Pablo Cibraro wrote:
I looked into this today, and fortunately a patch is not required.
You need to modify the following setting in the Passive STS
web.config file,
<add key="EncryptingCertificateName" value="" />
If you specify a blank value in that setting, the passive STS will
not encrypt the issue token.
True but it's not enough. You have to change the trader client as well
to work with an unencrypted token. I created a small patch that removes
this. Didn't straightaway commit 'cos wanted to get the green light from
you. So, created a JIRA and attached the patch there -
https://issues.apache.org/jira/browse/STONEHENGE-105
I tested this with .Net trader client after authenticating against .Net
passive STS as well as Identity Server passive STS and everything work
without an error. May be a good idea if someone can test this on their
setup.
Bye,
-Chintana
--
http://engwar.com
