Hello
We have a multi-tenant web application and our goals is to provide claims based authentication to our customers by accessing their existing IP/STS.
All I've read led me to the conclusion that we would have to set up our own ADFS (or maybe a custom STS) where the application connects to and that trusts our customers' IP/STS. That would explain the singleton implementation of the FederationConfiguration when using the HTTP modules (WSFAM and SAM) of WIF.
Our Head of Research/Development wants to be able to handle all of the configuration within the application instead of having the IT team involved. So he is "not amused" to have set up an extra authentication server.
In earlier times that scenario seemed to be possible by making use of the FederatedPassiveSignIn control and setting UseFederationPropertiesFromConfiguration to false (unfortunately I cannot yet post the link to the Microsoft library article).
So I decided to create a collection of WSFAM with different FederationConfigurations for each customer at application start while using the SAM as it is thought to be. I came pretty far, I can redirect to the IP/STS using the module's SignIn() method. I tried to copy the SignInWithResponseMessage() method as it is declared private but then I recognized the class TokenReceiver is declared protected. I realized there's a lot to do manually and there must be a reason why the classes/methods aren't accessible and the control's namespace got dropped.
So here's my question: is there an easier way to connect to multiple IP/STS from a relying party (if possible without using the control from WIF 3.5) and where can I find information to start with?
We have a multi-tenant web application and our goals is to provide claims based authentication to our customers by accessing their existing IP/STS.
All I've read led me to the conclusion that we would have to set up our own ADFS (or maybe a custom STS) where the application connects to and that trusts our customers' IP/STS. That would explain the singleton implementation of the FederationConfiguration when using the HTTP modules (WSFAM and SAM) of WIF.
Our Head of Research/Development wants to be able to handle all of the configuration within the application instead of having the IT team involved. So he is "not amused" to have set up an extra authentication server.
In earlier times that scenario seemed to be possible by making use of the FederatedPassiveSignIn control and setting UseFederationPropertiesFromConfiguration to false (unfortunately I cannot yet post the link to the Microsoft library article).
So I decided to create a collection of WSFAM with different FederationConfigurations for each customer at application start while using the SAM as it is thought to be. I came pretty far, I can redirect to the IP/STS using the module's SignIn() method. I tried to copy the SignInWithResponseMessage() method as it is declared private but then I recognized the class TokenReceiver is declared protected. I realized there's a lot to do manually and there must be a reason why the classes/methods aren't accessible and the control's namespace got dropped.
So here's my question: is there an easier way to connect to multiple IP/STS from a relying party (if possible without using the control from WIF 3.5) and where can I find information to start with?