adfs2.0

问题 We have an ADFS 2.0 Environment that is used to federate our Active Directory domain with Office 365. Recently we had an issue where the cluster stopped responding which in turn broke email/calendar access for all of our users. As we don't have any monitoring for ADFS currently I am trying to write a PowerShell script that will periodically attempt to authenticate to our ADFS cluster and get a valid token similar to the SSO test at testexchangeconnectivity.com works. It appears that the token

问题 I'm using AngularJS and spring security in a web application. We were using the basic authentication and now we are trying to put in place SAML for SSO login. As we are using Java based annotation I tried to follow this example, I just added the securityConfig part to my application with also loadUserBySAML service. I also configured my ADFS service in active directory and generated the federationmetadata.xml file, however, I wasn't able to generate the metadata.xml file. When I try http:/

问题 I'm developing a .NET web application which uses ADFS to manage users and logins. On my personal development machine and on our testing environment everything works fine. However, after publishing the application to the target production server I'm getting the following exception: [CryptographicException: Digest verification failed for Reference '#_ed85954d-e2b3-44a1-a455-f13b8eca5756'.] System.IdentityModel.Reference.EnsureDigestValidityIfIdMatches(String id, Object resolvedXmlSource)

问题 I have an application that authenticates against ADFS 2 via WS-Federation. I look for a specific claim when I get the response back from ADFS and based on that claim, I am able to authorize the user into my application. I want to create an enhancement in which when a user authenticates against ADFS and comes back to my application WITHOUT the claim I require, that I redirect them back to the Identity Provider (ADFS), but this time FORCING them to provide their credentials again. I wrote my

问题 I have been trying to add a "virtual" claim provider (SAML 2.0 Identity Provider) in ADFS, I have another claim provider with same certicate. I get this error on ADFS2.0 in windows Server 2012 MSIS7600 Each Signing Certificate value for a claims provider Trust must be unique across all claims provider trusts in ADFS 2.0 configuration Is there any workaround to avoid this issue? 回答1: No, I got the same thing here. Appearantly it must be unique. I tried to add 2 tenants (2 customers) coming

问题 I have been trying to add a "virtual" claim provider (SAML 2.0 Identity Provider) in ADFS, I have another claim provider with same certicate. I get this error on ADFS2.0 in windows Server 2012 MSIS7600 Each Signing Certificate value for a claims provider Trust must be unique across all claims provider trusts in ADFS 2.0 configuration Is there any workaround to avoid this issue? 回答1: No, I got the same thing here. Appearantly it must be unique. I tried to add 2 tenants (2 customers) coming

问题 I have configured adfs as identity provider and openam as service provider but how to test whether login is working fine with adfs throght openam. Can anyone help me to do login to adfs server through openam using java application. Thanks, 回答1: Refer OpenAM and ADFS2 configuration. The article covers all your questions. Update: The way I normally do this is to use the OpenSSO / OpenAM Java Fedlet. Refer Using Fedlets in Java Web Applications (Chapter 8). The code (as per the fedlet) to

问题 Again I need the wise advise of the Community!!! I have to integrate several Web Applications in my SSO system. The IdP is Active Directory Federation Sevices (ADFS2) and the SP's are Weblogic Managed Servers. I am using HTTP-POST binding for the SP-initiated Use Case in the Web SSO profile. This setup is working and even I have implemented the SLO for WLS, great! but, there is always a but... I have an application that can be accessed for unauthenticated users, guest users . When the user is

问题 I'm building an ASP.NET web app that authenticates users with Windows Identity Foundation. The organization has an on-premise ADFS STS. Their Office365 authenticates through Microsoft Federation Gateway with the on-premise STS. The new web app will also authenticate against the on-premise STS with WIF. Can I establish silent single sign on between the new app and the Office365 environment? So the user will not have to log into Office365 once he is logged into the web app and vice versa. 回答1:

问题 When i try to invoke a WCF service from an asp.net application (RP) which is authenticated by another asp.net application(IP) , I'm getting an error message with content of Login page (It is trying to reach the login page because it could not authenticate the request). Identity Provider : _http://localhost/AuthenticatonWS/Login.aspx Relying party Website : _http://localhost/RPWebsite/Default.aspx WCF Service : _http://localhost/RPWebsite/Service1.svc (In my solution I'm calling service1.svc