Configure WIF for AD FS with forms authentication

Question

We have an ASP.NET Web Forms(.Net 3.5) website application uses forms authentication. The application has got different customized authentication services which uses different S

Answer 1

1. The snippet I posted as an answer in the previous question should more or less work under .net 3.5 (some apis have changed but not that much so you couldn't figure it out)

2. Although this is possible, I guess this is a bad idea. This is because ADFS could be configured to use some other means of authentication than username/password. For example, they could enable windows integrated authentication. Or they could delegate the authentication to another provider that uses two-factor auth involving text messages. All this means it is more reliable to follow the passive ws-fed, where your app redirects to the login page of the provider rather than passing the username/password collected by your app to the provider.

3. The SAML validation in the snipped ends up with the ClaimsIdentity that represents the principal from the token. This is where you just enumerate claims and search for the one you want:

   var identity = .. Validate saml token ..
   
   foreach ( var claim in identity.Claims )
     if ( claim.Type == employee number claim type )
       Use the claim to establish a local forms auth session