I’ve recently taken a new and challenging role delivering SharePoint 2010 solutions (among other things). Some of the requirements I’ve been looking at have required a close look at windows identity foundation (WIF). Its a great framework – maybe a bit overwhelming to start with – but definitely rewarding in the end!
To this end I’ve been looking at delivering a cusom security token service (STS) that can be used by SharePoint 2010, that is built using WIF….enter thinktecture Identity Server (http://identityserver.codeplex.com/). This is a really great codeplex project that delivers a functioning actiove / passive sts. I’ve really only scratched the surface, but I’ll write again when I get more into it.
The second really helpful thing was a couple of blog posts by Brian Cartmel, on his SharePoint blog. The first post describes how to get SharePoint 2010 working with the thinktecture identity server, the second explains how to add extra claims to sharepoint using powershell. They’re a couple of excellent posts – I cant recommend them enough:
Part 1: http://sharepintblog.com/2011/10/23/sharepoint-claims-based-authentication-with-thinktecture-identity-server-walkthrough/#comment-141
Part 2: http://sharepintblog.com/2011/10/26/adding-additional-claims-to-a-trusted-identity-token-issuer/#comment-142
There were a couple of things to watch out for – i.e. addressing the ProviderUri to …/issue/wsfed rather than …/account/signin and a requires ssl change. But all in all they get the job done! A bug thankyou to the thinktecture team and Brian Cartmel!