Stack Overflow
Stack Overflow

Questions tagged [sts-securitytokenservice]

Security Token Service. A web service where a user (or client software) presents some form of credentials (e.g., username/password), and if valid the result is a 'security token' that can be used to access a web application or web service. Often used for implementing single sign-on (SSO).

Security Token Service: A web service where a user (or client software) presents some form of credentials (e.g., username/password), and if valid the result is a 'security token' that can be used to access a web application or web service. Often used for implementing single sign-on (SSO).

167 questions
0
votes
1 answer

When using a passive STS for authentication in ASP.NET MVC, how can I access the SecurityToken?

I have created a simple ASP.NET MVC (4) application, and I am using the passive profile to authenticate against a remote STS. This all works swimmingly, and I am able to access the claims returned from the STS in the User.Claims property. Now, I…
Mark
  • 11,257
  • 11
  • 61
  • 97
0
votes
2 answers

How do I host an active STS in ASP.NET MVC 4?

I'm attempting to host an active STS endpoint in my ASP.NET MVC 4 site (which already successfully hosts a passive STS endpoint). For some reason, the WCF runtime does not seem to be "handling" calls to my servive URI. In my RouteConfig.cs file, I…
Mark
  • 11,257
  • 11
  • 61
  • 97
0
votes
1 answer

How is trust established between a web service and STS (SecurityTokenService)?

I am studying brokered authentication, federation etc. On all the blogs, it's mentioned that there is a "trust" between Security Token Service and other web services. However, I could not find a blog which explains how to establish that…
Learner
  • 4,661
  • 9
  • 56
  • 102
0
votes
1 answer

StarterSTS issue additional claims

Does anyone know how to issue additional claims from StarterSTS by Dominic (Codeplex). I currently am getting only Login Time Instance and the Authentication Type which is password. Is there some config file i can edit or Code i need to insert to…
Deeptechtons
  • 10,945
  • 27
  • 96
  • 178
0
votes
1 answer

Secure Token Service with a Separate public login page

It's been quite a while now that I am working with the STS and RP thing. Now I have an issue that I want a separate web application which will contain a single login page, where my applications will be redirected if they dont have the federated…
Aakif
  • 91
  • 2
  • 7
0
votes
1 answer

WCF STS Token Expiration Problem

I have a WCF service (FooService) protected by Secure Conversation. Also have an STS (StsService) that provides tokens to clients calling FooService. The tokens are good for 15 minutes. The STS is custom-build (no Geneva). The client also has some…
Doanair
  • 538
  • 4
  • 13
0
votes
2 answers

Validating Security Token issued by STS while calling WCF services

We have extended SecurityTokenService provided by Windows Identity Foundation (WIF). It issues token as expected and the SAML token is added in the SOAP header while calling every other WCF service we have. I can see correct values in the NotBefore…
Learner
  • 4,661
  • 9
  • 56
  • 102
0
votes
2 answers

SharePoint Claims trust between HNSC

We have to HNSC https://division1.corp.com https://division2.corp.com on the same SPWebApplication using Claims and Forms Authentication. When logging in to https://division1.corp.com we should have access to https://division2.corp, but we get the…
John Hansen
  • 288
  • 1
  • 3
  • 14
0
votes
1 answer

How to get SSO on Site B from Site A using WIF and STS Provider

So here is the setup. I have a STS Provider and 2 ASP.NET MVC sites both trusting the same STS provider. User comes to Site A and is redirected to the STS Provider passive login, authenticates properly, and is redirected back to site 'A' as…
atconway
  • 20,624
  • 30
  • 159
  • 229
0
votes
1 answer

Validating SAML tokens

I am writing a Client and Service using Axis2 and rampart A third party authenticator which I will control as well will issue a token to the client in which the client will send to the service The problem is I have no idea how to validate this…
Abdelrahman AlMahmoud
  • 157
  • 1
  • 11
0
votes
1 answer

Windows Identity Foundation: Active Federation client (which is previous relying party) accessing relying party with token

I am setting up a STS using WIF which will support active and passive federation. There will be multiple services which use the STS as relying parties. I want to know how the scenario works and is implemented where one service (eg. RelyingParty1) is…
theringostarrs
  • 11,940
  • 14
  • 50
  • 63
0
votes
1 answer

WIF Error: "ID3094: Cannot create WS-Federation message from the given URI 'http://myurl'"

Can anyone tell me what this error means? I just starting getting it from the STS I build using WIF and I can't find any documentation.
skb
  • 30,624
  • 33
  • 94
  • 146
0
votes
1 answer

Implementing Passive STS in ASP.NET

I have installed WIF Runtime and WIF SDK v4.0 and created an "ASP.NET Security Token Service Web Site" in Visual Studio 2010 (see this link). When I run the site, type in any username/password combo, and press "Submit", I get the following…
kevlar1818
  • 3,055
  • 6
  • 29
  • 43
0
votes
1 answer

Implementing SSO using Passive Federated Identity and login page on relying party

We have implemented SSO (Single Sign-On) for a group of websites with different domain names using passive federated identity (C#, ASP.Net MVC 3, WIF). The setup works fine as it follows the standard passive federation with login page hosted on…
Milad Ghafoori
  • 310
  • 2
  • 14
-1
votes
3 answers

How do I generate and/or get an access_token and refresh_token from website built in react js that calls API built using .NET Core 3?

I am building a web app using react that calls RESTful API (built using .NET Core 3.1). The web app and soon mobile app access all data through the API. I would like to have an authentication/authorization integrated but would like to know where to…
Koref Koref
  • 300
  • 4
  • 13
1 2 3
11
12