WIF with multiple STS's

Apologies for the image being of terrible quality, but it shows my scenario of what I'm trying to achieve and wondering what the best possible solution for this is?

I have a test project setup, using RP to a single STS - in which works fine, the RP gets directed to the STS for approval and then sends a token back, simple.

However, I want, say, a drop-down list on my RP that you choose a "mode" and based on this mode you will re-directed for authorisation to one of the STS providers. Obviously I can't re-direct straight to the STS for this开发者_如何学编程 and so it would have to be dynamic, and the web.config settings removed for instant re-directs that the .NET projects automatically put there.

Can anyone give guidance on this?

Sounds like you would benefit from using Windows Azure's AppFrabric Access Control Service (ACS). You want to avoid putting code in your application to communicate with every STS provider, and ACS is designed to address that problem. The idea is that you configure ACS with as many STS providers as you want, and then your application (using WIF) communicates solely with ACS to perform authorization.

Read more about it here (Click 'Access Control' on the left): http://www.microsoft.com/windowsazure/AppFabric/Overview/default.aspx

Here's what you do. In global.asax, add this code

void WSFederationAuthenticationModule_RedirectingToIdentityProvider(object sender, RedirectingToIdentityProviderEventArgs e)
{
    string whr = HttpContext.Current.Request.QueryString["whr"]; 
    if (!string.IsNullOrEmpty(whr))
    {
        //add your logic to determine the STS
        e.SignInRequestMessage.HomeRealm = @"http://path-to-STS";
    }
}

You could also use ADFS v2.0 to accomplish this. Any other STS federated with ADFS will appear in the "Home Realm Discovery" drop-down list.

AppFabric ACS is "essentially" ADFS in the cloud and there is nothing stopping you federating ADFS and ACS.

The "RedirectingToIdentityProvider" override is exactly what I would do as well.

Just posting this link here you can find a collection of IdentityFederationSamples here if that helps to have an entire solution. There is a sample for redirecting to one of two STS, there is another that shows chaining STS. http://www.michelelerouxbustamante.com/post/Cloud-Connections-Las-Vegas-Links.aspx