Geneva Server, CardSpace Geneva and PHP Interoperability with Information Cards
![clip_image002[5]](https://msdntnarchive.blob.core.windows.net/media/TNBlogsFS/BlogFileStorage/blogs_msdn/donovanf/WindowsLiveWriter/MicrosoftcodenameGenevabeta2onTheIdEleme_13B67/clip_image0025.jpg "clip_image002[5]")
This week on “The Id Element” I had the opportunity to interview both the President and CIO, Bryan Otis and Scott Otis, respectively, from Intand along with Vijay Rajagopalan, Principle Architect, Microsoft Interoperability Strategy. Intand offers a calendaring application for scheduling/managing a school’s facilities, events, teams, etc. Prior to this prototype project to enable information cards in their PHP application, Intand’s sole source for user authentication and authorization data was in its own directory. Accounts for administrators, teachers, parents and students were provisioned into the directory. An administrator would then login to the application and update the users with the appropriate access permissions. School users could then login.
But with the work they did using the open source Zend Framework’s support for information cards, they now have an additional way to provide users with access to their application (again, this is a prototype and is not in production, the Geneva technologies are still in beta). To eliminate the need to create an additional user account, for those schools that are already managing their users in Active Directory, the Geneva Server can issue a managed information card to each user. Therefore, Intand, by implementing access to their application via information cards, “trusts” Geneva Server to issue it a security token with the appropriate permissions (in the form of claims) after the user authenticates to Active Directory. For instance, when the user accesses the Intand application, they can choose to login with an information card by clicking the information card icon on the web page. In the case of this prototype, Windows CardSpace Geneva is then invoked and the user selects the Geneva Server issued managed information card. The user is then prompted to authenticate to Active Directory at their school where they provide the appropriate AD credentials and the user then receives access to the PHP application via the trusted security token, issued by the Geneva Server. A video of this working prototype was featured in the Scott Charney, Corporate Vice President, Microsoft, 2009 RSA Conference keynote address.
In this segment, Vijay also discusses other open source interoperability work that’s been done around information cards for heterogeneous web applications, not only PHP (codeplex). This includes information card support for Java (codeplex), Ruby on Rails (codeplex) and a generic C module.
Enjoy!