ADFS
2
ADFS : Active Directory Federation Services. ADFS Uses SSO Technology (Single Sign On Technology) for ASP.NET web Applications. Single sign On means for eg. If you login to your domain and then on your successful authentication a token is created in your local system and that token is refreshed periodically and this will allow you to access your email, network shared drive etc., without providing your credentials every time. Nowadays B2B (Business – to – business) applications are in the high and YOU are at times required to share your web application to your third party vendor (ASP.NET) for sharing a Data. ASP. NET is a web application platform enabling to share the data securely with the help of ADFS (completely different forest and different accounts) You can Project digitial identitiy (claim) between AD Foresets and ADFS is running between 2 forests. ADFS uses WS-* Protocols (standard compliance web services), PKI (Public Key Infrastructure), ASP.NET The authentication happens between forests by x.50 certificates and based upon TRUST (TWO WAY TRANSITIVE DEAL) When you are creating a trust relationship for ADFS it is ONE WAY TRUST. “Resources Trust Accounts” ADFS Web agent is installed on IIS 7.0, and constantly get connected to resource federation services Deploying AD FS Federation Server : WS2k8 Enterprise or Data Center IIS, ASP.NET SSL / CERTIFICATE Federation Proxy : - do- AD FS Web agent : WS2k8 Std, Ent, Data Account Store : ADDS / ADLDS Browser : IE 6 / Mozilla Firefox DNS, ADCS
Transcript of ADFS
ADFS : Active Directory Federation Services. ADFS Uses SSO Technology (Single Sign On Technology) for ASP.NET web Applications. Single sign On means for eg. If you login to your domain and then on your successful authentication a token is created in your local system and that token is refreshed periodically and this will allow you to access your email, network shared drive etc., without providing your credentials every time.
Nowadays B2B (Business – to – business) applications are in the high and YOU are at times required to share your web application to your third party vendor (ASP.NET) for sharing a Data. ASP. NET is a web application platform enabling to share the data securely with the help of ADFS (completely different forest and different accounts)
You can Project digitial identitiy (claim) between AD Foresets and ADFS is running between 2 forests.
ADFS uses WS-* Protocols (standard compliance web services), PKI (Public Key Infrastructure), ASP.NET
The authentication happens between forests by x.50 certificates and based upon TRUST (TWO WAY TRANSITIVE DEAL)
When you are creating a trust relationship for ADFS it is ONE WAY TRUST. “Resources Trust Accounts”
ADFS Web agent is installed on IIS 7.0, and constantly get connected to resource federation services
Deploying AD FS
Federation Server : WS2k8 Enterprise or Data Center IIS, ASP.NET SSL / CERTIFICATE
Federation Proxy : - do- AD FS Web agent : WS2k8 Std, Ent, Data Account Store : ADDS / ADLDS Browser : IE 6 / Mozilla Firefox DNS, ADCS
