I uploaded an interim release of the StarterSTS to codeplex.

This release is not fully tested – and is mainly available to provide compatibility with WIF RC. There are some new features – and I hope I have not introduced any regression bugs. Please contact me via the codeplex forum when you have questions.

Some new features:

• added a simple HTTP and SOAP based endpoint to request token
• added support to bridge OpenID logons to WS-Federation
• you can specify a separate signing key for bridged authentication, so RPs can distinguish between native and bridged authentication
• config changes to accomodate the various endpoints
• WS-Trust (message security)
• WS-Trust (mixed mode security)
• simple HTTP
• simple SOAP
• OpenID bridge
• WS-Federation metadata
• did some refactoring to allow easier pluggability and customizations
• retrieving certificates (CertificateProvider)
• retrieving claims (ClaimsProvider)
• analyzing an RST (PolicyOptions and PolicyScope)
• validating the request against configured policy (PolicyValidator)
• added optional confirmation screen after login
• when enabled, the user has to confirm before StarterSTS issues the token
• this is an additional countermeasure against one-click attacks

Have fun.