Browse by Tags

Tagged Content List
  • Blog Post: Handling Mismatched Trust Versions on the Client

    Federation Clients might have scenarios where it is talking to a Service and STS that don't have the same trust version. The Service WSDL can contain a RequestSecurityTokenTemplate with Trust elements that are in different version than the STS. In these cases a WCF client will convert the Trust elements...
  • Blog Post: WS-Federation Passive

    I have discussed about Federation before. This post discusses Federation from the active context. "Active" means that the client is a smart client capable of doing encryption and signing and can actively participate in the Federation protocol. There are cases where the client is simply a Web Browser...
  • Blog Post: Federation and Bearer Tokens

    The latest WS-Trust spec (yet to be ratified by OASIS) introduces a concept called Bearer Tokens. This basically is a keyless token that a client requests from an STS (Security Token Service). The only purpose this token serves is to provide more information about the client to the service while the...
  • Blog Post: Re-Serialize SAML token

    In a Federation Scenario a client might want to access the services by using a SAML token that was issued to it by a STS. The service in turn might have to call other services (like a intermediary) to fulfill the request. When calling the backend service the service might want to use the SAML token that...
  • Blog Post: Federation

    As you are moving to Web Services world one of the buzz words that you will hear time and again is "Federation". This is simply a security scenario that involves 3 parties to secure a Message. The 3 parties in the scenario are, Client Security Token Service (STS) Target Service This is...
Page 1 of 1 (5 items)