Asp.Net components and Internet solutions
Quality Data
  Shopping Cart
Home | Products| Support| Downloads| Contact Us| Your account

Support Information Cards on your Asp.Net website!

CardSpace Control Links
Introduction
Supporting Information Cards
Database elements
Decrypt Information Cards
CardSpace Control
CardSpace Button Control
CardSpace Login Control
ManageCards Control
CardSpace Sign-In Control
Documentation (API)
Download the Controls

New!

Update your web pages just by sending Email


Send2Page Control »



How to Support Information Cards on your Asp.Net website!


If you wish to allow membership users to sign in to your web site using self-managed information cards, then the CardSpace Controls for Asp.Net can help to alleviate much of the work.


Before Getting Started
  1. Information Cards must be transmitted over SSL
    The object tag that activates the client-side card selector will only work if the page is being transmitted over a secure channel. Therefore your site will need an SSL certificate.

  2. Access to the SSL private key is required to decrypt information cards
    Submitted claims are encrypted before they are sent to your site. In order for the Card Space Controls to decrypt them, the security context (usually the Network Service Account) requires read permissions to the private key of your SSL certificate.  Find out how to decrypt information cards

The implementation described below will allow your existing Asp.Net membership users to associate one or more cards with their account then use those cards to log in thereafter.  When the CreateNewAccount" control becomes available, their experience will be even better.


Start by adding the CardSpace Controls to the Visual Studio Toolbox.

Right-click on the Toolbox and click "Choose Items..." from the context menu. In the "Choose Toolbox Items" dialog, browse to the folder where you installed the CardSpace Controls and select the assembly, QualityData.CardSpace.dll.


Drag and drop the CardSpace Login Control onto your Login Page.

Remember that your Login Page must use SSL. Also, since the CardSpace Login Control includes an HTML button with embedded HTML tags, it is necessary to set ValidateRequest attribute in your page declaration directive to false.


Drag and drop the CardSpace Manage Control onto an Account Maintenance Page.

This would be one of the pages that your membership users can only access once they have logged in. Again, it will need to be displayed using SSL and will require that ValidateRequest is set to false. 


Ensure that your database has the required additional table/stored procedures.

If you are using SQL Server Express in User Instance Mode (the default), then the various CardSpace Controls will be able to create the table/stored procedures automatically - no action should be required on your part.  Otherwise, you may run the CardSpaceControls.sql script (installed by Setup) to create the table/stored procedures.


Give read permissions to the Private Key of your SSL Certificate

Use Microsoft's "FindPrivateKey.exe" utility to locate the specific file on your server that contains the SSL Certificate. Right-click on this file and "Network Service" to the list of accounts that have read access to this file.





Done!

Hopefully, you will find these steps to be fairly straightforward. For assistance and additional details, please visit our Support Forum. The complete API for the CardSpace Controls is available here.

Tel: (407) 253-2266 | Home | Site Map | Contact us
(c) 2006, Quality Data, Inc.  All Rights Reserved | Legal | Privacy
Quality Data