Reputation: 731
How do I authenticate users to Sharepoint 2010 site, using a standard SAML IDP (not an STS)?
The problem is I have an standard SAML 2.0 Web-Profile IDP (a customized Shibboleth) that I can authenticate to Google Apps, nicely, but Microsoft decided to embrace-and-extend again, with WIF, so it seems things doesn't work off-the-shelf to have web SSO (SingleSignOn) with Sharepoint.
At least all the documentation show only how to integrate with AD FS STSs, or how to write your own STS as the protocols around claims exchange aren't standard.
From the overviews it seems feasible to have my IDP being called (redirected to) and returning the SAML response as a forced post, as usual, but it seems hard to tell WIF to just process the simple response we serve.
Thanks,
Upvotes: 0
Views: 836
Answers (2)
Reputation: 46720
ADFS v2.0 does support SAML 2.0.
If the SP STS doesn't support this, then simply add ADFS as a trusted provider to the SP STS.
Upvotes: 1
Reputation: 4255
I believe that ADFS 2010 only supports WS-Federation Passive Requester Profile -- ie, no SAML 2.0 Web SSO support.
SAML 2.0 Web Profile support is possible I believe but you'll need to use a 3rd Party product like PingFederate for SAML 2.0 support unless you want to write quite a bit of custom code.
Hope this helps - Ian
Upvotes: 1
Related Questions
- Identity Provider Implementation with SAML V2 and Java
- Authenticate web app Using Saml 2.0 in asp.net
- how to implement SAML authentication in java web application using salesforce.com as identity provider
- How do I communicate with a SAML 2.0 server so that I can leverage it's authentication?
- How to do Non Interactive User Login from browser for SAML SSO flow between IDP and SP
- SAML Identity Provider based on Active Directory
- sp initiated saml sso authentication
- How does the saml IDP / SP work with auth0?
- SAML for SharePoint 2010 Authentication