In future blog posts I will document the features of the STS and how to configure it, as well as walk through some system tests. Here are some of the features and standards that the new STS supports:
- WS-Trust 1.3/1.4
- WS-SecurityPolicy 1.3
- Authentication Mechanisms for a RST: UsernameToken, SAML token (1.1/2.0), KerberosToken, X.509 Token.
- Security Binding supported: Symmetric, Asymmetric, Transport
- Supports WS-Trust Issue/Validate and Cancel binding
- Can issue the following tokens: SAML 1.1/2.0 Holder-Of-Key/Bearer, SecurityContextTokens, Custom Tokens.
- Issued token can be encrypted
- Validate binding supports issuing a new token (token transformation).
- Custom Validators can be implemented
- Creation of SAML tokens can be customized.
- Advanced RST elements: KeyType (Public, Symmetric, Bearer), Entropy (Symmetric, Public) , OnBehalfOf, ActAs, Claims, SecondaryParameters
- Pluggable claims handling and management
No comments:
Post a Comment