Claim-based authorization

The DCS message bus supports the WS-Trust protocol to authenticate user requests. The WS-Trust specification defines methods for issuing and validating security tokens, and provides support for implementing brokered authentication.

The Token Issuer Service provided with DCS implements a security token service (STS) that follows the WS-Trust specification. It can authenticate users and issue Secure Application Markup Language (SAML) tokens that contain authenticate claims. An administrator can configure the security policy for a DCS service to authenticate requests by using the Token Issuer Service provided with DCS, or by using a third-party STS. For more information, see the CCF 2009 SP1 DevelopmentGuide.