Using the Simple STS - Managed Card
I’m following the sample/document ‘Using the Simple STS’ and running into an issue. It’s probably something very basic that I have missed but I don’t seem to be able to figure it out.
In a summary when I try to run the managed card scenario, I get the error ‘Identity provider end point was not found’ in the event log.
This is what I have done.
Upgraded the machine to have IE7, Cardspace etc.
Downloaded and unzipped the latest ‘Simple STS example’ (with the 2 errata fixed).
Made the change to handle the errata mentioned by SoftwareMaker (commenting out extra claims).
Ran the install script to set up websites, certs etc.
Compiled the SecurityTokenServer.csproj to get the SecurityTokenServer.exe.
Pressed ‘Click here to get the token’, selected a self-issued infocard and pressed ‘Click here to send the card to the server’.
I edited the FabrikamSelfIssued.ini with the PPID from the previous step, created a .crd using CardWriter and installed it.
Started the SecurityTokenServer.exe (get the exact console output as mentioned in the document….listening on 7000 and 7001).
However I get the error that the ‘Data could not be retrieved from the Managed Card Provider’. In the event log, I see the message “There was a failure making a WS-Trust exchange with an external application.The Identity provider end point was not found.”.
I can access the url :http://www.fabrikam.com:7000/sample/trust/selfissuedsaml which makes me thing that the service is running.
Appreciate any help.
Thanks,
[5526 byte] By [
itickr] at [2008-2-7]
In order to make a connection with STS CardSpace needs to perform some metadataexchange, which is done using https. I think that problem you are experiencing is due to failure to make https connection. You can solve this problem in two ways:
1.) Convert "Simple STS" to run as a web service under IIS
2.) Configure https as described in additional errata found on "Simple STS" download page:
Errata #2:
if you downloaded the sample before 8:30AM PST AUG 22 2006, there script to set the SSL Certificate is missing:
httpcfg
set ssl -i 0.0.0.0:7001 -h "d47de657fa4902555902cb7f0edd2ba9b05debb8"
Thanks. Ran httpcfg and it worked.
I downloaded the sample yesterday and assumed that the errata #2 has already been incoporated. May be I had an old copy.
I have exactly the same issue on the sample STS downloaded 28/05/2007!
I am not sure about running httpcfc as am on on XP and this is a Windows server 2003 utility?
Does anyone have any useful suggestions?
Thanks
Adrian
OK
I have go a bit further so here is an update of what I have done
Download the XP diagnostics tools at http://ms.helifan.net/downloads/details.aspx?FamilyId=49AE8576-9BB9-4126-9761-BA8011FABF38&displaylang=en
Install with the complete option - this installs the httpcfc utility
Run the command line above - but remove the spaces between - i and - h or it wont work!
Reboot !
The demo then works to that last step (i.e. contacts th STS sucessfully). It then fails with "server error in Cardspace application http://schemas.xmlsoap.org/ws/2005/05/identity /claims/givenname not found"
As before - any help appreciated!
OK
So here is some - comment out the offending lines ogf code in the TokenProcessor class as described on this thread http://forums.microsoft.com/MSDN/ShowPost.aspx?PostID=653995&SiteID=1
Token token= new Token(xmlToken);
//givenname.Text = token.Claims[ClaimTypes.GivenName];
//surname.Text = token.Claims[ClaimTypes.Surname];
//email.Text = token.Claims[ClaimTypes.Email];
ppid.Text = token.Claims[ClaimTypes.PPID];
uid.Text = token.UniqueID;
Now all I need to do is figure out whats actually going on in the STS and how to populate tokens etc. If anyone has any good resources (other than the sample sts source code) please let me know.
Cheers
Adrian
