Re: ADFS with ASP application
- From: "Joe Kaplan" <joseph.e.kaplan@xxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Mon, 8 Jan 2007 12:17:22 -0600
The first thing I'd do is set up the test page that I discuss in this blog
posting so you can see what Windows token is being created by ADFS as a
result of the federated login. That will help you figure out what's going
on so you can apply that knowledge to to the ASP app (which is likely more
difficult to troubleshoot as you don't has this kind of easy access to the
authenticated user's token like you do in .NET).
http://www.joekaplan.net/DiscoveringTheUsersNameAndGroupsInTheirWindowsToken.aspx
Joe K.
--
Joe Kaplan-MS MVP Directory Services Programming
Co-author of "The .NET Developer's Guide to Directory Services Programming"
http://www.directoryprogramming.net
--
<viveque.kumar@xxxxxxxxx> wrote in message
news:1168277603.416111.172830@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Hi Joe,
I followed the step by step guide to achieve the token-based
authentication but we were not successful in doing so. Could you mail
me some steps that you might have tried on your own.
Thanks in advance,
Vivek
Joe Kaplan wrote:
ADFS can work here if you use the Windows token model for integration
(using
the stuff integrated into the IIS MMC UI). In that mode, ADFS can work
with
any app that runs on IIS. The app doesn't need to be .NET 2.0 (although
.NET 2.0 must be installed on the machine for ADFS to be installed and
used).
You would change the setting in IIS from integrated to anonymous, but
ADFS
would actually create a Windows token for you with the ADFS agent and the
app would continue to function as if it was working like integrated auth.
The real trick here is coming up with a viable strategy for how you want
to
map user tokens (shadow users or shadow groups).
Joe K.
--
Joe Kaplan-MS MVP Directory Services Programming
Co-author of "The .NET Developer's Guide to Directory Services
Programming"
http://www.directoryprogramming.net
--
<viveque.kumar@xxxxxxxxx> wrote in message
news:1168012536.605350.251840@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Hi,
We have a legacy ASP application and we are looking at SSO for an
integration project.
Our application works on Integrated authentication mechanism and the
requirement is that users from other domains when accessing this
application need not sign in again.
So after some research I stumpled upon ADFS to achieve this.
My question is this, given the above scenario, will ADFS work here?
Doesn't ADFS require ASP.NET applications?
Will the application security settings need to be changed from
Integrated to Anonymous?
TIA,
- Vivek
.
- Follow-Ups:
- Re: ADFS with ASP application
- From: viveque . kumar
- Re: ADFS with ASP application
- References:
- ADFS with ASP application
- From: viveque . kumar
- Re: ADFS with ASP application
- From: Joe Kaplan
- Re: ADFS with ASP application
- From: viveque . kumar
- ADFS with ASP application
- Prev by Date: Re: Upgrade existing stand-alone 03 to DC
- Next by Date: deployment issues
- Previous by thread: Re: ADFS with ASP application
- Next by thread: Re: ADFS with ASP application
- Index(es):
Relevant Pages
|
