Previous Topic: Meet the STS PrerequisitesNext Topic: Install the STS

Single Sign-On ServiceSSO Getting Started GuideHow to Set Up the Security Token ServiceDefine the STS Web Service

Define the STS Web Service

After you have verified that all the prerequisites are met, you can create the STS web service. The steps that are listed following are the minimum required.

Follow these steps:

  1. Log in to the CSP Console.
  2. Navigate to Web Services, Create STS Web Service.
  3. Enter the name and an optional description in the General section.
  4. Click the Add/Remove button in the User Directories section.
  5. Verify that the user directories you are interested in appear in the Selected Members panel.
  6. Click OK.
  7. Click the Add button in the Authentication and Token Generation section
  8. Enter a name for the end point and an optional description in the General section. The description appears in the WSDL file and best includes information about the SOA authentication scheme.
  9. Select a SOA authentication scheme from the list. You are responsible for defining one or more SOA authentication schemes.
  10. Select a response for one or more of the supported token types. You are responsible for defining the responses. You define the responses in the Policies, Global, Global Responses dialog.
  11. Click OK.
  12. Enter optional specifications for the Web Service Definition, Relying Party, and Session sections.

    Note: If you plan to sign RSTR responses (the default behavior), be sure that you choose a signing certificate in the STS UI. Alternatively, you can add a private key/certificate combination named defaultenterpriseprivatekey to the keystore.

  13. Click Submit.

The STS web service is ready for installation and configuration.