In the previous post, we have seen the service configuration of WCF federation. In this post, let us see the STS configuration.
In the STS’s configuration file, it is mentioned in <message> element.
<system.serviceModel>
<services>
<service name="Udooz.SecurityTokenService" behaviorConfiguration="stsBehavior">
<endpoint contract="Udooz.ISecurityTokenService"
binding="wsHttpBinding" bindingConfiguration="stsBinding"/>
</service>
</services>
<bindings>
<wsHttpBinding>
<binding name="stsBinding">
<security mode="Message">
<message clientCredentialType="UserName" />
</security>
</binding>
</wsHttpBinding>
</bindings>
The STS service contract is declared in Udooz.ISecurityTokenService and implementation is resided in Udooz.SecurityTokenService.
The message security mode is specified in <binding>..<wsHttpBinding>..<binding name=”stsBinding”>…<security>.
This is specified in the <serviceBehaviors> section named “stsBehavior”.
<behaviors>
<serviceBehaviors>
<behavior name="stsBehavior">
<serviceCredentials>
<userNameAuthentication
userNamePasswordValidationMode="Custom"
customUserNamePasswordValidatorType=
"UdoozCommonLib.STSUsernamePasswordValidator, UdoozCommonLib"/>
<serviceCertificate findValue="WCFServerKey"
x509FindType="FindBySubjectName"
storeLocation="LocalMachine" storeName="My" />
</serviceCredentials>
</behavior>
</serviceBehaviors>
</behaviors
The username-password authentication is done by UdoozCommonLib.STSUsernamePasswordValidator class in UdoozCommonLib assembly.
To be continued…
CodeProject
