I understand that the StockTrader is moving towards claim-based identity, with
that identity provided by a service (e.g., Metro STS framework, Geneva
Framework). Definitely a good idea.
However, it would be good to keep the existing version of Stonehenge (I assume
it uses mutual certs?) because:
- one less thing to setup
- it is a useful scenario in its own right
It seems that most of the code between the two security versions could be
shared, right?
That way someone new to the example could download just ONE implementation and
get the mutual certs version working first. Then, as they gained experience and
confidence they could move on to trying real interop and/or identity providers.
In other words, make it easy for people to get up and running in small steps
instead of a big bang.
Regards,
Harold