I'm trying to configure SM FSS 12.5 to be a SAML2 IdP for ADFS2-protected claims-aware WIF application.
I'm following the steps from MS guide: AD FS 2.0 Step-by-Step Guide: Federation with CA Federation Manager (http://technet.microsoft.com/en-us/library/ff754295%28WS.10%29.aspx) that is for earlier version of SM (r12.1).
However, ADFS refuses to parse SAML2 tokens sent by SM, giving me error:
Microsoft.IdentityServer.Protocols.Saml.HttpSamlMessageException:
MSIS7015: This request does not contain the expected protocol message
or incorrect protocol parameters were found according to the
HTTP SAML protocol bindings.
Does that mean that ADFS doesn't support SAML2.0 protocol (or token format used by SM FSS)?
In SM documentation it is written that ADFS supports legacy mode federation, where SAML tokens are sent by using WS-Federation protocol. But I would prefer not to switch to this lagacy mode, because it will be depreceted in future releases of SiteMinder.
Is there any way to make ADFS work with "normal" mode of SM FSS?