Stack Overflow
Stack Overflow

Questions tagged [sts-securitytokenservice]

Security Token Service. A web service where a user (or client software) presents some form of credentials (e.g., username/password), and if valid the result is a 'security token' that can be used to access a web application or web service. Often used for implementing single sign-on (SSO).

Security Token Service: A web service where a user (or client software) presents some form of credentials (e.g., username/password), and if valid the result is a 'security token' that can be used to access a web application or web service. Often used for implementing single sign-on (SSO).

167 questions
0
votes
1 answer

AWS Assume Role access denied while using AWS PHP SDK

I have a problem using the AWS PHP SDK when calling AssumeRole from the apache server (PHP SDK) the following error appears Error executing "AssumeRole" on "https://sts.amazonaws.com"; AWS HTTP error: Client error: `POST…
Sayed Hasan Mahfoodh
  • 1
  • 2
0
votes
2 answers

Disabling encryption in Windows Identity Foundation

Can I disable encryption of the request security token response and only manage signatures? I'm creating a custom STS extending Microsoft.IdentityModel.SecurityTokenService.SecurityTokenService based on the demos of the WIF SDK and I cannot manage…
elfebien
  • 13
  • 5
0
votes
1 answer

REST base service clients sharing STS issued token

What prevents REST based service clients to share the STS issued token with each other?
amit_g
  • 30,880
  • 8
  • 61
  • 118
0
votes
1 answer

Access Dynamics CRM Web API from third party app on another domain

I have the below problem I try to solve: There is an MVC web application (AppA) in domain DomA that is configured to use a CUSTOM STS for authentication/authorization. On the other hand we have a CRM installation in another domain, the MyCRM domain,…
Ricky Stam
  • 2,116
  • 21
  • 25
0
votes
1 answer

How to create a specific SOAP header for a third-party web service

I am trying to connect to a third party web service. I have tried to do it in multiple ways, but I have been unable. They use java for service and for the client, and they have sent me what should be the correct…
rasputino
  • 691
  • 1
  • 8
  • 24
0
votes
1 answer

Fuse WS-Trust service ignores protection

I'm trying to develop a fuse CXF service protected by the WS-Trust "IssuedToken" policy, as explained in the official docs for the Security Token Service. I did everything as explained in the docs, cross-checking with some of the fuse and CXF…
xtian
  • 2,908
  • 2
  • 30
  • 43
0
votes
1 answer

STS request with certificate authentication in SoapUI

I have to do RequestSecurityToken request with certificate signature and timestamp with SoapUI to get security token to use it in other requests, but I have problem to implement it correctly. Here are correct request, with different application, but…
Ilmārs Geiba
  • 81
  • 1
  • 1
  • 7
0
votes
0 answers

how to prevent unauthorised access with aws sts tokens

We got a problem in managing authorisation while accessing aws resources. Currently, we are using STS tokens to authorize the user and give access to aws resources. But, the problem is in the request parameters if we change the user_id and keep the…
Krishna Karamilli
  • 21
  • 1
  • 4
0
votes
1 answer

Windows Identity Foundation Security Token Service setting cookie timeouts

I want to configure the timeout duration that is applied to the cookies that are created on relying party after a user logs in through the passive Security Token Service (STS). I believe I read somewhere this is defaulted to 14 minutes however I…
Chris Marisic
  • 32,487
  • 24
  • 164
  • 258
0
votes
1 answer

Custom STS SSO failing

I'm working on a roll-your-own Federation implementation. There are two RPs. SSO between the RPs does not work (erroneously). I suspect it has to do with the cookie that the STS is creating. The STS is writing a fedauth cookie for itself. From my…
Swifty
  • 1,422
  • 2
  • 18
  • 38
0
votes
1 answer

WIF STS SSO issue - RPs cannot access each other

We have a roll your own WIF STS SSO implementation. We have 3 RPs connecting to a STS. When a user accesses RP1, he is redirected to the STS and able to authenticate. After successful authentication he navigates to RP2 or 3 (via RP1), and is…
Swifty
  • 1,422
  • 2
  • 18
  • 38
0
votes
0 answers

why SharePoint 2013 takes too much time to authenticate for both windows and forms authentication for the first time?

I have made a SharePoint 2013 internet site, it's works fine and loads quickly but when i login for the first time ,it takes about 30 second to authenticate for both windows and forms i have traced the following forms authntication code private…
mahamed
  • 131
  • 3
  • 13
0
votes
1 answer

SharePoint Provider Hosted App - SecurityTokenException: Invalid issuer or signature

I developed a SharePoint Provided Hosted App which is deployed to an Office 365 SharePoint site for testing purposes. Everything works as expected until recently I want it to test with another O365 account. Both of the accounts have exactly the same…
slmglr
  • 188
  • 1
  • 2
  • 9
0
votes
1 answer

How to decide which authentication to use in multitenant environment?

I am designing one Multi tenant based CRM system, Where tenant will be identified by sub domain. But I am a bit confuse about the authentication system, which one to use. STS using some third party tool like thinktecture Or simple membership…
Deependra Kushwah
  • 71
  • 2
  • 10
0
votes
1 answer

WCF deny anyone without specific role using custom STS

I've made an STS by overriding SecurityTokenService and hosted it using WCF. Also I've created a relying party and test client. Client is successfully redirected to the STS (the program stops if I put a breakpoint in GetOutputIdentity method). Now I…
Pavel Rudko
  • 248
  • 2
  • 8
1 2 3
11 12