Integrating Web Client With a Custom Security Token Service (STS) Component

An administrator can integrate a custom STS component with Web Client. In this framework, the user does not view the default login page. A different login page is displayed. The new page is created by the organization implementing the custom STS component.

In this implementation of a custom STS component, the relying party or the claims aware application is Web Client. This means that Web Client consumes tokens released by the STS and processes claims from these tokens to authenticate the identity of the logged in user.

Important

Only users whose Security Type in Business Administrator is set as Custom Security can log on to CampusNexus CRM when it is integrated with a custom STS component.

Integration Guidelines With a Custom STS Server

1. The certificate that is consumed by Web Client must be identical to the certificate of the STS component.

a. Navigate to the following code in the Web.config files of Web Client:

<system.identityModel>

</audienceUris>

</trustedIssuers>

</issuerNameRegistry>

</identityConfiguration>

</system.identityModel>

b. From the certificate, copy the value of the thumbprint and paste it within quotation marks. By default, the thumbprint parameter in the Web.config files is blank.

c. Save and close both Web.config files.

2. The following URL is indicative of the claim type that is sent from the STS component to CampusNexus CRM:

http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name

Ensure that the value of this claim is identical to the value that is set in the Login name field in Business Administrator.

3. Ensure that libraries in Web Client that interpret tokens sent from the STS component are based on the Windows Identity Framework (WIF).