StarterSTS Documentation

Windows Identitity Foundation configuration (wif.config)

This is a standard WIF configuration section and configures aspects of the WS-Trust endpoints.

Some remarks

• This configuration replaces two security token handlers. MembershipUserNameSecurityHandler authenticates username/password requests against the specified membership provider. MappedX509SecurityTokenHandler authenticates client certificate requests against the user to certificate mapping mechanism.
• The issuerNameRegistry section specifies which X509 issuer are considered trusted. This is used for WS-Trust based client certificate authentication. You either have to specify all thumbprints of all trusted issuers, or accept all issuers by switching to another registry, e.g. the SimpleIssuerNameRegistry.