locked
How to use ADFS Pre Authentication with a static iis website RRS feed

  • Question

  • Hi all, I believe it is possible to use adfs with a static webpage . Could someone please explain how to do this. A brief how to with no assumptions (as I am new to adfs) would be great. I have got adfs working in my lab using a claims aware sample app but I am struggling to get it working with a static webpage.

    Thanks in advance.

    Andrew

      
    Monday, September 25, 2017 5:58 PM

All replies

  • A bit oldish but still works: https://technet.microsoft.com/en-us/library/cc753987(v=WS.10).aspx 

    Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

    Tuesday, September 26, 2017 2:10 AM
  • Hi, thanks for reply, however this apply to a sample claims aware app and it is a static page with no authentication that I need some help with.
    Tuesday, September 26, 2017 2:05 PM
  • That the point. If you do not need authentication, then you do not need ADFS. If you want ADFS, you want some managed code.

    Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.


    Tuesday, September 26, 2017 5:22 PM
  • Unless you mean, you want to publish an anonymous application externally using WAP. Is that the scenario?

    Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

    Tuesday, September 26, 2017 5:23 PM
  • Yes, you can publish a static webpage with ADFS and the Web Application Proxy.  You can follow the directions here:

    https://technet.microsoft.com/en-us/library/dn383640(v=ws.11).aspx#Publish an Integrated Windows authenticated-based Application for Web Browser Clients

    If you don't want users to have to authenticate, then choose "Pass-through" for step 3 (and the wizard will skip step 4, and won't show the SPN part in step 6).  And make sure that IIS is setup to allow anonymous users on your website.

    As Pierre noted, usually you want ADFS because you want authentication.  But it's not required to use, and no authentication could be useful for testing purposes, or maybe if just part of your website is public but you want all parts of it to go through ADFS.

    Tuesday, September 26, 2017 7:24 PM