Cover Pages Logo SEARCH
Advanced Search
Site Map
CP RSS Channel
Contact Us
Sponsoring CP
About Our Sponsors

Cover Stories
Articles & Papers
Press Releases

XML Query

XML Applications
General Apps
Government Apps
Academic Apps

Technology and Society
Tech Topics
Related Standards

PingFederate Web Services 2.6

Ping Identity Delivers PingFederate Web Services 2.6

New Release of Security Token Service (STS) Adds Support for OASIS WS-Trust 1.3, SiteMinder SMSESSION Tokens

Denver, Colorado, USA. December 6, 2007.

Ping Identity today announced PingFederate Web Services 2.6 is available for immediate download from its Web site, Now packaged as an optional add-on module for PingFederate, Ping Identity's industry-leading standalone federated identity software, PingFederate Web Services 2.6 adds support for the OASIS WS-Trust 1.3 standard, as well as the ability to create and validate CA SiteMinder SMSESSION tokens.

PingFederate Web Services, previously called PingTrust, is an optional PingFederate module designed for organizations wanting to extend their browser-based Internet Single Sign-On architecture to incorporate Web services and Service-Oriented Architectures (SOAs). It acts as a WS-Trust Security Token Service (STS), creating and validating security tokens that get bound into SOAP messages to carry user identity information in a standards-based manner.

PingFederate Web Services 2.6 adds support for OASIS WS-Trust version 1.3, the first version of WS-Trust to be published as an official industry standard by OASIS. In addition, it adds the ability to create and validate SMSESSION tokens. With this new capability, SiteMinder-enabled enterprises can create Web service clients and providers that use WS-Trust to issue or validate proprietary SMSESSION tokens, as well as exchange SMSESSION tokens for other token types such as SAML assertions.

Applications depend on user-level identity to protect critical resources, generate audit trails for regulatory compliance and support user-based billing. Before the advent of WS-Trust and Web Services Security (WSS), organizations had to implement proprietary application-level extensions to make the identity of the specific user requesting the execution of a particular Web service available to a Web service provider. Unfortunately, these extensions introduced questionable security. Furthermore, they are impractical in B2B use cases where Web service clients and providers are developed, maintained and operated by different organizations.

"The STS vision was based on the notion that there would be a complete end-to-end, standards-based mechanism for identity-enabled Web services," said Patrick Harding, CTO of Ping Identity. "Now that WS-Trust is an OASIS standard, our customers can leverage the interoperability inherent in Web services that is not available in proprietary methods."

About Ping Identity

Ping Identity's dedication to delivering secure Internet single sign-on software and services for over 150 customers worldwide has earned us recognition as the market leader in federated identity management. PingFederate, the first world's rapidly deployable identity federation software, provides organizations' users safe access to Internet applications without the need to re-login. With PingFederate and PingEnable, Ping Identity's expert support, services, and methodologies, external connections can be operational in less than a week. Download a free trial at For more information, dial toll-free 877.898.2905 or + 1 303.468.2882, or email


Ping Identity Corporation
Mike Donaldson
Tel: +1 303-468-2858


Prepared by Robin Cover for The XML Cover Pages archive.

Globe Image

Document URI:  —  Legal stuff
Robin Cover, Editor: