Introduction to the WS-Federation and Microsoft ADFS
Introduction
Web Services Federation (WS-Federation) is an identity specification from Web Services Security framework. Users can still use the Single sign-on to log in the new application with their domain user name and password rather than create a new set. It provides a safe identity exchange mechanism and authentication.
Microsoft Active Directory Federation Services (ADFS) is one kind of implementation for WS-Federation. It implement the Passive Requestor Protocol to deal with web application access.
This topic notes the basic knowledge of WS-Federation and Microsoft ADFS.
Entities and authentication procedures
As I realized, we have Identity provider (IDP), Reply party (RP), Browser, and web application in the authentication process.
IDP, RP, and web application communicate with each other by using browsers’ redirecting. They don’t talk to each other directly.
The following figure shows the simplified procedures for authentication:
- The user visits to the web portal and the…