LogoutRequest fails with Requester
I can submit requests to authenticate and the response is just fine. I have ADFS configured to send me a persistent name ID using instructions from here:...
View Articleremove servicecert, or declare identity (wstrust sts hosting)
Assuming mixed mode security (i.e. layer 7 blobs sent over layer 4 ssl), which is the better service-side implementation strategy: do NOT declare a service cert, or declare one and expose a DNS/cert...
View ArticleLink to download Windows Identity Foundation Runtime broken?
Hi,I am trying to download the Windows Identify Foundation Runtime from url:http://www.microsoft.com/en-us/download/details.aspx?id=17331then selecting:Windows6.1-KB974405-x86.msubut the download...
View ArticleNeed suggestion on adding fine grained claims .
Hi , think of a scenario i have 2 services A & B . which has different claims to provide the access to them . now , 1) suppose a user comes in with a access token , should i add claims for both...
View ArticleSetting Claim for ClaimProviderTrust in Powershell
I'm having a problem with inserting claimoffered for an existing claim provider within powershell. The command I'm trying is:PS C:\> set-ADFSClaimsProviderTrust -TargetName 'SomeFed' -ClaimOffered...
View ArticleWindows Identity Foundation can be used for other platforms?
I want to use. NET to build a server, the client has winform, asp.net, ios, Android. This situation can use Windows Identity Foundation certification?Thanks!相信自己,坚持下去。
View ArticleADFS for Multple AD Domain
Hi,I have situation where I have a set of application in the perimeter network.I have an internal AD in corporate network for our internal users.I have to maintain a separate AD in perimeter network...
View ArticleAdding certificate while creating Relying party in ADFS 2.0
I am trying out ADFS 2.0 as Identity Provider for SAML2.0I have created a self signed certificate using IIS Manager. I then used it to Create a new Federation Service.While setting up in the Add...
View Article2012 R2 ADFS - Theming / Idp Logos
Does anyone know if it's possible to customize the logos on the Claims Provider selection Screen? i.e. if you have multiple Claims Provider trusts, I would like to give each of them a meaningfull logo...
View ArticleError 2738 Installing WIF 4.0 SDK on Win7 32bit SP1 German
Hi!I installed the February 2011 Identitiy Developer Training Kit. One of the prerequisites is the WIF 4.0 SDK.I wanted to download the German version, but it is only the 3.5 version available. So I...
View ArticleADFS and SPN
We currently have a single ADFS server and a single ADFS proxy server setup to allow single sign-on to our Office365 accounts. All works well. We are currently setting up a separate ADFS farm with 2...
View ArticleADFS - Logout Endpoint not working unless browser is closed
We have multiple relying party trusts and I have noticed that when a user goes to the logout endpoint it tells them "they are logged out, but for improved security to close their browser." I then...
View ArticleHow would Integrated Windows Authentication (IWA) ever work with a proxy ADFS...
Hey there. I have just configured my first ever application that is using our external ADFS server. In order to to get it to work, I had to disabled the IWA function in the web.config file as shown...
View ArticleRestrict access to certain trust
I know there are some federation trust specific settings for each trust in your ADFS environment (such as choosing to decrypt tokens or not for example). I was wondering if there is a way to restrict...
View ArticleHow long should an STS take to authenticate?
I have a custom STS that takes around 30 seconds to perform the wsignin1.0 step, which is entirely too long. I cannot find any evidence that my custom code takes any more than 1 second, so I do not...
View ArticleWhy is my RP not redirecting to my STS?
I have several RP's that share an STS for a single sign on scenario. I have these sites set up in multiple environments. In one of these environments, each time that I access an RP for the first...
View ArticleWhy does KB2843639 break my Proxy's FormsSignin for my HTTP-POST RP?
After a patch run last week, whenever an external user attempts to login to a particular RP using SP-initiated HTTP-POST through our ADFS Proxy, the "submit" button 302-redirects them to "/auth/ls/?"...
View ArticleAD FS 2.0 meets AD FS2.0. Result: Exception MSIS7000
Hi!I am about to connect two different AD FS2.0 with each other, but so far without success.I added the "other AD FS2.0" with its FederationMetadata to the "Claims Provider Trusts". On the "other AD...
View ArticleClik here to view.
ADFS Tranforms rules added with PowerShell become custom rules
I'm setting/adding claim rules to ADFS using PowerShell, using the following commands:Add-PSSnapin Microsoft.Adfs.PowerShellSet-ADFSRelyingPartyTrust –TargetName "MyApplication"...
View ArticleClik here to view.
Windows Server 2012 ADFS theory question
Hello!Once again about claims:This new token (created in 10) does contain the same claim created in 8, doesn't it?Thank you in advance,Michael Firsov
View Article