I (with help from the Cowboy) have been working for the last several weeks on a Firefox extension to implement Windows CardSpace. It's still got a few rough edges, but should work in most cases.
You can download the extension here for now. I'll jump through the hoops over at addons.mozilla.org this week, and hopefully it will be available there soon. I'll post an update when it is there. I've also set up a project over at Codeplex (as mentioned briefly in my first post), and will get the code posted there in the next day or so.
You can test this extension at https://www.xmldap.org/relyingp
There are a few differences between Chuck’s and mine, but the significant one is support around scripting; I’ve made it a priority to have 1:1 features with IE.
For those of you who wandered in and aren't sure what CardSpace is, you may wish to check out Kim Cameron's blog, or go straight to the CardSpace website.
I will post some usage samples shortly, but in this post I'd like to list what is and isn't covered.
Feature List:
- Support for both the <object> and <ic:informationcard> syntax.
- Support for both JavaScript invocation (using xmlToken.value) and <form> posting (both implicit and using form.submit() ).
- Supports object parameters required for the selector . These are scriptable, and most are read/write. I've tried to validate these as much as possible. I'm sure testing will turn up cases I've missed, so I expect this code will need to be updated as items are found. See more details in my post containing samples.
- This should support all certificates that Firefox supports.
- Pluggable identity selector. The extension creates an XPCOM Interface for Identity Selectors, of which I’ve implemented one that calls Windows CardSpace, and the end user can switch between them (right now, you have to change a pref in about:config , but I’ll add in an options dialog soon).
- Error objects should be identical to the IE implementation (for ease of cross-platform web development)
- Uninstalls!
To-do list:
- It currently fails against the CardSpace sandbox. Garrett is pretty sure that this is a problem on the sandbox side, and I sure hope he's right. He's looking into it.
- Testing. I've built this on XP SP2, and tested with FF 1.5 and 2.0. I've also tested from Server 2003. I will continue to test with various setups.
- Cross platform work. This is a Windows implementation. With a Identity Selector on another platform, this may work, but I’ve done no testing yet.
- Make the pluggable Identity Selector switchable from the options dialog.
- Improve security (look for out of domain IFrames, etc)
- Detect for .Net 3.0. Currently it simply fails.
In addition to getting the source code posted and submitting this to Mozilla, I will follow up here with a few more posts. I'll get into the code with you and describe how it all fits together. This is my first extension, so I'm sure there will be opportunity for improvement. Please feel free to send me your comments or suggestions.
Many thanks to some of the Microsoft folks who answered my CardSpace questions, and in particular to the CardSpace Community Program Manager Garrett Serack, who not only pointed me in the right direction when I was stuck, and provided me the sample code to call CardSpace from C++, but also restored my motivation to get it working. Thanks also to the many folks hanging out in the Mozilla #extdev IRC channel. And thanks to Kim Cameron and Chuck Mortimore. While I didn't talk to these gentlemen over the course of writing this, I think I've read everything they've written on this subject.
LINKS:
http://perpetual-motion.com
http://fearthecowboy.com –Garrett Serack’s Blog
http://identityblog.com –Kim Cameron’s blog
http://xmldap.org – Chuck Mortimore’s site
posted by Kevin at
2:41 PM
<< Home