Developer extends Microsoft identity tech to Firefox

New Firefox extension implements the client interface of Microsoft's CardSpace identity technology

A developer has come up with an extension to Mozilla's Firefox browser that implements the client interface of Microsoft's CardSpace identity technology.

CardSpace acts like a wallet that holds a user's digital identity cards, which can be presented for authentication to Web sites and applications that request the credentials.

CardSpace is the client-side portion of Microsoft's Identity MetaSystem, which also includes back-end services and translation gateways. Web site operators will have to build support for CardSpace into their Web sites, which basically would be code that asks users to sign in using a CardSpace ID or other similar "identity selector" technology.

Kevin Miller, an independent solutions architect, released the code on Tuesday for Firefox running on the Windows platforms only.

Miller built the browser extension with a dependency on Microsoft's .Net 3.0 Framework, which will make it easier for developers to build identity services into their applications. But he did include the ability to plug in other identity selectors, by implementing the Cross Platform Component Object Model (XPCOM).

"Working with CardSpace was great. It was dead simple, and the documentation as easy," says Miller. "The only killer part was building the XPCOM component."

Miller says he is excited about CardSpace. "I think there is a ton of potential, and I'd like to see as many independent implementations as possible."

Miller built the extension on Windows XP SP2, and has tested it with Firefox versions 1.5 and 2.0. He also has tested it with Windows Server 2003.

The extension is fully supported by scripting, and, according to Miller's post on his blog, "seems to work pretty much exactly as the support in Internet Explorer 7.0."

Microsoft built its own CardSpace implementation on Internet Explorer 7.0 and released it with Vista in November.

Microsoft has said publicly for years that it was in talks with Mozilla and Apple about integration of CardSpace with their browsers. Just last month, Microsoft said it was working on a Firefox plug-in for CardSpace in its Open Source Software Lab that would be released eventually to the open source community. But it appears Miller may have beaten them to the punch, along with another developer named Chuck Mortimore, who has written a proof-of-concept identity selector, xmldap.xpi for Firefox.

"This is definitely in a beta stage," says Miller. "It's pretty good code, but I'm sure there are validations that I'm not catching, and there's a few clean-up things I'd like to do. I think that by the end of the year I should be happy with it. Chuck and I are discussing some ways to make our extensions complement each other, and I'm not sure how much time that will take, or how far we will go, so that might carry on for a while."

Microsoft officials said this summer that CardSpace could work with Firefox browser but that a third-party would have to develop an adapter.

While Microsoft has the client interface of its Identity MetaSystem out, on the server side it plans to release a technology called the Security Token Service (STS) that will be integrated with Active Directory.

STS, which will ship sometime after Longhorn Server is released late next year, is a lightweight gateway based on the WS-Trust protocol for servers and clients that negotiates the exchange of security tokens, such as Kerberos or the Security Assertion Markup Language.

Miller's extension, however, is not the only shot at bringing cross-platform support to CardSpace. This fall, Microsoft partner Ping Identity it would ship software being developed under the name Java InfoCard Server that would act as a sort of middleware to tie the Microsoft InfoCard technology, which is the building blocks of CardSpace, to non-Windows platforms.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

More about ACTAppleGatewayHISMicrosoftMotionMozilla

Show Comments