StarterSTS v0.95 (for WIF RC)

I uploaded an interim release of the StarterSTS to codeplex.

This release is not fully tested – and is mainly available to provide compatibility with WIF RC. There are some new features – and I hope I have not introduced any regression bugs. Please contact me via the codeplex forum when you have questions.

Some new features:

  • added a simple HTTP and SOAP based endpoint to request token
  • added support to bridge OpenID logons to WS-Federation
    • you can specify a separate signing key for bridged authentication, so RPs can distinguish between native and bridged authentication
  • config changes to accomodate the various endpoints
    • WS-Trust (message security)
    • WS-Trust (mixed mode security)
    • simple HTTP
    • simple SOAP
    • OpenID bridge
    • WS-Federation metadata
  • did some refactoring to allow easier pluggability and customizations
    • retrieving certificates (CertificateProvider)
    • retrieving claims (ClaimsProvider)
    • analyzing an RST (PolicyOptions and PolicyScope)
    • validating the request against configured policy (PolicyValidator)
  • added optional confirmation screen after login
    • when enabled, the user has to confirm before StarterSTS issues the token
    • this is an additional countermeasure against one-click attacks

Have fun.

This entry was posted in IdentityModel. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s