Tag Archives: STS

My first glimpse at OAuth 2.0.

So what is this OAuth?  This is what wikipedia says: OAuth is an open standard for authorization, commonly used as a way for Internet users to authorize websites or applications to access their information on other websites but without giving them the passwords.[1] This mechanism is used by companies such as Google, Facebook, Microsoft and… Read More »

WIF Tracing \ Troubleshooting

I was having some issues today with a WS Federation implementation using a passive STS. I was logging onto the STS but when the browser redirected back to the client after a login, the client rejected the token and redirected me back to the STS again. There was no error message and after searching online… Read More »

Creating your own Active STS

The following example uses an active security token service (A-STS) that issues tokens using the WS-Trust standard. The type of STS discussed in this post is called a Active STS OR A-STS, it refers to the client that is actively in control of its own authenticated state. This client will typically have its own login window build into the… Read More »