Export (0) Print
Expand All

1.1 Glossary

The following terms are defined in [MS-GLOS]:

Active Directory

The following terms are specific to this document:

Claim: A declaration made by an entity (for example, name, identity, key, group, privilege, and capability). For more information, see [WSFedPRP] sections 1.4 and 2.

Relying Party: A web application or service that consumes security token issued by an STS.

Security Realm: Represents a single unit of security administration or trust (for example, a Kerberos realm, as defined in [RFC4120], or a Windows domain, as defined in [MSFT-ADC]).

Security Token: Represents a collection of one or more claims.

Security Token Service (STS): A web service that issues security tokens. That is, it makes assertions based on evidence that it trusts for consumption by whoever trusts it. For more information, see [WSFedPRP] sections 1.4 and 2. For this protocol, STS refers to services that support (either directly or via a front-end) the HTTP protocol defined in this specification.

web browser requester: An HTTP 1.1 web browser client that transmits protocol messages between an STS and a relying party.

web service (WS) resource: A destination HTTP 1.1 web application or an HTTP 1.1 resource serviced by the application. In the context of this protocol, it refers to the application or manager of the resource that receives identity information and assertions issued by an STS using this protocol. The WS resource is a relying party in the context of this protocol. For more information, see [WSFedPRP] sections 1.4 and 2.

MAY, SHOULD, MUST, SHOULD NOT, MUST NOT: These terms (in all caps) are used as described in [RFC2119]. All statements of optional behavior use either MAY, SHOULD, or SHOULD NOT.

© 2014 Microsoft