The code example that is used in this topic is taken from the Custom Token sample. This sample provides custom classes that enable processing of Simple Web Tokens (SWT), and it includes an implementation of a passive STS that is capable of serving an SWT token. For information about this sample and other samples available for WIF and about where to download them, see WIF Code Sample Index. The following code shows how to invoke a custom passive STS to process a WS-Federation request by calling the ProcessRequest(HttpRequest, ClaimsPrincipal, SecurityTokenService, HttpResponse) method from the code behind in the default.aspx.cs file.
public partial class _Default : System.Web.UI.Page
/// We perform the WS-Federation Passive Protocol processing in this method.
protected void Page_PreRender( object sender, EventArgs e )
FederatedPassiveSecurityTokenServiceOperations.ProcessRequest( Request, User as ClaimsPrincipal, CustomSecurityTokenServiceConfiguration.Current.CreateSecurityTokenService(), Response );
When implementing a passive security token service (STS), call the static methods exposed by this class from your code-behind to invoke an instance of your custom STS to process an incoming WS-Federation request message. You implement a custom STS by deriving from the SecurityTokenService class.