Stack Overflow
Stack Overflow

Questions tagged [passive-sts]

12 questions
8
votes
1 answer

Mixed Mode Federated authentication and Forms Authentication

I am trying to make a mixed mode authentication to be able to put some users on Federated authentications and others on Forms authentication. I am working with WIF, I set up my STS and everything is happy, when I am in federated mode by turning off…
Alaa Osta
  • 4,249
  • 6
  • 24
  • 28
3
votes
1 answer

How can I make a security token automatically expire in a passive STS setup?

I have a passive STS set up for a new application I'm working on. I've noticed that when a user's session expires, the user is still authenticated. I would have thought that when the session expires, the user would no longer be authenticated. My…
Vivian River
  • 31,198
  • 62
  • 198
  • 313
3
votes
2 answers

Why does web client require Passive STS when using WIF

I have a web application and would want it to be secured using a Custom STS using Windows Identity foundation 3.5. All examples have a passive STS in scene. Why is this needed? and What happens if you call the Active STS 9Custom written using WIF)…
chugh97
  • 9,602
  • 25
  • 89
  • 136
2
votes
0 answers

wso2 logout passive STS for App .net

I'm trying to logout from a .net application that uses passive sts, it is necessary to place a link to do a single logout. How can I configure for that?
Raybar
  • 53
  • 3
2
votes
0 answers

Where to send response when Passive STS 'wreply' does not exist

"wreply" is an optional parameter according to "WS-Federation: Passive Requestor Profile", and it defines the RP endpoint that handles the response. So, how could the STS decide to where the response should be sent when that parameter does not come…
drox
  • 7,523
  • 4
  • 23
  • 34
1
vote
2 answers

Windows Identity Foundation: How to get new security token in ASP.net

I'm writing an ASP.net application that uses Windows Identity Foundation. My ASP.net application uses claims-based authentication with passive redirection to a security token service. This means that when a user accesses the application, they are…
Vivian River
  • 31,198
  • 62
  • 198
  • 313
1
vote
0 answers

How to implement an active endpoint and passive STS with in one STS?

I have been struggling to find out how can I implement Active STS and Passive STS with in one STS. Well the requirement is that I need to allow the applications to have their own login pages but they should get authentication through Custom STS…
Aakif
  • 91
  • 2
  • 7
0
votes
1 answer

Specifying Required / Optional Claim Types in the Relying Party for a Passive STS

I have an asp.net application (relying party) that uses a passive STS for authentication and retrieval of claim values. The relying party is using the FederatedAuthenticationModule (FAM) to enable a passive redirect to the sts. I found…
mwilkes
  • 665
  • 1
  • 6
  • 14
0
votes
1 answer

Windows Identity Foundation Security Token Service setting cookie timeouts

I want to configure the timeout duration that is applied to the cookies that are created on relying party after a user logs in through the passive Security Token Service (STS). I believe I read somewhere this is defaulted to 14 minutes however I…
Chris Marisic
  • 32,487
  • 24
  • 164
  • 258
0
votes
1 answer

Sliding Expiration in ASP.NET web app using claims from STS

Two questions: 1) How/where do I set the lifetime of the session cookie in my web application when using an STS to get claims? From what I can tell, it seems I can only do this programmatically in the ServiceConfigurationCreated event. 2) How/where…
StsDude
  • 3
  • 3
0
votes
1 answer

IIS 7.5 What am I doing wrong?

In IIS 7.5 under Windows 7 Utilmate, I have an application which is configured for authentication as follows: Anonymous & Windows In the ASP.NET Website, I have turned Forms authentication and identity impersonate = true I also deny any anonymous…
chugh97
  • 9,602
  • 25
  • 89
  • 136
0
votes
1 answer

Passive STS to allow single sign-on for Silverlight app and a Classic ASP web site

Currently I am working on a LOB Silverlight application. Eventually, I need to implement a single sign-on for the new app and an old Classic ASP web app. Right now, the Silverlight App is secured using Forms Authentication through a custom…
RaviCha
  • 41
  • 5