CardSpace Log-On to Web Services

CardSpace and the Windows Communication Foundation (WCF) messaging system support user log-on and data submission to Web services. Shown here is a diagram of a user logging on to an online map service from a map client application via WCF. The process proceeds as follows:

(1) The user requests map data from the map service in the map client application.

(2) The map client calls WCF to send a request to the map service.

(3) WCF looks up details about the map service to determine what kind of security token the service requires from users. A security token consists of elements called claims, which might include username and password, digital certificate elements, or other identifying information for the user, depending on the security token type. WCF calls CardSpace to get a security token of the type required by the map service.

(4) CardSpace prompts the user with the card-selection dialog box, showing cards that can be used to generate the required security token. The user selects a card from the list.