Why does web client require Passive STS when using WIF

Question

Why does web client require Passive STS when using WIF

I have a web application and want it to be protected using custom STS using Windows Identity foundation 3.5. All examples have passive STS in the scene. Why is this necessary? and what happens if you call Active STS 9Custom, written using WIF) directly?

+3

wif sts-securitytokenservice

chugh97 May 6, '10 at 13:35

source share

2 answers

The simplest example is to create a web application in Visual Studio and then run the Add STS Reference wizard (which is enabled if you install the WIF SDK). You do this by right-clicking the web project.

-, STS " ".

"" "" - . : "" - "" , WS-Trust, , STS.

STS- (, ADFS). , .

, : http://msdn.microsoft.com/en-us/library/ff423674.aspx

Eugenio

+1

Eugenio Pace 25 '10 14:44

Daria Barteneva · Accepted Answer · 2010-05-07T14:39:45+0000

Usually you use passive federation for a web application because web clients cannot throw the proper SOAP, so you got the passive request label, while anything that could create the proper SOAP got the Active Requestor label and can Use Active Federation without a problem. There are luck samples of this on the Internet, but check out the Vittorio Bertocci blog for great articles on active and passive federation.

Why does web client require Passive STS when using WIF

More articles: