Session 2: Introduction to Microsoft .NET Framework 3.0 Technologies 47 Demonstration 6: Creating a Sequential Workflow In this demonstration, you will see how you can create an application that uses a sequential workflow. Key Point The key point of this demonstration is: • You can add activities to a Windows Workflow application and configure the workflow to process the activities sequentially. 48 Session 2: Introduction to Microsoft .NET Framework 3.0 Technologies Using Activities in Workflows Activities are the fundamental building blocks of workflows. A workflow is a set of activities organized hierarchically in a tree structure. Once all of the activities in a given flow path are finished running, the workflow instance completes. An activity represents an action in a workflow. It can be a simple action such as a delay, or it can be a composite activity that consists of several child activities. An activity, like a workflow, can be sequential, which means that the order of its actions is specified at design time. Or the activity can be event-driven, which means that the order of its actions is determined at run time in response to external events. The Windows Workflow Foundation framework includes a default set of activities that provide functionality for control flow, conditions, event handling, state management, and communicating with applications and services. When designing workflows, you can use the activities provided by Windows Workflow Foundation, and you can create your own activities. Session 2: Introduction to Microsoft .NET Framework 3.0 Technologies 49 The following table lists a sample of the activities in the Windows Workflow Foundation framework activity set. Activity Description InvokeWebService Makes a call out to a Web service Code Executes a specified method in the code-beside file Delay Causes the containing branch of the workflow to wait for a time-out EventDriven Used in a Listen or a workflow event handler to specify the event and contain the executed activities Listen Waits for one of a set of events Terminate Enables you to immediately end the operation of your workflow in the event of an error condition 50 Session 2: Introduction to Microsoft .NET Framework 3.0 Technologies Using Conditions in Workflows You can use conditions to control the behavior of your workflow. When the workflow encounters a condition, the runtime engine evaluates the condition and then acts based on the result of that evaluation. There are two ways to represent conditions in your workflow: • Writing a handler in code that returns a Boolean value • Adding a rule in your workflow definition You can dynamically update rule conditions at run time to alter the behavior of the workflow. Session 2: Introduction to Microsoft .NET Framework 3.0 Technologies 51 Conditional Activities Several activities that are provided with the Windows Workflow Foundation use conditions: Activity Description IfElseActivity Tests a condition on each branch and performs activities on the first branch for which the condition equals true. WhileActivity Continuously executes any activities contained within it as long as its condition evaluates to true. The condition is reevaluated at the completion of each loop. ConditionedActivityGroup Continuously executes any activities within it as long as its condition evaluates to true. Each individual activity within the ConditionedActivityGroup has a When condition. Each activity executes only when the When condition evaluates to true. ReplicatorActivity Completes its execution when its UntilCondition property evaluates to true. 52 Session 2: Introduction to Microsoft .NET Framework 3.0 Technologies Demonstration 7: Performing Conditional Processing In this demonstration, you will see how you can configure a workflow that uses conditional processing. Key Point The key point of this demonstration is: • You can use conditional activities such as IfElseActivity to control the flow of a workflow. Session 2: Introduction to Microsoft .NET Framework 3.0 Technologies 53 Managing Digital Identity by Using CardSpace Digital Identity is digital information that identifies a user to another application or service. Implementing digital identities between diverse and different systems can be complicated by the absence of a consistent standard for implementing digital identities. CardSpace is used to provide a consistent and system-independent solution for managing digital identities. Objectives After completing this section, you will be able to: • Define digital identity. • Describe the Laws of Identity. • Define CardSpace. • Describe how to establish a digital identity by using CardSpace. • Manage information cards. • Integrate CardSpace with applications. • Invoke CardSpace from a Web page. 54 Session 2: Introduction to Microsoft .NET Framework 3.0 Technologies What Is Digital Identity? A digital identity refers to the representation of a personal identity that is used in a distributed network interaction with other machines and people. A digital identity is used to identify a user or process to another system. For example, your Windows Security Identifier (SID) may be a digital identity that identifies you to other computers and applications on your network. Like identities in the real world, there are many varieties of digital identities. Different contexts require a different identity, each of which is expressed in a different way and provides different information. The problem is that there is currently no consistent way to define how digital identities are used by applications. Digital identity terminology The following list defines the terms used to discuss digital identity: • Digital identity. A set of claims made by one digital subject about itself or another digital subject. • Digital subject. A person or thing represented or existing in the digital realm which is being described or dealt with. • Claim. An assertion of the truth of something, typically one that is disputed or in doubt. For example, a set of claims might convey personally identifying information such as name, address, and date of birth. Session 2: Introduction to Microsoft .NET Framework 3.0 Technologies 55 • Identity metasystem. The Identity metasystem is an interoperable architecture for digital identity that assumes that people will have several digital identities based on multiple underlying technologies, implementations, and providers. The three roles within the metasystem are: • Identity providers. Parties that issue digital identities. For example, credit card providers might issue identities enabling payment. • Relying parties. Parties that require identities, for example, a Web site or online service that utilizes identities offered by other parties. • Subjects. The individuals and other entities about whom claims are made. Examples of subjects include end users, companies, and organizations. 56 Session 2: Introduction to Microsoft .NET Framework 3.0 Technologies The Laws of Identity The Laws of Identity are intended to codify a set of fundamental principles to which any identity metasystem must conform in order to be universally accepted. The laws were proposed, debated, and refined through a long-running, open, and continuing dialogue on the Internet. The laws specify the following components of the architecture of the identity metasystem. • User control and consent. Identity systems must reveal information identifying a user only with the user’s consent. • Minimal disclosure for a constrained use. The identity system must disclose the least identifying information possible because this is the most stable, long-term solution. • Justifiable parties. Identity systems must be designed so the disclosure of identifying information is limited to parties having a necessary and justifiable place in a given identity relationship. • Directed identity. A universal identity system must support both omnidirectional identifiers for use by public entities and unidirectional identifiers for use by private entities, thus facilitating discovery while preventing unnecessary release of correlation handles. • Pluralism of operators and technologies. A universal identity solution must utilize and enable the interoperation of multiple identity technologies run by multiple identity providers. [...]... user wants to access This information is contained in the relying party’s policy and includes information such as what security token formats the relying party will accept and exactly what claims those tokens must contain 2 Once this information is returned and passed to CardSpace, the system displays the card selection screen To give the user a consistent experience, every information card he or she... Web sites • Export and restore your information cards • Track the sites to which you have provided your information • Password protect your card information 62 Session 2: Introduction to Microsoft NET Framework 3.0 Technologies Using CardSpace with Web Applications CardSpace design goals for integrating with Web sites The following list describes the design goals for using CardSpace-based authentication... using Windows Communication Foundation • How to build workflow applications by using Windows Workflow Foundation • How to use CardSpace to provide a consistent and system-independent solution for managing digital identities 66 Session 2: Introduction to Microsoft NET Framework 3.0 Technologies Questions and Answers Session 3: Introducing Windows Presentation Foundation Table of Contents Developing Windows. .. select identities when authenticating to Web applications Windows CardSpace provides: • Support for any digital identity system CardSpace and the identity metasystem are agnostic about the format of the security token that is requested from an identity provider and passed on to a relying party Typically, CardSpace is not even aware of what format this token is in Because of this, CardSpace can work... independence The protocols developed for CardSpace-based authentication to Web sites should be implemented by a broad range of Web browsers on the platforms of their choice • Web server independence The protocols developed for CardSpace-based authentication to Web sites should be used by Web-based applications running on a broad range of Web servers on the platforms of their choice • Minimal impact... Microsoft NET Framework 3.0 Technologies 65 Session Summary The Microsoft NET Framework 3.0 is the new managed code programming model for Windows .NET Framework 3.0 builds on the foundation of NET Framework 2.0 and adds new technologies such as Windows Communication Foundation, Windows Workflow Foundation, and CardSpace This session described how to build and deploy applications by using the new technologies... For more information see the “Laws of Identity” white paper on the Microsoft MSDN Web site 58 Session 2: Introduction to Microsoft NET Framework 3.0 Technologies What Is CardSpace? Windows CardSpace is a Microsoft NET Framework component that provides the consistent user experience required by the identity metasystem CardSpace plays an important part in the identity metasystem by providing a way for. .. authenticate the user or for some other purpose Session 2: Introduction to Microsoft NET Framework 3.0 Technologies 61 Managing Information Cards The Digital Identities Control Panel application helps you manage your digital identities By using it, you can: • Create a new Personal card Personal cards allow you to quickly register and sign into Web sites without filling out forms or using passwords... extension formats are specified Browsers may support one or both of the extension formats • OBJECT Syntax The OBJECT tag is widely supported, but it is also disabled by high-security settings on some browsers, including Internet Explorer • XHTML Syntax An alternative is to use an XHTML syntax that is not disabled by changing browser security settings However, not all browsers provide full support for XHTML... user a consistent experience, every information card he or she owns on this system is shown, but any information cards whose associated security token and claims that do not match the requirements of this relying party are unavailable 3 Once the user clicks a particular card, CardSpace issues a request for a token to the identity provider associated with that card The identity provider then returns a . code programming model for Windows. .NET Framework 3.0 builds on the foundation of .NET Framework 2.0 and adds new technologies such as Windows Communication Foundation, Windows Workflow Foundation,. must reveal information identifying a user only with the user’s consent. • Minimal disclosure for a constrained use. The identity system must disclose the least identifying information possible. For more information see the “Laws of Identity” white paper on the Microsoft MSDN Web site. 58 Session 2: Introduction to Microsoft .NET Framework 3.0 Technologies What Is CardSpace? Windows