Welcome to Windows CardSpace
Tasks :

Windows CardSpace Team Bloggers

Browse by Tags

All Tags » scripting   (RSS)

  • BLOCKED SCRIPT Betcha never thought of this one

    I mentioned in a previous post that I had to solve a little issue with the wonderful WMCMD.VBS script that Alex Zambelli maintains.  Because of some occasional nastyness, when the script is done--successful or not-- it tries to kill it's own process, in case any of the WM Encoder objects gets hung up.

    The original script uses WMI to look on the machine for the cscript process for the currently running script:

    function TerminateEncoderProcess()

       dim objWMIService
       dim objProcess

       On Error Resume Next

       ' Get Windows Manager object
       Set objWMIService = GetObject("winmgmts:" _
          & "{impersonationLevel=impersonate}!\\.\root\cimv2")

       ' Enumerate all CScript.exe processes
       dim colProcessList
       Set colProcessList = objWMIService.ExecQuery
            ("Select * from Win32_Process Where Name =" _ 
        & "'cscript.exe'"    )
       
       dim strArguments
       strArguments = ""
       
       ' Enumerate all command-line arguments
       for i = 0 to wscript.arguments.Length-1
          strArguments = strArguments & " " & _
             wscript.arguments(i)
       next
       strArguments = Replace(strArguments, Chr(34), "")

       ' Kill the processes that match this one in name and arguments
       For Each objProcess in colProcessList
          if InStr(1, Replace(objProcess.CommandLine, _
             Chr(34), ""), _
              Trim(WScript.ScriptName & strArguments), 1 ) > 0 _
          then
             objProcess.Terminate()
          end if
       Next
       
       ' What? Still not terminated? OK, kill first occurrence.
       For Each objProcess in colProcessList
          if InStr(1, objProcess.CommandLine, _
                WScript.ScriptName) > 0 then
             objProcess.Terminate()
          end if
       Next

    end function

    Unfortunatly, this script, when all else fails, tries to kill itself by finding the first running cscript, and killing it. Hmmm. not too good, I had multiple encoder script processes going on, and it kept killing the wrong one.

    A pity it seems so hard to find the current process in VBScript... until I thought about it a bit more:

     

    function TerminateEncoderProcess()

       GetObject("winmgmts:root\cimv2:Win32_Process.Handle='"
        & GetObject("winmgmts:root\cimv2:Win32_Process.Handle='" _
        & CreateObject( "WScript.Shell").Exec("cmd.exe").ProcessId _ 
        & "'").ParentProcessId & "'").Terminate

    end function

    Huh?

    This version of the script spawns off a new cmd.exe process (which exits nearly instantly), but uses the process ID from that, looks up the process, and get it's parent process, and then terminate that.  Nice thing is, it don't get confused :D

    Posted Wednesday, January 16, 2008 4:17 PM from Garrett Serack: Open Source at Microsoft | 0 Comments

  • Where are the WS-* Protocols? (Part One)

    Logging into a Website

    When signing into a website using CardSpace, the website has the choice of accepting two card types, Personal Cards or Managed Cards.

    Personal Cards are ones that you create the claim values yourself, support only a fixed set of claims, and have the cryptographic keys and PPID generated for you.

    Managed Cards are cards that are issued to you from an Identity Provider, they decide the claims, and they provide the Security Token Server that issues the token to the webiste. We'll cover this one in Part Two.

    Personal Cards and the Protocols

    When a website requests a personal card, it does so by putting an object element into the HTML of the page, and engaging the CardSpace Identity Selector:

    .S0 { font-family: 'Consolas'; color: #000000; background: #FFFFFF; font-size: 9pt; } .S1 { color: #000080; background: #FFFFFF; } .S3 { color: #008080; background: #FFFFFF; } .S5 { color: #007F7F; background: #FFFFFF; } .S6 { color: #7F007F; background: #FFFFFF; } .S8 { color: #800080; background: #FFFFFF; } .S11 { color: #000080; background: #FFFFFF; } .S21 { color: #000080; background: #EFEFFF; } .S22 { font-weight: bold; color: #000080; background: #EFEFFF; } .S23 { color: #006600; background: #EFEFFF; } .S24 { color: #800000; background: #EFEFFF; } span { font-family: 'Consolas'; color: #000000; background: #FFFFFF; font-size: 9pt; } .S40 { color: #7F7F00; background: #FFFFFF; } .S41 { font-weight: bold; font-family: 'Consolas'; color: #000000; background: #F0F0FF; font-size: 9pt; } .S46 { font-family: 'Consolas'; color: #000000; background: #F0F0FF; font-size: 9pt; } .S47 { font-weight: bold; font-family: 'Consolas'; color: #00007F; background: #F0F0FF; font-size: 9pt; } .S48 { font-family: 'Consolas'; color: #7F007F; background: #F0F0FF; font-size: 9pt; } .S50 { font-weight: bold; font-family: 'Consolas'; color: #000000; background: #F0F0FF; font-size: 9pt; } <html xmlns="http://www.w3.org/1999/xhtml" >
    <head>
      <title>Sample 4</title>
        <object type="application/x-informationcard" name="_xmlToken">
          <param name="tokenType" value="urn:oasis:names:tc:SAML:1.0:assertion" />
          <param name="issuer"
             value    ="http://schemas.microsoft.com/ws/2005/05/identity/issuer/self" />
          <param name="requiredClaims"
            value    ="http://schemas.microsoft.com/ws/2005/05/identity/claims/givenname
                   http://schemas.microsoft.com/ws/2005/05/identity/claims/surname 
                   http://schemas.microsoft.com/ws/2005/05/identity/claims/emailaddress 
                  http://schemas.microsoft.com/ws/2005/05/identity/claims/privatepersonalidentifier"     />
        </object>
      <script language="javascript">
          function GetIdentity()
          {
            var xmltkn=document.getElementById("_xmltoken");
            var thetextarea = document.getElementById("xmltoken");
            thetextarea.value = xmltkn.value ;
          }
      </script>
    </head>
    <body>
      <form id="form1" method="post" action="login4.aspx">
      <div>
        <button name="go" id="go" onclick="BLOCKED SCRIPTGetIdentity();">
           Click here to get the token.
            </button>
        <button type="submit">
               Click here to send the card to the server
            </button>
        <textarea cols=100 rows=20 id="xmltoken" name="xmlToken" ></textarea>
      </div>
      </form>
        
    </body>
    </html>


    This obviously does not use any WS-* protocols, it's just simply asking the browser to supply the token requested to the website. And, with no STS in the puzzle, where's the WS-*?

    Well, there is an STS. It's built into the CardSpace Identity Selector. It's there to provide the Personal card to the Relying Party (the website). The communication between the Identity Selector and the STS should be WS-* right? Well, since they are tightly coupled in this case, the STS in CardSpace short-circuits some of that and delivers the token to the browser just using inter-process communication. But the STS is built as if it was going to go over a wire, just optimized for local use.

    So, there really isn't WS-* involved here. Until CardSpace supports a Portable STS, which then would seperate the Idenity store from the Idenity Selector, thus requiring WS-*.

    g





    Garrett Serack | Program Manager |Federated Identity Team | Microsoft Corporation
    blog: http://blogs.msdn.com/garretts

    Posted Monday, August 07, 2006 8:06 AM from Garrett Serack: CardSpace and more... | 0 Comments
    Filed under: ,

  • Detecting Information Card Support (CardSpace!) in a browser

    I hacked out this a few weeks back, and never got around to publishing it.  I've not decided that this is the 'official' way to detect Information Card support in a browser, but it'll do until I can think of something better.

     

    I'd say something like, "see how it detects support in other browsers too?" except that I'm not thinking many people have a CardSpace plugin for another browser yet. But you can trust me--It works!

    <html>

     <head>

       <SCRIPT LANGUAGE="Javascript">

      function AreCardsSupported()

       {

         var IEVer = -1;

         if (navigator.appName == 'Microsoft Internet Explorer')

           if (new RegExp("MSIE ([0-9]{1,}[\.0-9]{0,})")

    .exec(navigator.userAgent) != null)

             IEVer = parseFloat( RegExp.$1 );

        

         if( IEVer >= 6 )

         {

           var embed = document.createElement("object");

           embed.setAttribute("type", "application/x-informationcard");

     

           if(  ""+embed.issuerPolicy != "undefined" )

             return true;

           return false;        

          }    

         if( IEVer < 0 && navigator.mimeTypes && navigator.mimeTypes.length)

         {

           x = navigator.mimeTypes['application/x-informationcard'];

           if (x && x.enabledPlugin)

             return true;

         }

         return false;

       }

     

       function ShowDetection()

       {

         if( AreCardsSupported() )

           alert( "Information Cards are supported by this browser :D" );

         else

           alert( "Information Cards are NOT supported by this browser :(" );

       }

     

       </SCRIPT>

       <body onload="ShowDetection()">

      

       </body>

    </head>

     

    g




    Garrett Serack | Program Manager | Connected Identity and Directory| Microsoft Corporation
    blog: http://blogs.msdn.com/garretts 

    Posted Friday, August 04, 2006 3:23 PM from Garrett Serack: CardSpace and more... | 0 Comments
    Filed under: ,

  • Scripting: Detecting the host architecture vs the process architecture

    I had some trouble lately with scripts running on a 64bit version of Vista, when they were run with a 32 bit parent host process.

    After figuring out what was wrong, I wanted to be able to detect if I was running a 32-bit script engine under a 64-bit OS. With a bit of crafty (crufty?) coding, I came up with the following VBScript which I put at the top of my script:

     

    sub EnsureNativeScriptEngine

        On Error resume next

        dim WshShell,WshProcEnv,system_architecture, process_architecture

        Set WshShell =  CreateObject("WScript.Shell")

        Set WshProcEnv = WshShell.Environment("Process")

        process_architecture= WshProcEnv("PROCESSOR_ARCHITECTURE")

        if process_architecture = "x86" then

            system_architecture= WshProcEnv("PROCESSOR_ARCHITEW6432")

            if system_architecture = ""  then

                system_architecture = "x86"

            end if

        else

            system_architecture = process_architecture

        end if

     

        if NOT system_architecture = process_architecture then

            WshShell.popup "This script should be run as a "& system_architecture & _

      "process, but is running as a "& process_architecture &" process."

            WScript.quit 1

        end if

    end sub

    EnsureNativeScriptEngine

     

    Which is fine and dandy, except I’d really have liked to just transparently execute the script with the right version of the script host.

     

    Ah well, at least this tells me what’s going on. J

    g




    Garrett Serack | Program Manager | Connected Identity and Directory| Microsoft Corporation
    blog: http://blogs.msdn.com/garretts 

    Posted Friday, August 04, 2006 12:06 PM from Garrett Serack: CardSpace and more... | 0 Comments
    Filed under: ,

  
More Search Options

<August 2008>
SuMoTuWeThFrSa
272829303112
3456789
10111213141516
17181920212223
24252627282930
31123456

Copyright © 2006 Microsoft Corporation. All Rights Reserved. | Terms of Use | Privacy Statement | Contact Us