I have a situation where I am trying to leverage ADFS for authenticating an external customer to a 3<sup>rd</sup> party website using the credentials they provided when logging into our own external site. In other words. A customer logs into our website (authenticated by our internal Tivoli Access Manager through WebSEAL). Once authenticated, they are provided a link to the 3<sup>rd</sup> party site. When they access the 3<sup>rd</sup> party site, it will require a SAML assertion for authentication. So we want to set up the 3<sup>rd</sup> party site with our ADFS 2.0 to handle this authentication (internal network via an ADFS proxy in DMZ) . On its own, this does not seem too difficult, though my understanding is that the customer will be prompted with a forms based logon at the proxy. Is itpossible to get around this prompt and leverage their original TAM based authentication to our site in order to authenticate them to ADFS for the SAML assertion (internal Tivoli would be used to generate the assertion in this case rather than our internal AD)?
Thanks!
Eric