The scenario I'm trying to support is this: A client website is redirecting to my website using a single sign on from their site. The client side has a STS that generates a SAML token for the authenticated user that gets passed to my website. My question is what is simplest and best way to validate this SAML token passed to my website? I'm hoping I can achieve this without needing an STS service on my end. I will likely be using .NET technologies. Any type of help or direction would really be appreciated. Thanks.
A:
While you mention that you're, "hoping I can achieve this without needing an STS service on my end" using an STS/Federation server is probably the easiest and fastest way to solve your problem.
If you'd like info on how to do this via either Active or Passive Requester Profile check out http://www.pingidentity.com/our-solutions/pingfederate.cfm
HTH -- Ian
Ian
2010-10-25 14:26:55