Versions Compared

Old Version 1

changes.mady.by.user Former user

Saved on

compared with

New Version Current

changes.mady.by.user Former user

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

WSO2 Identity Server's passive security token service (Passive STS) is used as the WS-Federation implementation. 

Configuring passive STS

  1. See here for details on adding a service provider. 
  2. Expand the Inbound Authentication Configuration followed by the WS-Federation (Passive) Configuration section and provide the following values. See Configuring WS-Federation (Passive) or OpenID for more information. 

      • Passive STS Realm - 

        Multiexcerpt
        MultiExcerptNamePassiveSTSRealm

        This uniquely identifies the web app. Provide the same realm name given to the web app you are configuring WS-Federation for.

      • Passive STS WReply URL - 

        Multiexcerpt
        MultiExcerptNamePassiveSTSWReplyURL

        Provide the URL of the web app you are configuring WS-Federation for.  This endpoint URL handles the token response. 

        Tip
        titleTip

        If you want to configure an expiration time for the security token, you need to add the following configuration in the <IS_HOME>/repository/conf/carbon.xml file, under the <Server> element:

        Code Block
        <STSTimeToLive>1800000</STSTimeToLive>

        Here, the expiration time should be specified in milliseconds.


    Image Added
  3. Expand the Claim Configuration section and map the relevant claims. See Configuring Claims for a Service Provider for more information. 
  4. Click Update to save changes. 
Panel
titleRelated Topics