<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<system.serviceModel>
<!-- Behavior List: -->
<behaviors>
<serviceBehaviors>
<behavior name="SecurityTokenServiceBehavior" >
<!-- The serviceMetadata behavior allows one to enable metadata (endpoints, bindings, services) publishing.
This configuration enables publishing of such data over HTTP GET.
This does not include metadata about the STS itself such as Claim Types, Keys and other elements to establish a trust.
-->
<serviceMetadata httpGetEnabled="true" />
<!-- Default WCF throttling limits are too low -->
<serviceThrottling maxConcurrentCalls="65536" maxConcurrentSessions="65536" maxConcurrentInstances="65536" />
</behavior>
</serviceBehaviors>
</behaviors>
<!-- Service List: -->
<services>
<service name="Microsoft.IdentityModel.Protocols.WSTrust.WSTrustServiceContract"
behaviorConfiguration="SecurityTokenServiceBehavior" >
<!-- This is the HTTP endpoint that supports clients requesing tokens. This endpoint uses the default
standard ws2007HttpBinding which requires that clients authenticate using their Windows credentials. -->
<endpoint
address=""
binding="customBinding"
bindingConfiguration="spStsBinding"
contract="Microsoft.IdentityModel.Protocols.WSTrust.IWSTrust13SyncContract" />
<!-- This is the HTTP endpoint that supports clients requesting service tokens. -->
<endpoint
name ="ActAs"
address="actas"
binding="customBinding"
bindingConfiguration="spStsActAsBinding"
contract="Microsoft.IdentityModel.Protocols.WSTrust.IWSTrust13SyncContract" />
<!-- This is the HTTP endpoint that supports IMetadataExchange. -->
<endpoint address="mex"
binding="mexHttpBinding"
contract="IMetadataExchange" />
</service>
<service name="Microsoft.SharePoint.Administration.Claims.SPWindowsTokenCacheService">
<endpoint address=""
binding="customBinding"
bindingConfiguration="SPWindowsTokenCacheServiceHttpsBinding"
contract="Microsoft.SharePoint.Administration.Claims.ISPWindowsTokenCacheServiceContract" />
</service>
</services>
<!-- Binding List: -->
<bindings>
<customBinding>
<binding
name="spStsBinding">
<binaryMessageEncoding>
<readerQuotas
maxStringContentLength="1048576"
maxArrayLength="2097152"/>
</binaryMessageEncoding>
<httpTransport
maxReceivedMessageSize="2162688"
authenticationScheme="Negotiate"
useDefaultWebProxy="false" />
</binding>
<binding
name="spStsActAsBinding">
<security
authenticationMode="SspiNegotiatedOverTransport"
allowInsecureTransport="true"
defaultAlgorithmSuite="Basic256Sha256"
messageSecurityVersion="WSSecurity11WSTrust13WSSecureConversation13WSSecurityPolicy12" />
<binaryMessageEncoding>
<readerQuotas
maxStringContentLength="1048576"
maxArrayLength="2097152"/>
</binaryMessageEncoding>
<httpTransport
maxReceivedMessageSize="2162688"
authenticationScheme="Negotiate"
useDefaultWebProxy="false"/>
</binding>
<binding name="SPWindowsTokenCacheServiceHttpsBinding">
<security authenticationMode="IssuedTokenOverTransport" />
<textMessageEncoding>
<readerQuotas maxStringContentLength="1048576" maxArrayLength="2097152"/>
</textMessageEncoding>
<httpsTransport maxReceivedMessageSize="2162688" authenticationScheme="Anonymous" useDefaultWebProxy="false" />
</binding>
</customBinding>
</bindings>
</system.serviceModel>
<system.webServer>
<security>
<authentication>
<anonymousAuthentication enabled="true" />
<windowsAuthentication enabled="true">
<providers>
<clear />
<add value="Negotiate" />
<add value="NTLM" />
</providers>
</windowsAuthentication>
</authentication>
</security>
<modules>
<add name="WindowsAuthenticationModule" />
</modules>
</system.webServer>
<system.net>
<connectionManagement>
<add address="*" maxconnection="10000" />
</connectionManagement>
</system.net>
</configuration>