What is the security advantage of STS in web services?

Posted by Neil McF on Stack Overflow See other posts from Stack Overflow or by Neil McF
Published on 2010-05-21T14:21:36Z Indexed on 2010/05/21 18:00 UTC
Read the original article Hit count: 385

Hello,

I've started reading up on security (particularly authentication) with web services and I see a lot of references to security token services.

From what I see, they take a username-password (or something) and, on validation, return a digital token. How is using this token any more secure then just relying on the username-password in the first place?

© Stack Overflow or respective owner

Related posts about security

Related posts about web-services