locked
ADFS as a protocol translator? RRS feed

  • Question

  • Can ADFS be used a translator between SAML2P and WS-FED?

    Our web app is ws-fed based but not SAML2P.  Can ADFS act as a protocol bridge for SAML2P customer that want to federate web browser security?

    Wednesday, August 23, 2017 10:37 PM

Answers

  • Yes e.g.

    Application --> WS-Fed --> ADFS (RP-STS) --> SAML --> Another IDP.

    • Marked as answer by scott_m Thursday, August 24, 2017 11:47 AM
    Thursday, August 24, 2017 2:36 AM
  • Exchange metadata both ways.

    Setup the IDP as a CP.

    Configure claims received as pass-through.

    On the application, configure claims received as pass-through.

    • Marked as answer by scott_m Thursday, August 24, 2017 11:47 AM
    Thursday, August 24, 2017 8:29 AM

All replies

  • Yes e.g.

    Application --> WS-Fed --> ADFS (RP-STS) --> SAML --> Another IDP.

    • Marked as answer by scott_m Thursday, August 24, 2017 11:47 AM
    Thursday, August 24, 2017 2:36 AM
  • So Step1, setup a local on Prem ADFS and configure a relying party trust between ADFS and the rp app using app ws-federation metadata.  What is step 2?

    adfs 2.1 currently

    thanks


    • Edited by scott_m Thursday, August 24, 2017 3:11 AM
    Thursday, August 24, 2017 3:10 AM
  • Exchange metadata both ways.

    Setup the IDP as a CP.

    Configure claims received as pass-through.

    On the application, configure claims received as pass-through.

    • Marked as answer by scott_m Thursday, August 24, 2017 11:47 AM
    Thursday, August 24, 2017 8:29 AM