locked
iframe and ADFS RRS feed

  • Question

  • I have a portal application A and there is another application B which runs in an iframe where portal application is the parent window. Both these applications are protected with ADFS. There are two different Relying Party Trust for these two apps. There is no issue when these apps pass through ADFS login. However when I use a federated login, at times the iframe page either loads as blank or does a 302 redirect occupying the entire window. ADFS seems to send a second SAMLRequest to the Identity Provider for iframe application even though the web sso lofetime is valid and the IDP thinks there is a clickjacking attack is planned and either does 302 redirect or displays a blank page. Question is: Is there a way for the ADFS to issue SAML to the iframe application as long as web sso lifetime is valid ? I am fine with customization as well.
    Friday, July 8, 2016 11:27 AM

Answers