adfs2.0

WIF using SAML 2 protocol / Federate AD FS 2.0 with CAS

I'am are trying to implement a Web SSO with claim based identity using WIF and AD FS 2.0 right now. Right now I have a existing ASP.Net application which delegates authentification to the AD FS 2.0 server and trust issued security tokens. That works just fine. However, in the organization there is an existing JA-SIG Central Authenticati...

Does ADFS 2.0 supports the SAML 1.1 protocol and Web SSO profiles?

Does ADFS 2.0 supports the SAML 1.1 protocol and Web SSO profiles as mentionend in this Wikipedia article or are only SAML 1.1 tokens supported? ...

How do I get other claims of the user using ADFS?

Hi I am able to authenticate the user using ADFS and succeded in getting the user alias using the below statement. Since some time, i am looking for a way in getting the other claims of the authenticated user, like email, name, roles, username etc. Any help on this would be appreciated. string alias = ((MicrosoftAdfsProxyRP.Microsof...

How to use ADFS in WCF Service

I am using ADFS in our application with MsftAdfsProxy. Its working fine with my application. Now I want to place ADFS logic in WCF Service. Let me know how to do this and are there any limitations for this. ...

ADFS v2.0 Error : MSIS7042: The same client browser session has made '6' requests in the last '1' seconds.

Folks, I've got an ASP.NET MVC application that I am attempting to secure using the Release Candidate version of ADFS v2.0 (Geneva). I have configured the application as a relying party trust, and I've used Fedutil.exe to modify the application's Web.config so that it has the information about the Geneva server and uses the Geneva serv...

WCF, Rampart, ADFS2 and SAML Interop issue

Hi, I'm working on establishing interoperability between .NET WCF 3.5 and Axis2/Rampart using ADFS2 as the STS and using SAML authentication. Initially I used Axis 1.4.1/Rampart 1.4 but in an attempt to rule out issues relating to WS-* standards compatbility have also created a duplicate environment running Axis 1.5.1/Rampart 1.5. Both...

Active Directory authentication in wcf service

I am authenticating my ASP.Net application through Active Directory(Microsoft ADFS Proxy). Now I want to move this authentication to WCF service so that authentication will b done there and later on this service will b flexible. Let me know how to proceed for this and what are the binding types required for this ...

Does ADFS2.0 provide custom authentication stores?

I wanted to find out if ADFS2.0 provides a way for users to be authenticated with a Custom Store? Version 1.0 you could only authenticate users in the Windows domain, using Forms/Windows Integrated/Cardspace. I have an ASP.NEt website, which I would like the users to be authenticated against a custom store in SQL and then ADFS2.0 to take...

How to configure ADFS 2.0 as SP and CA SiteMinder as IdP

Hi, We want to configure ADFS 2.0 as SP and CA SiteMinder as IdP using SAML 2.0. In ADFS 2.0 we have a test application which is deployed using WIF. We have configured both the things correctly. However, while testing the federation it gives 2 options of selecting the Identity provider correctly. However, after we enter the credentials...

What's the difference between WS-Trust, OpenID, and SAML Passive?

Seems that Microsoft ADFSv2 supports WS-Trust, and SAML Passive, but the WIF stack it's built upon doesn't support SAML. What is the difference between WS-Trust and SAML-P? Do they share the same security vulnerabilities, if so what are they? Note: There is a similar, but different question here: SAML vs OAuth ...

How can I imitate Stack Overflows SSO? Particularly where it federates with serverfault.com?

How does Stack Overflow's SSO work? ... whatever it is they are doing it seems to work for all sites in the network. I'd like to learn what Stack is doing so I can see if it's possible to get a similar registration scheme between http://perfmon.com and http://eventvwr.com under ADFS. I understand that SAML and OpenID are different an...

Secure a WF4 Workflow Service with ADFS2/WIF ?

I have a .xamlx Workflow Service that I would like to secure so that it can only be called by clients that have obtained a token from my STS (ADFS v2.0). Normally this is very easy to do if you're using a "Web Site" project template, and you've added a .SVC service - the "Add STS Reference" wizard will find the service you want secured a...

Enable anonymous access to ADFS 2.0 SharePoint site

I have a SharePoint 2007 portal configured to authenticate againsts a STS (ADFS 2.0) using the FormsSignIn (Forms Authentication on the ADFS). Is there any way to have a few pages living in the SharePoint portal that allow anonymous access? I've tried checking the "Enable Anonymous Access" in the SharePoint Central Admin, and I've trie...

Help required with SAML 2.0 and ADFS 2.0 !

While trying to learn the ADFS 2.0 environment, I created an empty ASP.NET Claims aware application to be the RP using Visual Studio 2010. using ADFS 2.0 I did the following: Created a SAML 2.0 relying party using the 'Add Relying Party Trust...' wizard Created a SAML 2.0 Claim Provider using the 'Add Claims Provider Trust...' wizard ...

Microsoft.IdentityServer.Web.InvalidRequestException: MSIS7042

I am using ADFS 2.0 to provide claims to a Windows Server 2003 Claims Aware App. I have made sure that the cookie path is correct but I keep getting this error. Microsoft.IdentityServer.Web.InvalidRequestException: MSIS7042: The same client browser session has made '6' requests in the last '3' seconds. Contact your administrator for det...

Two app instances, same Relying Party in AD FS 2

I currently have a copy of the app deployed to my local IIS as debug.wifclientapp.com and it will go to the ADFS server to authenticat but when it redirects after successful authentication it goes to www.wifclientapp.com which is the test instance on a remote server. I setup the test instance first. How can I get it to redirect back to...

adfs 2.0 dynamically select the authentication type idp initiated

Can I dynamically select the authentication type in a customized version of IdpInitiatedSignOn? I am doing Idp Initiated calling something like https://domain/adfs/ls/IdpInitiatedSignOn.aspx?loginToRp=https://some-rp1 If the default is set to: ... It may try integrated first and this is fine for most of my RP's. But f...