Changes to error.aspx.cs and web.config files for new trust
I am setting up a trust to Google Apps for my company. The documentation provided by Google has me changing some config files, and they cannot tell me whether these changes affect all trusts using our...
View ArticleADFS integration with Windows Live ID
How do you configure ADFS 2.0 Server 2012 to integrate with Windows Live ID, so that the Live ID can pass through to SharePoint 2013 in the back end
View ArticleA very rare problem using Convert_MsolDomainToFederated
Hi:I am getting a very strange problem while executing Convert-MsolDomainToFederated:Convert-MsolDomainToFederated : You cannot convert the specified domain to use identity federation because the...
View ArticleAutomating home realm discovery failing in ADFS for SAML 2.0 RP?
Hi, We have saml 2.0 relying party configured as a partner to ADFS 2.0. Also we Custom/Passive STS developed using .net framework 3.5 / WIF SDK added as CP for ADFS. We are trying to automate the...
View ArticleWIF Custom STS problem with Java RequestSecurityToken's TokenType and KeyType...
Hi,I implemented a .Net 3.5/WIF custom STS and when a Java (Metro) client sends a RST message with the TokenType (SAML2) and KeyType (Bearer) inside the RST's SecondaryParameters element. When WIF...
View ArticleAD FS 2.0 + Federation Proxy + Unsecured or incorrectly secured fault errors
We are in the process of completing of AD FS 2.0 configuration. The AD FS Infrastructure includes (2) federation server proxies in a farm, (2) federation servers in a farm, and a cluster SQL Server...
View Articlehow to prepare for supporting tokens sent to an STS
how do I extend the typical STS service's binding, given below, to allow supporting tokens to accompany the usernametoken? <bindings> <ws2007HttpBinding> <binding...
View ArticleClik here to view.
WIF to a separate domain via AJAX
We have sites running in two separate domains, one is a secured API the other is a frontend website.We want to be able to do an ajax request from the website to the API using the currently logged in...
View ArticleWIF With Load Balancer
I am going to deploy WIF in servers that constitute a Web farm, behind a load balancer. I have downloaded the sample application ("Claims Aware Web Farm") that enables this by providing a WCF service...
View ArticleWhich certificate to provide to relying partner?
We are deploying ADFS for the first time in order to satisfy a partner who wished to use SAML for access to their partner application website. We are in the role of the identity partner using Active...
View ArticleVulnerability in Active Directory Federation Services Could Allow Information...
Not sure if anyone else has seen this or not:https://technet.microsoft.com/en-us/security/bulletin/ms13-066"This security update resolves a privately reported vulnerability in Active Directory...
View ArticleAuto-Logout / AD FS / IIS7 / Claims Based Authentication - Cookies not expiring
All,Good day. I am currently on a project that is creating a web application that uses AD FS for authentication. We are using claims based authentication and its an ASP.NET application. The relying...
View ArticleReceiving POST and GET from ADFS after sign-in
We have an ASP.NET MVC application with passive redirect disabled. When a user hits a URL that requires being logged in, we send the user to ADFS, where he/she can choose between Windows Authentication...
View ArticleADFS 2.0 SQL DB failover - how does it work?
I have configured an ADFS 2.0 farm with three web servers, two in the main site and one in our DR site. I will be using an f5 to do network load balancing across the three web servers, and for the...
View ArticleADFS v2 service account is exposed to the internet
Hello,The ADFS v2 service account is exposed to the internet via the endpoint /adfs/services/trust/mex.Apparently MS is not admitting that exposing the service account poses a security concern.(you can...
View ArticleHow to Register a custom SecurityTokenHandler with Code
Hi,I've created a custom CustomUserNameSecurityTokenHandler an registered it within the configuration-file this...
View ArticleADFS 2.0 Problem - System.NullReferenceException
I cannot get ADFS 2.0 to work correctly. I am attempting to use one of the built-in login screens to verify functionality and it fails miserably. However, the XML...
View ArticleWCF client computed-proofkey, WIF unwrapping of proof key (as...
The ws-trust client built into native WCF enables me to talk my custom STS - equipped to consider the entropy supplied in the RST. Adding its own entropy, it even formulates a per-recipient-token in...
View ArticleADFS installation - the Program Data error
Moving from the Office365 forums:Greetings - just beginning a new ADFS build out. The customer has an empty root and all servers users and service accounts are in child domains and I have a couple of...
View ArticleADFS 2.0 Network ports
Hi All,What are the network port requirements between ADFS server farm with WID in production network and ADFS server in same WID as production at DR network ?Best RegardsMahesh
View Article