securitytokenservice

Rampart STS Client and UsernameToken

I have a rampart STS Client whose policy looks like this <sp:SignedSupportingTokens xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"&gt; <wsp:Policy> <sp:UsernameToken sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient"/&gt; </sp:UsernameToken> </wsp:Polic...

Configure Active Relying Party STS to Trust Multiple Identity Provider STSes

I am struggling with the configuration for the scenario below. I have a custom WCF/WIF STS (RP-STS) that provides security tokens to my WCF services RP-STS is an "Active" STS RP-STS acts as a claims transformation STS RP-STS trusts tokens from many customer-specific identity provider STSes (IdP-STS) When a WCF Client connects to a ser...

Windows Identity Foundation Security Token Service can't stay logged in

I'm using the Windows Identity Foundation (WIF) Security Token Service (STS) to handle authentication for my application which is working all well and good. However I can't seem to get any long running login with the STS. From my understanding I shouldn't care about the client tokens at the application level since they can expire all th...

Windows Identity Foundation Security Token Service setting cookie timeouts

I want to configure the timeout duration that is applied to the cookies that are created on relying party after a user logs in through the passive Security Token Service (STS). I believe I read somewhere this is defaulted to 14 minutes however I can't find where I read this any longer. I would like to up this to a more reasonable 35 mi...