.\" Copyright (c) 2003-2012
.\" Distributed Systems Software.  All rights reserved.
.\" See the file LICENSE for redistribution information.
.\" $Id: copyright-nr 2564 2012-03-02 00:17:08Z brachman $
'\" t
.\"     Title: dacs_sts
.\"    Author: [see the "AUTHOR" section]
.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/>
.\"      Date: 02/19/2019
.\"    Manual: DACS Web Services Manual
.\"    Source: DACS 1.4.40
.\"  Language: English
.\"
.TH "DACS_STS" "8" "02/19/2019" "DACS 1.4.40" "DACS Web Services Manual"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.\" http://bugs.debian.org/507673
.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html
.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.ie \n(.g .ds Aq \(aq
.el       .ds Aq '
.\" -----------------------------------------------------------------
.\" * set default formatting
.\" -----------------------------------------------------------------
.\" disable hyphenation
.nh
.\" disable justification (adjust text to left margin only)
.ad l
.\" -----------------------------------------------------------------
.\" * MAIN CONTENT STARTS HERE *
.\" -----------------------------------------------------------------
.SH "NAME"
dacs_sts \- Secure Token Service for managed Information Cards
.SH "SYNOPSIS"
.HP \w'\fBdacs_sts\fR\ 'u
\fBdacs_sts\fR [\fI\m[blue]\fBdacsoptions\fR\m[]\&\s-2\u[1]\d\s+2\fR]
.SH "DESCRIPTION"
.PP
This program is part of the
\fBDACS\fR
suite\&.
.PP
The
\fBdacs_sts\fR
web service is the Secure Token Service for
\fBDACS\*(Aqs\fR
managed Information Cards\&.
.PP
Refer to
\m[blue]\fBdacs_managed_infocard(8)\fR\m[]\&\s-2\u[2]\d\s+2
for additional information\&.
.if n \{\
.sp
.\}
.RS 4
.it 1 an-trap
.nr an-no-space-flag 1
.nr an-break-flag 1
.br
.ps +1
\fBSecurity\fR
.ps -1
.br
.PP
Depending on the application, consider adding a custom access control rule for
\fBdacs_sts\fR
(e\&.g\&., to limit access to a particular host or subnet, or even certain identities)\&.
.sp .5v
.RE
.SS "Configuration"
.PP
The following configuration variables are available:
.PP
\fIinfocard_sts_password\fR
.RS 4
For managed InfoCards generated with a
\m[blue]\fBINFOCARD_STS_AUTH_TYPE\fR\m[]\&\s-2\u[3]\d\s+2
of "passwd" and an
\m[blue]\fBINFOCARD_STS_PASSWORD_METHOD\fR\m[]\&\s-2\u[4]\d\s+2
of "sts", this is the global user password that must be provided\&. Changing this password affects
\fIall\fR
managed InfoCard accounts\&.
.RE
.SH "OPTIONS"
.SS "Web Service Arguments"
.PP
None\&.
.SH "DIAGNOSTICS"
.PP
The program exits
0
if everything was fine,
1
if an error occurred\&.
.SH "BUGS"
.PP
Secure token replay detection is not yet implemented\&.
.PP
As this is a relatively new and complicated feature, please test carefully\&.
.SH "SEE ALSO"
.PP
\m[blue]\fBdacsinfocard(1)\fR\m[]\&\s-2\u[5]\d\s+2,
\m[blue]\fBdacs\&.conf(5)\fR\m[]\&\s-2\u[6]\d\s+2,
\m[blue]\fBdacs_authenticate(8)\fR\m[]\&\s-2\u[7]\d\s+2,
\m[blue]\fBdacs_infocard(8)\fR\m[]\&\s-2\u[8]\d\s+2,
\m[blue]\fBdacs_managed_infocard(8)\fR\m[]\&\s-2\u[2]\d\s+2,
\m[blue]\fBdacs_mex(8)\fR\m[]\&\s-2\u[9]\d\s+2,
\m[blue]\fBUsing InfoCards With DACS\fR\m[]\&\s-2\u[10]\d\s+2
.SH "AUTHOR"
.PP
Distributed Systems Software (\m[blue]\fBwww\&.dss\&.ca\fR\m[]\&\s-2\u[11]\d\s+2)
.SH "COPYING"
.PP
Copyright \(co 2003\-2012 Distributed Systems Software\&. See the
\m[blue]\fBLICENSE\fR\m[]\&\s-2\u[12]\d\s+2
file that accompanies the distribution for licensing information\&.
.SH "NOTES"
.IP " 1." 4
dacsoptions
.RS 4
\%http://dacs.dss.ca/man/dacs.1.html#dacsoptions
.RE
.IP " 2." 4
dacs_managed_infocard(8)
.RS 4
\%http://dacs.dss.ca/man/dacs_managed_infocard.8.html
.RE
.IP " 3." 4
INFOCARD_STS_AUTH_TYPE
.RS 4
\%http://dacs.dss.ca/man/dacs.conf.5.html#INFOCARD_STS_AUTH_TYPE
.RE
.IP " 4." 4
INFOCARD_STS_PASSWORD_METHOD
.RS 4
\%http://dacs.dss.ca/man/dacs.conf.5.html#INFOCARD_STS_PASSWORD_METHOD
.RE
.IP " 5." 4
dacsinfocard(1)
.RS 4
\%http://dacs.dss.ca/man/dacsinfocard.1.html
.RE
.IP " 6." 4
dacs.conf(5)
.RS 4
\%http://dacs.dss.ca/man/dacs.conf.5.html
.RE
.IP " 7." 4
dacs_authenticate(8)
.RS 4
\%http://dacs.dss.ca/man/dacs_authenticate.8.html
.RE
.IP " 8." 4
dacs_infocard(8)
.RS 4
\%http://dacs.dss.ca/man/dacs_infocard.8.html
.RE
.IP " 9." 4
dacs_mex(8)
.RS 4
\%http://dacs.dss.ca/man/dacs_mex.8.html
.RE
.IP "10." 4
Using InfoCards With DACS
.RS 4
\%http://dacs.dss.ca/man/using-infocards-with-dacs.html
.RE
.IP "11." 4
www.dss.ca
.RS 4
\%http://www.dss.ca
.RE
.IP "12." 4
LICENSE
.RS 4
\%http://dacs.dss.ca/man/../misc/LICENSE
.RE