We have ADFS configured with SAML WebSSO on the corporate network and we want to enable SAML_P 2.0 SSO for an asp.net mvc(VS 2013) app running on cloud. We could see that mvc in this version support both Azure AD based SSO and on premise ADFS SSO. I also
read that there is no SAML library from Microsoft. So my questions are:
1) Does the above mentioned mvc version supports only ws-federation? Because I am finding only two parameters while configuring the adfs using mvc template-such as federation metadata URL and web app ID, there is no option to specify call back URL or SAML
service uri
2) If we cannot go for SAML SSO directly from asp.net mvc app running on cloud with on premise ADFS without installing anything additional, can we setup an ADFS on cloud with a trust defined for on-premise adfs?in that case the flow should be cloud mvc app-cloud
ADFS-onPremise ADFS. In that case, what federation meta data should be used in the asp.net mvc app? Of the cloud ADFS or on-premise adfs and what metadata should be shared with on premise adfs? My expectation here is that, since .net lacks a SAML library,
MVC app can to send ws-federation data which will be transformed into SAML by cloud adfs and then orward to on premise adfs. Pls note that the cloud is not Azure and we dont want to go for Azure AD(unless it is totally free :)
I prefer the option one to work, if not the second. If both the options are not possible I want to consider open source SAML solutions for .net such as Shibboleth or Kentor.
G K
