You might have noticed that sometimes the security token on xmldap's relyingparty is not valid. The conditions on the token are not met because the time on the server was about 30 minutes off.
Chuck corrected this immediately and I wanted to verify that the relyingparty there now accepts a security token produced by the latest openinfocard id selector. I quickly installed it, but booom; it failed.
The line of code in question was unnecessary anyway so I cleaned up the javascript quickly; transferred the code from my lab machine to my office machine. Now the installation of the xpi went through but this time the token produced was "undefined". Strange. I did tests this on my lab machine yesterday; so what is the difference between the two machines?
Well, it turns out that the office machine had version 1.0.6 of the CardSpace for Firefox extension. After updating it to the current version 1.0.9 everything now works fine. ... Well, the certificate on xmldap.org expired two days ago. Argh, will be fixed soon. Sorry.
That was a nice 5 Minute adrenalin shock.
Integrity Properties for Federations
2 weeks ago
1 comment:
I've got an expired certificate that I'm going to put up as an interop test right away too!
I've also got an out-of-time-token test to put up.
Too much fun!
Pam
Post a Comment