I agree with Nick on this. It makes much more sense to have the trader client application in the Broker security domain. The bank (The passive STS) is only authenticating the clients. We do not have a client application for the bank itself.
Regards, Pablo. -----Original Message----- From: Ben Dewey [mailto:[email protected]] Sent: Thursday, December 10, 2009 2:12 PM To: [email protected] Subject: RE: StockTrader Sample Documentation Updates > Nick Wrote: > Those statements were based off the diagram at the bottom of the second page > of the spec attached to STONEHENGE-73 [1]. Am I misreading that? I'd like to have Pablo's take on it. Is the scenario setup for a Brokerage Firms Web Site/Services and a Bank PassiveSTS? Seems to me that the diagram on p2 of [1] is incorrect, the website should be part of the brokerage firm. -Ben Dewey [1] http://issues.apache.org/jira/secure/attachment/12412416/Changes+to+Apache+Stonehenge+to+Support+Claims+Based+Security.pdf
