WIF Claims-based Identity for Legacy Login

I have several legacy ASP.NET applications with custom membership providers. They also utilized external SAML based identity providers for which we have written custom clients. I am sold on the value of WIF and ADFS. The SAML identity providers will work with ADFS but we need to support the legacy membership systems.

Do I need to create a custom STS to han开发者_开发技巧dle the legacy authentication? If so, many developers advice against this for various reasons. Is there a template or framework which will help me make it secure and scalable? I have seen SelfSTS and StarterSTS but they both imply they are not for production use.

If not, what are the options?

SelfSTS is a developer tool, meant jsut to streamline the dev process.

StarterSTS is more like a product, only it is not. You have to "own" the code. It essentially means that you need to test it for performance, security, etc.

Vittorio has a good post on it too if you want to do it yourself:

http://blogs.msdn.com/b/vbertocci/archive/2009/04/23/enhance-your-asp-net-membership-based-website-by-adding-identity-provider-capabilities.aspx

(You will still need to do perf/security testing)