Shared Authentication for .NET, Java, PHP, Firefox, Safari, etc

September 25th, 2006

With so many ways to log into websites with unique accounts for each site there has been a growing need to provide a single sign-on solution which works across technology platforms. Some websites are based on ASP.NET or Java or PHP. And users may be using Internet Explorer, Firefox or Safari. Years ago Microsoft attempted to penetrate this space with Passport but was rejected due to concerns over privacy, security and the general uneasiness a company has about another company intervening between them and their customers. Now only Microsoft properties make use of Passport while banking and commerce sites have been using simple username and password mechanisms which do not nearly protect a user's identity as well as the solutions currently available.

Now an improved solution is taking hold which has addressed the privacy, security and identity ownership concerns. It is called InfoCard. And Microsoft's implementation is CardSpace. It will be included with Windows Vista and the .NET 3.0 framework, but what is really exciting about this identity management solution is that it is really catching on beyond the Microsoft realm.

Implementations for Java, PHP, Firefox and Safari are popping up with complete interoperability. The broad acceptance of this specification and integration into Vista will allow users to transparently log into your website after they first submit their InfoCard to the site. This means no more passwords for 1000 different websites!

The January release of Vista is still a ways off so much progress with the Java, PHP, Firefox and Safari solutions will come a long way before then.

What is truly exciting about InfoCard becoming so pervasive in various technologies is that it does solve the identity problem. Another use for it beyond website login systems is also spam protection. If your company can vouch for your idenitity, it means you can be trusted to send email to clients without it being blocked by a spam filter. The association of your identity to the email will automatically whitelist your messages so they can get through reliably.

As you look into how InfoCard works, you will see how it benefits from the proven public key encryption which makes SSL work. If you have an InfoCard through your company, and it becomes compromised, you can have it revoked and get another one issued. The revocation feature is what separates this solution from the commonly used username and password.

A very thorough video covers InfoCard on Channel 9.

« Visual Studio Tip #3: Delete the XMLNS attribute from your web.config
Robust Custom Profiles with ASP.NET 2.0 »

2 Responses to “Shared Authentication for .NET, Java, PHP, Firefox, Safari, etc”

  1. links for 2006-09-26 « Vinny Carpenter’s Link blog Says:
    September 26th, 2006 at 5:40 pm

    [...] Brennan’s Blog » Blog Archive » Shared Authentication for .NET, Java, PHP, Firefox, Safari, etc As you look into how InfoCard works, you will see how it benefits from the proven public key encryption which makes SSL work. (tags: authentication authorization security infocard java php .net browser) [...]

  2. Vinny Carpenter’s blog · Daily del.icio.us for Sep 26, 2006 Says:
    September 27th, 2006 at 9:38 am

    [...] Brennan’s Blog » Blog Archive » Shared Authentication for .NET, Java, PHP, Firefox, Safari, etc As you look into how InfoCard works, you will see how it benefits from the proven public key encryption which makes SSL work. (tags: authentication authorization security infocard java PHP .net browser) [...]

This entry was posted on Monday, September 25th, 2006 at 12:02 pm and is filed under microsoft, software, tech. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.