...
The interaction between a client who wants to access a service and the STS is given in the example below.
- Client wants to access service A.
- Service A requests a security token with the clients name and age to grant him access.
- The the client requests a security token from the STS.
- The STS requests the client to validate his identity via username token.
- The client provides his username/password.
- The STS recognizes the client and provides a token.
- The client presents the security token to the service and gains access to it.
...
Once a client sends the RST to the STS, the STS first checks the authenticity of the requester by validating the request against the defined security policy of the STS. It then starts preparing the security token (Request Security Token Response). The STS includes all the requested claims and signs the token with its private key . It then finds the public certificate of the service to which this token will be sent by the client and encrypts the token with the certificate. The encrypted security token is opaque to the client.
STS in the WSO2
...
Data Services Server
The security token service offered by WSO2 is wso2carbon-sts. You can find this by default in the Deployed Services window of the Data Services Server.
Follow the instructions below to configure the STS service of the WSO2 Data Services Server.
1. Log on to the Data Services Server Management Console.
...