You might have guessed by now, but I'm pretty keen on the
xmldap identity selector. Most of the time I am running Fedora 6 with firefox and this was the first functional selector available for that platform. I have played with some others (also yet to be released) but until I find a compelling reason to switch, I am going to stick with this one.
Now, granted it is still a work in progress and bugs are to be expected, but it really drove me crazy this past month while I worked on the code for my
managed card demo (the Microsoft Cardspace selector btw worked flawlessly). As of this time, the current xmldap selector doesn't seem to work with managed tokens. I have filled a
bug report with a proposed fix, and until it is either fixed or I find out that I am doing something terribly wrong and its not the selectors fault, I am making available an unofficial 0.9.2 selector containing that one change (meaning with it you can use my demo).
Unofficial xmldap-0.9.2-cdata selector:
You can download it here:
xmldap-0.9.2-cdata.xpi.
Now, my initial problems began prior to this bug. After my code created the managed token, I could not for the life of me get the selector to create a card based on it. Unlike Cardspace, which thankfully logs all the errors in the event log, this selector did not make a peep. It simply would not do anything after selecting the card from the filesystem through the selectors gui. This is where opensource really shines. I was able to open up the xpi, enable debugging and add some additional debugging routines for myself. Come to find out the card I was creating contained a BOM. There is nothing wrong with this, perfectly valid with XML documents and worked fine with Cardspace. The xmldap selector however craps out bad. Once making sure the created cards did not contain a BOM, I was back on track.
My next problem had to do with my testing. I was repeatedly installing cards to test out the affects of some of the optional fields from the managed card structure. The problem now ended up being that the selector doesn't update the cards (based on the card ID and the version). I ended up with a store containing a good number of the same card. This really wouldn't have been so bad except once this happens, it seems like the selector gets confused making it impossible to selecting any of those cards (my other self asserted cards still worked fine). Again, thanks to the wonders of opensource, I saw that the store was an XML file located within my firefox profile. I was able to open it up, remove the offending cards, and start again. With a single card for my demo system in my store, I was now ready to fully try out the relying party.
Ok, next roadblock (and this was the big one). When submitting my card to the RP, the token is retrieved so my username and password are required. Things were looking good until I got a big popup on the screen with a Java exception error. Something about a chainLength. This one took me a good few days to find out what was going on, which ultimately lead me to that bug report and the code change. Hopefully that patch is correct as this was the only problem that I could not work around on my side and had to modify the selector code itself. Again, feel free to try it out:
xmldap-0.9.2-cdata.xpi. It is a copy of the xmldap released version with that one line added to the infocards.js file.
The majority of people using/playing around with Information Cards seem to be using Microsoft CardSpace as their selector. That's not surprising since it is pretty much the de-facto standard for selectors and, as people always hear me remark, it's really
Tracked: Oct 02, 12:53