I'm going to be working on a project soon where I'd like to use the up-and-coming Windows Identity Foundation Framework (WIFX) to create a Security Token Service (STS) that can issue SAML 2.0 tokens for a WCF Client. In order to follow the required standards for this project, those SAML 2.0 tokens must contain a few specific SAML Attribute Statements (in the Assertion within the Token) that show the user's role at the organization and some other properties of the user.

Will this be relatively easy to accomplish using WIFX/Geneva? Are there any examples published that demonstrate how to do this in the current WIFX/Geneva Beta?

So far in my research for this project, I've found some examples (e.g. the SAML Token example posted on MSDN ) but I would not consider those examples "easily" extended to adding my own arbitrary SAML Attribute Statements to the assertion issued by the STS.

I'm just hoping WIFX can help with this and make my life easier! :)

Thanks.

After reading a bunch of Geneva documentation (including the mysterious "Geneva Whitepaper"), it seems that developing an STS is going to be made easier by Geneva but I have not been able to find any examples of developing such an STS.

Are there any such examples out there yet?

See for example: http://msdn.microsoft.com/en-us/magazine/dd347547.aspx or http://www.leastprivilege.com/ThinktectureSecurityTokenServiceStarterKit.aspx

HTH
Pedro Felix

---

http://pfelix.wordpress.com