Hi,
I would like to know if is possible to use the PicketLink STS to issue tokens for the IDP.
The idea is to centralize the token issuing using the STS and force the IDP to reuse that token, delegating the user authentication and token issuing to the STS . Looking into the sources i think that the IDP always creates a assertion even if the STS Login Modules(STSIssuingLoginModule, for example) provided by the PicketLink STS API are used.
Is this also a good approach ?
Thanks,
Pedro Igor
PicketLink IDP uses the PicketLink STS to generate the tokens. Our token generation is centralized.