I wanted to find out if ADFS2.0 provides a way for users to be authenticated with a Custom Store? Version 1.0 you could only authenticate users in the Windows domain, using Forms/Windows Integrated/Cardspace. I have an ASP.NEt website, which I would like the users to be authenticated against a custom store in SQL and then ADFS2.0 to take care of the claims issued to the user...
A:
ADFS 2.0 can only authenticate users in Active Directory. It can retrieve attributes from other stores (SQL, LDAP, custom), but not for authentication.
You might want to look at StarterSTS (http://startersts.codeplex.com/) as an alternative.
Eugenio
Eugenio Pace
2010-05-25 18:10:16
+1
A:
That's not entirely true. While in its default form, ADFS v2.0 only allows you to authenticate against Active Directory, there is a hybrid approach. You can set the authentication type to forms (modify the Web.config file of the ASDFS server in the \inetpub\adfs\ls directory).
Once set to forms, you can actually customize the ADFS signin page (FormsSigninPage.aspx) to do whatever custom authentication you want. Once the authentication passes, the rest of ADFS will pick back up where you left off.
Here's an article showing how to do exactly that: Customizing the ADFS Signin Pages
Kevin Hoffman
2010-06-17 17:47:03