![Close [x]](http://dw1.s81c.com/i/c.gif){kind=small}
The WS-Federation specification defines an integrated model for federating identity, authentication and authorization across different trust realms and protocols. This specification defines how the WS-Federation model is applied to passive requestors such as Web browsers that support the HTTP protocol.
For the passive mechanisms to work seamlessly with WS-Federation, and provide a single or reduced sign-on, there needs to be a service that will verify that the claimed requestor is really the requestor. Initial verification MUST occur in a secure fashion, for example, using SSL/TLS or HTTP/S.
| Description | Date | Access method |
|---|---|---|
| WS-Federation: Passive Requestor Profile specification (PDF, 786 KB) | July 2003 | HTTP download |
If you would like to contribute technical comments on this specification, please do so through our Feedback page.
-
Web Services Federation Language defines mechanisms to allow different security realms to federate by allowing and brokering trust of identities, attributes, authentication between participating Web services.
-
Federation in a Web services world describes the issues around federated identity management and a comprehensive solution based on the Web services model as outlined in the WS-Security roadmap.
-
Web Services Federation Active Requestor Profile defines mechanisms for requesting, exchanging and issuing security tokens within the context of active requestors.
- Read "Security in a Web services World" for a proposed strategy for addressing security within a Web service environment (developerWorks, April 2002).