I'm trying to get my head around all the claims based windows identity foundation magic.
Assuming I don't want to use ADFS, one thing that isn't clear to me is whether its best to roll your own STS using WIF to do some of the hard work or to rely on a third party.
And if it is the third party option - what third party STS's are there
It all depends where your authentication information is of course. If you aren't using AD, but are using something else then it's up to that provider to supply an STS.
If all you want is something database driven, well there are a few out there, and it depends on what development platform you're happiest with when you come to customise it.
If you're using .NET then you could use the StarterSTS as a starting point (no pun intended).