To install click the Add extension button. That's it.

The source code for the WIKI 2 extension is being checked by specialists of the Mozilla Foundation, Google, and Apple. You could also do it yourself at any point in time.

4,5
Kelly Slayton
Congratulations on this excellent venture… what a great idea!
Alexander Grigorievskiy
I use WIKI 2 every day and almost forgot how the original Wikipedia looks like.
Live Statistics
English Articles
Improved in 24 Hours
Added in 24 Hours
What we do. Every page goes through several hundred of perfecting techniques; in live mode. Quite the same Wikipedia. Just better.
.
Leo
Newton
Brights
Milds

Security token service

From Wikipedia, the free encyclopedia

Security token service (STS) is a cross-platform open standard core component of the OASIS group's WS-Trust web services single sign-on infrastructure framework specification.cf.[1][2] Within that claims-based identity framework, a secure token service is responsible for issuing, validating, renewing and cancelling security tokens. The tokens issued by security token services can then be used to identify the holder of the token to services that adhere to the WS-Trust standard. Security token service provides the same functionality as OpenID, but unlike OpenID is not patent encumbered. Together with the rest of the WS-Trust standard, the security token service specification was initially developed by employees of IBM, Microsoft, Nortel and VeriSign.

In a typical usage scenario involving a web service that employs WS-Trust, when a client requests access to an application, the application does not authenticate the client directly (for instance, by validating the client's login credentials against an internal database).[3] Instead, the application redirects the client to a security token service, which in turn authenticates the client and grants it a security token. The token consists of a set of XML data records that include multiple elements regarding the identity and group membership of the client, as well as information regarding the lifetime of the token and the issuer of the token. The token is protected from manipulation with strong cryptography. The client then presents the token to an application to gain access to the resources provided by the application. This process is illustrated in the Security Assertion Markup Language (SAML) use case, demonstrating how single sign-on can be used to access web services.

Software that provides security token services is available from numerous vendors, including the open-source Apache CXF, as well as closed-source solutions from Oracle (for interfacing with authentication services backed by an Oracle Database) and Microsoft (where STS is a core component of Windows Identity Foundation and Active Directory Federation Services). While security token services are themselves typically offered as web services used in conjunction with other web services, software development kits (SDKs) for native applications (such as cloud-storage clients) also exist.[4]

YouTube Encyclopedic

  • 1/3
    Views:
    55 547
    23 017
    15 998
  • How Claims Based Authentication works
  • Using a Security Token Service with an ASP.NET Application | Pluralsight
  • Token Based Authentication

Transcription

See also

References

  1. ^ Nadalin, Anthony; Goodner, Marc; Turner, David; Barbir, Abbie; Ganquist, Hans, eds. (1 February 2008), "Security Token Service Framework", WS-Trust 1.4, Burlington, MA: OASIS.
  2. ^ "Security Token Service". Microsoft Developer Network. Retrieved 2014-05-15.
  3. ^ "WS-Trust Security Token Service - NetIQ Access Manager 5.0 Administration Guide". www.microfocus.com. Retrieved 2023-10-11.
  4. ^ "AWS Security Token Service". Amazon.com. 2011-06-05. Retrieved 2014-05-15.
This page was last edited on 11 October 2023, at 11:49
Basis of this page is in Wikipedia. Text is available under the CC BY-SA 3.0 Unported License. Non-text media are available under their specified licenses. Wikipedia® is a registered trademark of the Wikimedia Foundation, Inc. WIKI 2 is an independent company and has no affiliation with Wikimedia Foundation.