Skip to main content

Metro Client to STS across domain trust

Please note these forums are being decommissioned and use the new and improved forums at
1 reply [Last post]
Joined: 2012-03-01

I have two STS, A and B. I have a service that's registered as a relying party on STS B. I can make requests for users in the domain of STS B to get a token and use it to make a request on my service.

My sample code for users looks like this:

DefaultSTSIssuedTokenConfiguration stsConfig = new DefaultSTSIssuedTokenConfiguration();
stsConfig.setSTSInfo(localSTS, locallSTSMex);
stsConfig.getOtherOptions().put(BindingProvider.USERNAME_PROPERTY, username);
stsConfig.getOtherOptions().put(BindingProvider.PASSWORD_PROPERTY, password);
stsConfig.getOtherOptions().put(STSIssuedTokenConfiguration.APPLIES_TO, realm);

STSIssuedTokenFeature feature = new STSIssuedTokenFeature(stsConfig);

Svc_Service client = new Svc_Service();
Svc port = client.serviceMethodPort(feature);

I am trying to do the same for users that will authenticate on STS A. I can't find any examples anywhere including the documentation that will allow me to cross the trust relationship, getting the token initially from STS A and using that to get a token from STS B for my service.

Any guidance is appreciated.


Reply viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.
Joined: 2012-03-01

Looking at

Section 4: brokering trust across domains
is exactly what I want to do. I am looking at getting the token for the service on the service domain sts manually...