing like passwords.
  6. CardSpaceLogin controls are integrated with your identify providers such as Forms Authentication. For example: If you use Information Card to register a user, his details are reflected in the identify source.
Post a comment Trackback URI RSS 2.0 feed for these comments This entry (permalink) was posted on Tuesday, June 19, 2007, at 11:57 pm by Ankit. Filed in .net 3.0, Microsoft, Programming/Code and tagged , , .

3 Comments

  1. barryd

    On point 4; no. Never ever do this. ASP.NET is not run as LocalSystem for very good reasons, it’s as high in the security context as you can get, and should IIS be compromised your entire machine is then wide open.

    Instead run your process as normal (Network Service or a custom account) and grant read access to the SSL certificate instead.

    I’ve put together the steps you need to take on my blog this afternoon; http://idunno.org/archive/2007/07/01/giving-your-web-site-process-access-to-your-ssl-certificate.aspx

    Posted on 01-Jul-07 at 8:49 pm | Permalink
  2. kapil

    i am making a website for our school . sir please tell me how to provide the facility to download application form. mean how to create download option in asp.net 2.0 with c #

    Posted on 08-Sep-08 at 1:31 pm | Permalink
  3. ds r4

    Thanx for the information and the links. I was facing a problem at SSL certification with hotmail server for address-book retrieval. This post gave me some helpful idea.

    Posted on 03-Oct-09 at 11:13 am | Permalink

Post a Comment

Your email is never published nor shared. Required fields are marked *
*
*

*
To prove you're a person (not a spam script), type the security word shown in the picture.
Anti-spam image