Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
So despite the warnings, I think I need to build a custom STS. We will support an arbitrary number of customers who provide identity information via SAML.
What is the best practice to store details on each IP? Most examples seem to store this info in the STS’s web.config. That seems like it wouldn’t scale real well.
Is there an obvious reason not to just store this stuff in a db and load it when the requests come in?
Fundamentally, if the Identity Providers will change over time, such as via some online administration function, rather than a new application deployment, it makes total sense to store the information in a database (or other Storage).
I think this is a potential issue for any multi-tenanted service that is federating identity with the customer.