Catálogo de publicaciones - libros

Over the past year, I’ve spent a significant amount of time working with enterprise customers interested in leveraging the .NET Framework 3.0 in their businesses. Specifically, I’ve worked with them on architecting systems that leverage Windows Workflow Foundation (WF), Windows Communication Foundation (WCF), and Windows CardSpace.

Now that I’ve covered the basics of authentication, authorization, and federation, it’s time to dive in and start using CardSpace. In this chapter, you’ll take a tour of CardSpace and become familiar with it from a user perspective.

When I first joined Microsoft, it was as a principal consultant for Microsoft Consulting Services. For two years, I worked for the company’s Caribbean and Central American subsidiary and was based out of the island of Puerto Rico. Although I’d studied Spanish in high school, it had been more than a decade since then. During my time in Puerto Rico, I discovered or relearned a number of Spanish words.

As you saw in Chapter 2, Microsoft provides an identity selector in CardSpace as well as a Security Token Server (STS) for issuing personal cards. These are provided as part of the .NET Framework, and Microsoft has also enabled its web browser, Internet Explorer, and its services stack, Windows Communication Foundation, with mechanisms to interact with the identity selector.

Earlier in the book, you created your own personal card and accessed third-party sites that use CardSpace and information cards. By the end of this chapter, you’ll have working code that can serve as an example of how to accept CardSpace cards on your own site.

In Chapter 1, I introduced the concept of authentication. ASP.NET has several built-in options for authentication. The default is Windows authentication, which utilizes the same credentials as those used to log in to your Windows computer or network. In this chapter, you will use forms authentication. As the name implies, forms authentication requests authentication information from users via a form, as shown in Figure 6-1.

In this chapter, the focus moves to the development of what is referred to as . Although there is no question that CardSpace in the browser is important and will be the most widely used scenario in CardSpace 1.0, there is a strong direction toward building applications that combine a rich user experience and local resources and is augmented by services in the “cloud.”

The previous chapter introduced you both to Windows Communication Foundation (WCF) and to how to secure WCF services with information cards. This chapter continues the exploration of using WCF and information cards and shows how to create service-powered smart clients.

In the past five years, self-publishing on the web—including blog postings, podcasts, and videos—has exploded. Whether it’s hosting a personal blog or posting video to a site such as YouTube, the creation and sharing of content is changing the content communication landscape. This was so prevalent in 2006 that magazine named You—as in you, the self-publisher—as Man of the Year.

Thus far in the book, I’ve focused primarily on two participants—the owner of an information card and the relying parties (RPs) that would accept that card. Starting with this chapter, the book will begin to focus on the third perspective—that of the identity provider.