EMI STS Documentation
Functional Description
The Security Token Service (STS) is a partial implementation of the OASIS WS-Trust specification.It is a service that can be used for transforming an existing security token into another security token format. Security token, on the other hand, is defined in the WS-Security specifications as a collection of claims that can be attached into a Web Service message.
The incoming token formats that are supported by EMI STS implementation include username and password that is validated against an LDAP directory, and SAML assertion. From these types of tokens, STS can issue an X.509 certificate or a proxy certificate containing the users' VO attributes.
The picture below describes the interaction between the components of the service. The big yellow box describes the STS: it is accessed with a SOAP client, and it aggregates the required information for the tokens from external parties (online CA and
VOMS services):
System Administrator Documentation
- System Administrator Guide:
Other Documentation
- Software Design Document:
- Service Interface Description:
- Nagios Probes Documentation:
Test and Certification Reports