Govind's WebLog

Wednesday, November 22, 2006 3:06 AM

Federation and Bearer Tokens

The latest WS-Trust spec (yet to be ratified by OASIS) introduces a concept called Bearer Tokens. This basically is a keyless token that a client requests from an STS (Security Token Service). The only purpose this token serves is to provide more information

Posted by govindr | 1 Comments

Filed under: Security, Message Security, WCF, transport security, Security Tokens, SAML, Federation, webservices

Tuesday, October 24, 2006 5:05 PM

Re-Serialize SAML token

In a Federation Scenario a client might want to access the services by using a SAML token that was issued to it by a STS. The service in turn might have to call other services (like a intermediary) to fulfill the request. When calling the backend service

Posted by govindr | 19 Comments

Filed under: Security, Message Security, WCF, SAML, Federation, dotnet, webservices

Attachment(s): ReSerializeSaml.zip

Wednesday, October 18, 2006 3:38 PM

Federation

As you are moving to Web Services world one of the buzz words that you will hear time and again is "Federation". This is simply a security scenario that involves 3 parties to secure a Message. The 3 parties in the scenario are, Client Security Token Service

Posted by govindr | 7 Comments

Filed under: Security, Message Security, WCF, Security Tokens, SAML, Federation, dotnet, webservices

Govind's WebLog

This Blog

Syndication

Search

Tags

Archives

Browse by Tags

Federation and Bearer Tokens

Re-Serialize SAML token

Federation