{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 贼婆χ 的问题《WSO2 Identity Server + Rest STS Client (without ES》','https://www.manongdao.com/q-736610.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
Is below possible using WSO2 IS? I have gone through different WSO2 blogs. They are nice pointer. Still I need to advised on this.
Requirement- WSO2 Identity Server + Rest STS Client (without ESB)
- Users are managed on WSO2 Identity Server.
- STS Client use RestFul API to call WSO2 Identity Server's STS service for a) Get Security Token b)Validate Token c)cancel Issued Token d) renew Issued Token
- Retrieve user profile using a specific Security token.
Reference:
- https://web.cci.emory.edu/confluence/display/EmorySTS/Security+Token+Service+Client+API
- http://blog.facilelogin.com/2011/07/integrating-3-legged-oauth-with-xacml.html
- http://blog.facilelogin.com/2010/05/managing-users-and-roles-with-wso2.html
- http://blog.facilelogin.com/2009/05/security-token-service-with-wso2.html
- http://blog.facilelogin.com/2009/05/accessing-proxy-services-in-wso2-esb.html
- http://download.forgerock.org/downloads/openam/javadocs/9/com/sun/identity/wss/sts/TrustAuthorityClient.html
STS which is based on WS-Trust is for SOAP based services. But WSO2 Identity Server also implements another specification called Passive STS - which is wrapper of the WS-Trust functionality. PassiveSTS support in WSO2 Identity Server can be used as way to obtain a token for REST client.