开发者

Configure Active Relying Party STS to Trust Multiple Identity Provider STSes

I am struggling with the configuration for the scenario below.

  • I have a custom WCF/WIF STS (RP-STS) that provides security tokens to my WCF services
  • RP-STS is an "Active" STS
  • RP-STS acts as a claims transformation STS
  • RP-STS trus开发者_运维问答ts tokens from many customer-specific identity provider STSes (IdP-STS)
  • When a WCF Client connects to a service it should authenticate with it's local IdP-STS

The reading that I've done describes this as Home Realm Discovery. HRD is usually described within the context of web applications and Passive STSes. My questions is, for my situation, does the logic for choosing an IdP-STS endpoint belong in the RP-STS or the WCF Client application?

I thought it belonged in the RP-STS, but I cannot figure out the configuration to make this happen. RP-STS has a single endpoint, but I cannot figure out how to add more than one trusted issuer per endpoint.

Any guidance on this would be very appreciated (I'm out of useful keywords to Google.) Also, if I'm way off please offer alternative approaches.

Configure Active Relying Party STS to Trust Multiple Identity Provider STSes

(source: marshaledthoughts.com)


This scenario is covered here:

http://msdn.microsoft.com/en-us/library/ff359113.aspx

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜