CardSpace - STS how to restring Relaying Parties

M

Marcin Daczkowski

Hello,
I am writing an application which uses CardSpace in order to provide
Single-Sign-On functionality. After investigating some samples I wrote
desired Security-Token-Service.

However, I have the problem with restricting issuing security token only to
registered relaying parties.

As far as I know that it is "out-of-box" functionality of CardSpace.
Unfortunatelly I cannot find any information/example how to do that. I mean
how to change my STS service policy (I use WCF in STS implementation) in
order to receive some RP credentials which I may check and compare to STS
registered RP list.

Thanks in advance,
Marcin Daczkowski
 
M

Marcin Daczkowski

I have found the answet to my quetion. To restrict RP one need to attach
RequireAppliesTo parto managed card. When it is done RST will contain
AppliesTo part with endpoint url and public key delivered in trusted way (I
suppose) so simple compare on public key can do the thing.

Marcin
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

CardSpace - another question 1
WCF secureConversationBootstrap? SCT? reqest @URL2 needs URL1's co 0
USB Security Keys are they a good idea ? 5
hello 2
Cryptic Studios Hacked? 0
Network access issue in Home Network 2
How to Enforce internet access through proxy setting only 2
proposed changes to UAC mechanism, RunAs, and documentation 3

Top