问题描述
如何将ADFS配置到其他ADAM存储而不是安装ADFS的域/ AD?
例如:ADFS 2.0安装在xyz.com域上&用户身份验证是通过一些ADAM存储(我们只有连接字符串)进行的。
最后,我们创建了自定义
所以现在:
RP将添加到ADFS中。 / p>
来自自定义STS的ADFS信任令牌。
HomeRealmDiscovery已修改为显示自定义STS登录页面。
自定义STS创建令牌&传递给ADFS& ADFS设置为通过声明&
&
我们在设置正确的证书(在我们的测试中使用Selfssl7)时遇到了许多问题。一切都与ADFS,CustomSTS& amp; RP在不同的端口上运行(默认情况下,ADFS为443)。
How to configure ADFS to different ADAM store rather than the domain/AD the ADFS is installed on?
For example: ADFS 2.0 is installed on xyz.com domain & users authentication happen with some ADAM store (all we have is the connection string)...
At last we created the custom STS that ADFS will trust for our solution.
So now:
RP will be added in ADFS.
ADFS trust token from custom STS.
HomeRealmDiscovery modified to show custom STS login page.
Custom STS creates the token & pass to ADFS & ADFS is set to pass claims & token to RP.
& it all worked.
We had many issues with setting up the right certificated (in our test we used Selfssl7) & everything is on same machine with ADFS, CustomSTS & RP working on different ports (ADFS on default 443).
这篇关于ADFS 2.0配置为通过ADAM对用户进行身份验证的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!