Project Home Page
For everything Information Card Ruby, visit http://www.informationcardruby.comWhat is Information Card Ruby?
Information Card Ruby
provides a rails plugin
and supporting library for integrating personal information cards
to your Ruby on Rails
relying party web application. In the Identity Metasystem, an application that requests and consumes digital identities about an individual is called a relying party. As we develop and learn from this project, Information Card Ruby will generate a developer guideline for integrating information cards to your rails website, much in the spirit of Accepting Information Cards to your ASP.NET site
- if we have done the plugin right, this guideline will be short and sweet.Project Contributors
Information Card Ruby is an open source collaboration project driven by: Microsoft
What is CardSpace?
| || |
|Microsoft is the project sponsor and being CardSpace experts, provides architectural guidance and best practices in the Identity MetaSystem.|| ThoughtWorks is actively involved in some of the world's leading Ruby projects and is excited to be driving the development on Information Card Ruby.|
In the Identity Metasystem, there are several players including the user
, the identity selector
and the relying party
. This project allows a relying party
(your website) to accept and process information cards from a user
"Windows CardSpace is a piece of client software that enables users to provide their digital identity to online services in a simple, secure and trusted way. It is what is known as an identity selector
: when a user – or subject – needs to authenticate to a website or a web service, CardSpace pops up a special security-hardened UI with a set of “cards” for the user to choose from. Each card has some identity data associated with it – though this is not actually stored in the card – and has been given to the user by an identity provider such as their bank, employer or government. In fact, the user can also act as an identity provider – this is essentially what we do every time we register at a website. The CardSpace UI enables users to create Personal cards and associate a limited set of identity data. When the user chooses a card, a request in the form of a web service call goes to the relevant provider, and a signed and encrypted security token is returned containing the required information (e.g. credit limit, employer’s name and address, or perhaps a social security number). The user, in control of the flow of information at all times, then decides whether to release this information to the requesting online service. If the user approves then the token is sent on to this relying party
where the token is processed and the user is authenticated."Open Standards
The Information Card model is built on open, interoperable communication standards
that have been implemented on Windows and other platforms. Case in point, the relying party can be implemented in Ruby on Rails (that's us!). For more information on interoperability, take a look at the Identity Selector Interoperability Profile
.The General Idea
Lost in the Identity Metasystem? Need more information on information cards? No worries! Below is a diagram of a typical scenario to set your mental context - here, we have our star user Molly who would like to login into your rails application with her personal information card. Note that this diagram is ultra simple and by no means correct - luckily for you, we have the good folks at Microsoft to provide us with the proper guidance at cardspace.netfx.com
Squinting? To view a larger image, click here: The General IdeaUser Scenarios
To get started, we have identified stories and tasks. To help you get a feel for what we are working on, some are listed below:
As a user, I would like to:
- Provide a plugin to provide out-of-the-box information card authentication
- Provide documentation as to how to incorporate information cards to your website
- Provide a well tested plugin that so that fellow developers using it can sleep at night and stay up late at night contributing to it.
- Simplicity. From James Adams on rails plugins, "It was the small mammals who survived when the the dinosaurs died out."
- Extract, don't expect it. To achieve this simplicity that James describes, we're not going to start by building a plugin to handle every conceivable cardspace scenario. Instead, we will first spike an application to authenticate personal information cards - we'll learn from it, immerse in it, be at one with the information card and then from there, extract out what makes sense. Afterall, every piece of code just wants to have a purpose.
To keep things simple, Information Card Ruby will only address personal information cards
and SAML security tokens, as generated by Windows CardSpace. Technical Notes
To use cardspace with your rails application, you need the following:
- SSL: The Windows CardSpace Identity Selector requires an SSL channel. To setup a Ruby on Rails website configured over HTTPS, an option is to setup an Apache SSL virtual host which proxies requests to your mongrel server or cluster.
- Internet Explorer 7 (or FireFox with Cardspace plugin)
- Windows Vista or Windows XP with .NET 3.0 Framework
- MySQL: This project will use MySQL as the underlying database.
We believe in short feedback loops. We want to deploy often and always know the status of our codebase. So, we have a live server which will run the latest codebase and a continuous integration server to tell us who to thank for fixing the build.
More importantly, let us know what you like and even more importantly, what you don't like! Where's the code?
The code resides at RubyForge
under the project Information Card
. CodePlex and RubyForge
In bringing together platforms and technologies (it's truly a beautiful thing), there are naturally more choices, including the project home for open source projects - namely CodePlex
. The approach that we've taken is to use both. We'll use CodePlex's wiki and RubyForge's issue tracker, mailing list and subversion repository to house the codebase in subversion
. We'll try our very best not to duplicate information between the sites and make it intuitive where to find things. We'd love to hear your comments or opinions as to what you would like to see!