What is WS-Federation realm?
Part of the larger Web Services Security framework, WS-Federation defines mechanisms for allowing different security realms to broker information on identities, identity attributes and authentication.
What is WS-fed and WS-Trust?
WS-Trust used for Active apps, WS-Fed used for Passive & Web-browser apps and SAML-P used for Web-browser apps only.
What is WS-Federation in ADFS?
Web Services Federation (WS-Federation) is an identity specification from Web Services Security framework. Microsoft Active Directory Federation Services (ADFS) is one kind of implementation for WS-Federation. It implement the Passive Requestor Protocol to deal with web application access.
What is a WS-Federation passive endpoint?
WS-Federation Passive Requestor Profile is a Web Services specification – intended to work with the WS-Federation specification – which defines how identity, authentication and authorization mechanisms work across trust realms.
What does realm mean in SSO federation specification?
WS-Federation is an identity federation specification which makes it possible to setup a SSO federation including multiple security realms. A realm (sometimes also called domain) represents a single unit under security administration or a part in a trust relationship.
How is home realm Discovery performed in WS-Federation?
The WS-Federation standard does not define how the home realm discovery should be performed. Multiple options are usually available: A list of known and trusted IDPs is shown to the user. The user selects the IDP at which he wants to be authenticated and is then redirected to that IDP.
What do you need to know about WS-Federation?
WS-Federation, per the v1.0 spec, “defines mechanisms that are used to enable identity, account, attribute, authentication, and authorization federation across different trust realms” that was created by BEA, IBM, Microsoft, RSA Security and VeriSign. It has since been codified as an OASIS standard.
How to configure a WS-Federation provider for portals?
Under Redirect URI, select Web (if it isn’t already selected). Enter the Reply URL for your portal in the Redirect URI text box. If you’re using the default portal URL, copy and paste the Reply URL as shown in the Create and configure WS-Federation provider settings section on the Configure identity provider screen (step 6 above).