The Security Token Service now includes the following new features:
Supports TokenType for generating a specific web service provider security token.
Supports both Asymmetric and Transport binding for X509 and username security tokens as requestor.
Enforces SSL/Transport binding with a username security token when OpenSSO STS is configured with a username over SSL.
Issues SAML holder-of-key security token for Asymmetric KeyType with useKey as the web service client public key and web service client X509 security token.
WSDL is dynamically updated based on security token configuration.
Supports encryption by the web service provider public key.
Encrypts the static username password before storing it in the configuration store.
Supports UserName token as On Behalf Of security token through a WS-Trust request.
Supports issuance of SAML Bearer Tokens.
New Web Service Security authentication module WSSAuth supports digest password validation.
New OAMAuth authentication module enables single sign-on using Oracle Access Manager with OpenSSO.
For more information, see Chapter 4, Using the Security Token Service.