WIF - Federated Provider with multiple Identity Providers - store IP info in db?

So despite the warnings, I think I need to build a custom STS. We will support an arbitrary number of customers who provide identity information via SAML.

What is the best practice t开发者_如何学JAVAo store details on each IP? Most examples seem to store this info in the STS's web.config. That seems like it wouldn't scale real well.

Is there an obvious reason not to just store this stuff in a db and load it when the requests come in?

Fundamentally, if the Identity Providers will change over time, such as via some online administration function, rather than a new application deployment, it makes total sense to store the information in a database (or other Storage).

I think this is a potential issue for any multi-tenanted service that is federating identity with the customer.

ADFS v2.0 (which is Microsoft's STS product) stores its details in either a SQL Server DB (or SQL Server DB farm) or a Windows Internal DB. So if it's good enough for Microsoft ...