Question

SquareWheel on Mon, 09 Sep 2013 15:20:47


We currently have a custom-made module that handles SSO tokens from client portals so client users can get into our web application seamlessly.  The process is in general is like this:

  1. client portal/identity provider posts SAML response token to our custom-made SSO module
  2. custom-made SSO module decrypts and verifies the SAML token and passes claims info to the business web application (relying party)
  3. business web application initializes user session based on the claims info.

We are looking to migrate to a most robust solution like either ACS, ADFS or something else.  ACS looks the most promising from a maintenance perspective.  I'm new to ACS but I suppose that it can handle the above use case, since it's one of the a very common SSO scenario. In addition, I would like to know if ACS can do the following too:

  • Issue SAML Request token to client identity providers
  • Federate with multiple client identity providers and one single business web application.

Thanks a lot for any information in advance.


Sponsored



Replies

Yuan2013 on Tue, 10 Sep 2013 04:19:11


HI

>>Issue SAML Request token to client identity providers

YES, please refer to http://msdn.microsoft.com/en-us/library/windowsazure/gg185948.aspx

>>Federate with multiple client identity providers and one single business web application.

Yes http://msdn.microsoft.com/en-us/library/windowsazure/gg185961.aspx

http://msdn.microsoft.com/en-us/library/windowsazure/gg185935.aspx