本文介绍了ADFS 2.0配置为通过ADAM对用户进行身份验证的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

如何将ADFS配置到其他ADAM存储而不是安装ADFS的域/ AD?



例如:ADFS 2.0安装在xyz.com域上&用户身份验证是通过一些ADAM存储(我们只有连接字符串)进行的。

解决方案

最后,我们创建了自定义



所以现在:



RP将添加到ADFS中。 / p>

来自自定义STS的ADFS信任令牌。



HomeRealmDiscovery已修改为显示自定义STS登录页面。



自定义STS创建令牌&传递给ADFS& ADFS设置为通过声明&



&



我们在设置正确的证书(在我们的测试中使用Selfssl7)时遇到了许多问题。一切都与ADFS,CustomSTS& amp; RP在不同的端口上运行(默认情况下,ADFS为443)。


How to configure ADFS to different ADAM store rather than the domain/AD the ADFS is installed on?

For example: ADFS 2.0 is installed on xyz.com domain & users authentication happen with some ADAM store (all we have is the connection string)...

解决方案

At last we created the custom STS that ADFS will trust for our solution.

So now:

RP will be added in ADFS.

ADFS trust token from custom STS.

HomeRealmDiscovery modified to show custom STS login page.

Custom STS creates the token & pass to ADFS & ADFS is set to pass claims & token to RP.

& it all worked.

We had many issues with setting up the right certificated (in our test we used Selfssl7) & everything is on same machine with ADFS, CustomSTS & RP working on different ports (ADFS on default 443).

这篇关于ADFS 2.0配置为通过ADAM对用户进行身份验证的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

08-20 08:13
查看更多