CardSpace Authentication Using WSO2 Identity Solution

WSO2 Identity Solution provides a set of components to enable CardSpace authentication on various platforms. This 3-hour course is designed to provide an understanding of CardSpace authentication protocols and how to use Identity Solution components.

Following objectives will be covered during the training.

1. Understand CardSpace authentication basics
2. Learn how to use WSO2 Identity Solution's relying party components to enable CardSpace authentication on a web application and to be able to issue custom managed tokens using the Identity Provider.

You can register for the training from here and will be conducted on 31st Jan 2008, from 9.00 am - 12.00 noon (PST). Hurry up to secure your place...!

Mooshup goes LIVE!







Mooshup.com, a community of mashup authors, where they can develop, share, discover, and run Javascript-powered mashups, launched couple of hours ago.

Mooshup.com, powered by WSO2 Identity Solution, uses InfoCards to signup/signin.

Have a GO!

Blogger, an OpenID Provider








Blogger in draft, announced it's support as an OpenID Provider [OP], last Thursday.

I discussed in this post, how to turn your blog Url to your OpenID - now, Blogger it self is an OP.






You can enable OpenID support by editing your profile on draft.blogger.com.

idproxy.net








Almost an year ago, idproxy.net announced it's approach to use the Yahoo! account as an OpenID. In simple words, you login to idproxy.net, with your Yahoo credentials and in return you get an OpenID [say, for example: prabath.idproxy.net].

idproxy.net also introduced different means of OpenID phishing resistance mechanisms.

With SafeSignIn, idproxy.net does not let RPs to redirect the user directly to the authentication page at the OpenID Provider[OP] end.Instead, once redirected to the OP, it displays the following.






The message reads, you need to first login to the OP, that is the idproxy.net, and then approve the request by the RP.

Well, with Yahoo! it self comming in to the OpenID business, role of idproxy.net is under threat.

Yahoo! Sign-In Seal to protect OpenID phishing

Phishing, technically goes against OpenID - despite the OpenID's attempt is not to add phishing resistance login. But, there are many approaches to deal with this.

SeatBelt plugin for Firefox is one of them. This is basically at the client side.If you care not to let the rest to steal your credentials, protect your self!

Integrating OpenID with CardSpace is another approach.This has to be supported at the OpenID Provider[OP] end. myOpenID already supports this and I explain what you need to know on this in this post.

Another approach is, always let your clients approach the OP through a bookmark or simply typing the url on the browser. This is known as, "SafeSignIn".

Yahoo! - with it's OpenID support will use it's already existing phishing resistance mechanism to deal with OpenID phishing.

Yahoo! Sign-In Seal will let you create a customized login page for you.

Mine is the above image.

You can create your own Sign-In Seal with a photo or a text which is well-known to you - so each time you present your credentials, look for the customized text or the image.

Yahoo! meets OpenID

A month ago Google added OpenID support for Blogger blogs - where now you can comment on any Blogger blog with your OpenID. My previous post explains more on that.

Now, we are in to another BIG thing. Here comes Yahoo! with OpenID support. Yahoo! plans to make their OpenID service available in public beta on January 30th.

With the OpenID support , Yahoo! will act as both an OpenID Provider [OP] as well as a Relying Party [RP] - so you can use your OpenID obtained from Yahoo! OP to login to any web site accepts OpenID - yeap, you can comment on Blogger blogs with your Yahoo OpenID.

Possible OpenID projects

[Please click on the image to enlarge]

OpenID logo reborn

Following changes were made:

-Added gap around ascender for small and single-color reproduction.
-Gap increases in size when shape is scaled down.
-Stem: Increased ascender height; reduced isometric perspective.
-Arrow: Rotated, reshaped, non-square.
-Type: Increased letter-spacing; Helvetica Neue Regular (vs Light).
-Color: Darker gray for curve/arrow; Pantone DS 32-1 C for stem; black for type.

Experience it yourself, following links will help:

- http://shaderlab.com/openid/v3/openid-logo-v3-large.pdf
- http://shaderlab.com/openid/v3/openid-logo-v3-small.pdf
- http://shaderlab.com/openid/v3/openid-logo-v3-large-mono.pdf
- http://shaderlab.com/openid/v3/openid-logo-v3-small-mono.pdf

WS-Trust - Under the Hood

Available on Channel9.