Getting WIF to work with OpenSSO as STS

Question

Hi gang,

Using OpenSSO as an identity provider, what should I do (i.e. with FedUtil.exe) to configure my .NET relying party so that it will do the STS dance?

I've gotten OpenSSO's WS-Trust client samples running, so I think OSSO's in a good state and ready for the next step.

I'm at the FedUtil.exe's "Use an existing STS" wall. Where do I get the STS WS-Federation metadata document for OpenSSO? I've tried:

• the.osso.server:port/opensso/sts
• the.osso.server:port/opensso/sts?wsdl
• the.osso.server:port/opensso/sts/mex
• the.osso.server:port/opensso/sts/mex?wsdl
• the.osso.server:port/opensso/sts/soap11
• the.osso.server:port/opensso/sts/soap11?wsdl

with no luck.

Thanks for your help,

Tyler

Answer 1

Hi Tyler,

I've got the same scenario, but with the difference I can't get the OpenSSO's WS-Trust client samples running. How did you manage to get the samples running, are you using the stockquote sample?

Br,

Sarris

Answer 2

Hi Sarris,

Since then, we abandoned OpenSSO and went with WIF and ADFS 2.0. That being said, I've left the company and am not working on this anymore. Here's what I can remember from back then:

• it was the stockquote sample
• I did hit some bumps along the way while following the sample instructions
• I remember there being some issue with the request URIs.. when I was testing, I was going to the wrong page
• there were also some certificate issues.. :-(

I'm sorry I couldn't remember more... Another resource that might be helpful for you is the Apache "Stonehenge" project. It is an open-source multi-stack/platform reference implementation of an N-Tiered system specifically designed for interoperability testing. Here's a link to get you going:

https://cwiki.apache.org/STONEHENGE/

I wish you the best,

Tyler