Re: [higgins-dev] TS setup and configuration

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]

Re: [higgins-dev] TS setup and configuration

From: "Daniel Sanders" <dsanders@xxxxxxxxxx>
Date: Wed, 28 Mar 2007 17:03:35 -0600
Delivered-to: higgins-dev@xxxxxxxxxxx
List-archive: <https://dev.eclipse.org/mailman/listinfo/higgins-dev>
List-help: <mailto:higgins-dev-request@eclipse.org?subject=help>
List-subscribe: <https://dev.eclipse.org/mailman/listinfo/higgins-dev>, <mailto:higgins-dev-request@eclipse.org?subject=subscribe>
List-unsubscribe: <https://dev.eclipse.org/mailman/listinfo/higgins-dev>, <mailto:higgins-dev-request@eclipse.org?subject=unsubscribe>

Andy,

Several suggestions:

1. Have you looked in the system log to see what errors CardSpace is logging? Sometimes you can get more information about what is wrong from the system log.

2. Make sure in your call to the card generation function you are passing in a Java key store that has the correct private/public keys - might be something wrong there.

3. If you want to, send me your card and I will see if I can see what is wrong with it. -- The Wag site is using older card generation code (probably several months old). We have not started using the newer card generation code.

4. It strikes me that the namespace issues really are important (ic:InformationCard vs. InformationCard), but the message you are getting back doesn't seem to be complaining about that.

Daniel

>>> <andy.dale@xxxxxxxxx> 3/28/2007 4:39 PM >>>

Hi All,

Here at ooTao we have been trying to setup and configure the Higgins Token Service... With some success.

We have the service built and deployed and we are able to go into the user interfaces and create subject profiles and modify them. We are also able to go to the 'Generate Card' page and download a .crd file.... That's the good news. The bad news is we can not import the card into CardSpace (Windows XP). On the same machine I can import a card from wag.

When we try to import our card we get the message:

"Windows CardSpace encountered an error when verifying the identity of the site and cannot continue."

Same error occurs for

1) Username Token

2) Self Signed SAML Token

By watching tcpmon we are fairly sure that this is a problem contained within the .crd file itself as no network traffic is being generated prior to the error message.

Our token service is deployed at:

https://ts.ezibroker.net/TokenService/

FYI: The SSL Cert we have on this site is a wildcard cert ( *.ezibroker.net ) from Digicert

One thing that we aren't sure about is if this might be an issue.

We have compared the .crd file from WAG with the one generated from our service and have found them to be structurally equal, baring a few differences in things like 'supportedClaims'; which one would expect. and some namespace notation differences ( e.g. ic:InformationCard vs InformationCard )

Any help or guidance would be appreciated.

Andy Dale
ooTao, Inc.

Phone: 877-213-7935
Fax: 877-213-7935

i-name: =Andy.Dale
http://xri.net/=andy.dale

***************************************************************************
If you don't have an i-name yet use this link to visit one of our partners and buy one:

http://www.ezibroker.net/partners.html

***************************************************************************

Follow-Ups:
- Re: [higgins-dev] TS setup and configuration
  - From: Michael McIntosh
- Re: [higgins-dev] TS setup and configuration
  - From: andy . dale

References:
- [higgins-dev] TS setup and configuration
  - From: andy . dale

Prev by Date: [higgins-dev] Higgins Thu noon ET dev call - Draft Agenda
Next by Date: Re: [higgins-dev] TS setup and configuration
Previous by thread: [higgins-dev] TS setup and configuration
Next by thread: Re: [higgins-dev] TS setup and configuration
Index(es):
- Date
- Thread

Breadcrumbs