Project DescriptionStarterSTS is a compact, easy to use security token service that is completely based on the ASP.NET provider infrastructure. It is built using the Windows Identity Foundation and supports WS-Federation., WS-Trust, REST, OpenId and Information Cards.
DisclaimerThough you could use StarterSTS directly as a production STS, be aware that this was not the design goal.
StarterSTS did not go through the same testing or quality assurance process as a "real" product like ADFS2 did. StarterSTS is also lacking all kinds of enterprisy features like configuration services, proxy support or operations integration. The main goal of StarterSTS is to give you a learning tool for building non-trivial security token services. Another common scenario is to use StarterSTS in a development environment.
High level features
- Active and passive security token service
- Supports WS-Federation, WS-Trust, REST, OpenId, SAML 1.1/2.0 tokens and Information Cards
- Supports username/password and client certificate authentication
- Based on standard ASP.NET membership, roles and profile infrastructure
- Control over security policy (SSL, encryption, SOAP security) without having to touch WIF/WCF configuration directly
- Automatic generation of WS-Federation metadata for federating with relying parties and other STSes
Documentationhttp://identity.thinktecture.com/stsce/docs/ScreencastsInitial Setup & ConfigurationFederating your 1st Web AppFederating your 1st Web Service Single-Sign-OnUsing the REST Endpoint Using the OpenId Bridge TracingUsing Client CertificatesUsing Information CardsMy Bloghttp://www.leastprivilege.com