Stack Overflow
Stack Overflow

Questions tagged [sts-securitytokenservice]

Security Token Service. A web service where a user (or client software) presents some form of credentials (e.g., username/password), and if valid the result is a 'security token' that can be used to access a web application or web service. Often used for implementing single sign-on (SSO).

Security Token Service: A web service where a user (or client software) presents some form of credentials (e.g., username/password), and if valid the result is a 'security token' that can be used to access a web application or web service. Often used for implementing single sign-on (SSO).

167 questions
1
vote
2 answers

Can a SSO service (Custom STS, WIF) be implemented so that it is highly available (clustered or in a web farm)?

I recently asked a question here: Implementing SSO in a .NET Web Farm for several e-commerce websites with WIF? that outlines the details behind my next question. A brief summary of the question/solution is that a series of web sites needing a SSO…
ooPeanutButter
  • 433
  • 2
  • 9
1
vote
1 answer

Lambda function failing intermittently due to connect to sts.amazonaws.com timed out

I have a lambda running in VPC. Using which I query ElasticSearch and update data there and delete obsolete data. To facilitate this call, lambda has to assume a role and it calls STS Assume role API for that. but recently, I am seeing intermittent…
Mitul Khatri
  • 19
  • 4
1
vote
2 answers

Custom SecurityTokenHandler for WIF

I am trying to implement a custom SecurityToken and SecurityTokenHandler for a STS using Microsoft.IndentityModel (= Windows Indentity Foundation). The token is serialized to a simple xml document with signature (using a X509 certificate) and is…
Peter
  • 3,916
  • 1
  • 22
  • 43
1
vote
1 answer

Federated authentication cookieless STS

I see that Federated Identity stores Security token to a cookie, after its first request to the STS (Security Token Service). In that case if I disable cookie in my browser, how does it work? I have seen that it did not redirect to my STS issue App,…
shary
  • 178
  • 2
  • 12
1
vote
1 answer

WIF Claims-based Identity for Legacy Login

I have several legacy ASP.NET applications with custom membership providers. They also utilized external SAML based identity providers for which we have written custom clients. I am sold on the value of WIF and ADFS. The SAML identity providers…
chief7
  • 14,263
  • 14
  • 47
  • 80
1
vote
1 answer

Provisioning "new" users with multiple trusted STSes

When using Windows Identity Foundation (WIF) with multiple Security Token Services (STS), is it possible to provision users before they first access the application? For example, let's say I have a web site called BufferOverrun where users can login…
Travis
  • 2,654
  • 4
  • 26
  • 46
1
vote
2 answers

how to create read only and write only token for specific resource for a file in s3 using AWS STS

I have to generate read only and write only tokens for a file in S3. What I have tried so far: create an IAM role with read and write access to the bucket in reference create an STS client assume the IAM role created in step #1 by the STS…
letsStudyJava
  • 159
  • 2
  • 10
1
vote
1 answer

svcutil ignores WS-Trust Claims

Scenario: I am writing a WCF client to access a Java/Metro webservice which requires authentication through a token obtained from an STS (also Java/Metro). The relevant policy snippet from the service's WSDL is this:
nodots
  • 1,450
  • 11
  • 19
1
vote
1 answer

Identity and Access is Missed in VS 2015

Need to add STS to my web project, and I got some guide from my colleague: Add STS Reference command by right-clicking the web project in Visual Studio and select Identity and Access but I can't find it in my VS 2015. Have tried to search it in a…
mrabaev48
  • 183
  • 2
  • 13
1
vote
2 answers

How to call web service that requires claims based authentication?

I have a client that wants to invoke a web service. I have a web service(asmx) , a default.aspx that can show the claims . I have a test STS that my web service trusts. I tested and sts can send correct claims and also web service seems to get them…
cagatay
  • 477
  • 5
  • 16
1
vote
1 answer

how to retrieve security token from salesforce thru a web-service call..?

is there any way to send a web-service call to salesforce n get a security token which is reseted in desktop side... it is possible to do this before login..?
nik
  • 2,289
  • 6
  • 37
  • 60
1
vote
2 answers

Salesforce security token

How to get a security token for iPhone app when the user has reset his security token on the desktop side? In my iPhone app I hard-coded the security token for authentication and login into the salesforce account. Any solution?
nik
  • 2,289
  • 6
  • 37
  • 60
1
vote
1 answer

Does mod_auth_openidc support STS(Security Token Service)?

Since mod_auth_openidc is an authentication/authorization module for the Apache 2.x HTTP server that authenticates users against an OpenID Connect Provider. If OpenID Connect Provider supports STS(Security Token Service) does mod_auth_openidc is…
GPrathap
  • 7,336
  • 7
  • 65
  • 83
1
vote
0 answers

How can I get a SAML security token for a user logged in via SSO in WSO2 Identity Server?

I have WSO2 Identity Server set up together with a web application that is configured for SAML 2.0 SSO. When a user has authenticated, I want to invoke a SOAP service from this application. The SOAP service trusts the Identity Server and is…
spanier
  • 11
  • 3
1
vote
1 answer

How do I request additional claims from Passive STS with WIF?

I have the following: A website ASP.Net application acting as an Identity Provider (IDP STS) Federation Provider (FP STS) A Resource ASP.NET MVC WebSite acting as (RP) when trying to access a Resource in RP, it goes thru the FP STS and gets…
Heena
  • 11
  • 1
1 2 3
11 12