问题描述

我已经成功安装了一个连接到我公司内部各种属性源的自定义STS（基于Geneva SDK Beta 1）。到目前为止，我工作得很好。此STS仅供支持Cardpace的客户端使用，可访问各种RP。

我们的合作伙伴之一也建立了自己的STS。我们现在想做的是在我们的两个STS之间建立一个联盟。我们希望我们的STS接受来自合作伙伴STS的SAML断言。事实上，我们希望完全按照此处的描述进行操作：http：//www.microsoft.com/downloads/details.aspx？FamilyID = 9ca5c685-3172-4d8f-81cb-1a59bdc9f7e3& displaylang = en，在"介绍"中日内瓦Beta 1白皮书"，图11，其中来自企业X的STS和来自企业Y的STS是联合的（第18页）。

到目前为止，我已经想到：
我们会是企业X（RP + STS或RP-STS）
＃我们的合作伙伴是企业Y
我正在寻找有关如何具体实施这种情况的技术信息。我需要对自定义STS进行哪些更改才能与我们的合作伙伴的STS建立联盟？
在此页面上http://www.microsoft.com/downloads/details.aspx?displaylang=en& FAMILYID = 57602615-e1ee-4775-8b79-367b7007e178&安培;散列= lx93GRzrV4Wbcq6G7Wddz9csg％2f3Lqg96vdvGYZ％2b1LR0R63fthefRdtQ1vLwbHFaQgkkA9X71er％2fDHoW％2bi2sWDA％3D％3D，有一种叫做GenevaServerFederatedCollaboration-SBS-指南.pdf指南，其中描述了如何做，与Contoso的/ Fabrikam的例子。问题是这个例子使用了一个日内瓦服务器（如果我理解的话，最近改名为ADFS 2.0），带有UI和所有内容：我没有日内瓦服务器，我有一个基于日内瓦SDK的自定义STS，所以我不喜欢"我真的知道什么是"手动配置"我应该这样做。

我注意到网上有很多代码/样本来解释联合，但通常它基于被动联合而不是主动联合，很少使用Cardspace。

任何人都可以向我提供有关如何配置STS以便与我们的合作伙伴的STS建立联盟的任何提示/建议吗？

提前致谢，祝各位光临， />是Mfenetre

Hi,

I have successfully installed a custom STS (based on Geneva SDK Beta 1) connected to various attributes sources inside my company. So far, i's working great. This STS is only used by Cardspace-enabled clients, accessing various RPs.

One of our partners has set up its own STS too. What we would like to do now is to establish a federation between our two STS. We want our STS to accept SAML assertions from our partner's STS. In fact, we would like to do exactly what's described here : http://www.microsoft.com/downloads/details.aspx?FamilyID=9ca5c685-3172-4d8f-81cb-1a59bdc9f7e3&displaylang=en, in the "Introducing Geneva Beta 1  Whitepaper", figure 11, where STS from enterprise X and STS from enterprise Y are federated (page 18).

So far, I've figured that:
# We would be Enterprise X (a RP + a STS or RP-STS)
# Our partner would be Enterprise Y

I'm looking for technical information on how to concretly implement this scenario. What changes do I need to do on our custom STS to enable federation with our partner's STS ?

On this page http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=57602615-e1ee-4775-8b79-367b7007e178&hash=lx93GRzrV4Wbcq6G7Wddz9csg%2f3Lqg96vdvGYZ%2b1LR0R63fthefRdtQ1vLwbHFaQgkkA9X71er%2fDHoW%2bi2sWDA%3d%3d, there is a guide called GenevaServerFederatedCollaboration-SBS-Guide.pdf, which describes how to do that with the Contoso/Fabrikam example. The problem is that this example uses a Geneva Server (recently renamed ADFS 2.0 if I understood correctly), with a UI and everything: I don't have a Geneva Server, I have a custom STS based on the Geneva SDK, so I don't really know what "manual configuration" I should do.

I've noticed a lot of code/samples on the web explaining federation, but very often it's based on passive federation instead of active federation and very rarely is Cardspace used.

Can anyone give me any tips/advices on how I should configure my STS to enable the federation with our partner's STS ?

Thanks in advance,
Best regards,

Mfenetre

这篇关于基于Geneva Beta 1（+ Cardspace）的自定义STS的主动联合的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！