The Federation Scenario

In the WSFederationHttpBinding scenario, the client authenticates against the STS (Security Token Service) to obtain a token. The client uses the token to authenticate against the application server.

Therefore, two bindings are needed, one against the STS and another against the application server.

First, use the Security Scenario editor to define an STS binding. For more information, see Create and Manage Security Scenarios. When setting the binding against the application server, specify this file in the Referenced file box.

For the Federation scenario, specify the following server information:

  • Transport. HTTP or HTTPS

  • Encoding. Text or MTOM

For the Federation scenario, specify the following security information:

  • Authentication mode. IssuedToken, IssuedTokenForCertificate, IssuedTokenForSslNegotiated, IssuedTokenOverTransport, or SecureConversation

  • Bootstrap policy. IssuedToken, IssuedTokenForCertificate, IssuedTokenForSslNegotiated, or IssuedTokenOverTransport

For the Federation scenario, specify the following identity information:

  • Server certificate. Browse for a server certificate. For more information, see the Select Certificate Dialog Box.

  • Expected server DNS. the expected identity of the server in terms of its DNS. This can be localhost or an IP address or server name.

For the Federation scenario, specify the following STS (Security Token Service) information:

  • Issuer address. The address of the issuer of the STS. This can be localhost, an IP address, or a server name.

  • Referenced binding. The file that references the binding that contacts the STS (Security Token Service)