Why the message "There are no trusted identity providers" in Sharepoint 2010 if it has a STS

When you create a new web application in Sharepoint 2010 and you select "Claims based authentication" for the Authentication option, the "Trusted Identity provider" box is greyed out.

There are some blogs etc. about how you add a custom STS or so开发者_StackOverflow中文版mething like ADFS, but isn't the built-in Sharepoint STS an identity provider?

What part does the Sharepoint STS play in a web application? Is it a different type of STS?

In a normal Windows Identity Foundation (WIF) application that has a trust relationship with a STS, you get a login screen provided by the STS.

In Sharepoint 2020, you don't get any login screen?

Are Sharepoint claims enabled applications different to WIF claims enabled applications?

The STS in Sharepoint acts as a Federated STS. It doesn't actually act as an identity provider but a hub for other identity providers. You can add add other Identity Providers (like AD FS) to the Sharepoint STS so that you can authenticate outside of Active Directory. Sharepoint applications becomes the Relying Party for those other issuers. We are working on a book that will ship soon and have a couple of chapters on this that you can download from our CodePlex site. Most of the claims information is also available in our first book.