Security Token Service (STS)

Eintrag zuletzt aktualisiert am: 29.11.2010

Ein Security Token Service (STS) ist eine Authentifizierungsstelle, die mit Claims arbeitet. Es gibt vordefinierte STS (z.B. Active Directory Federation Services (AD FS) 2.0) oder man kann mit Windows Identity Foundation (WIF) selbst einen STS erstellen.

"A security token service (STS) is the service component that builds, signs, and issues security tokens according to the WS-Trust and WS-Federation protocols. There’s a lot of work that goes into implementing these protocols, but WIF does all of this work for you, making it feasible for someone who isn’t an expert in the protocols to get an STS up and running with very little effort. You can use a cloud STS such as a LiveID STS, a pre-built STS such as Active Directory® Federation Services (AD FS) 2.0, or, if you want to issue custom tokens or provide custom authentication or authorization, you can build your own custom STS using WIF. WIF makes it easy to build your own STS." (http://msdn.microsoft.com/en-us/library/ee748484.aspx)