Category: azure security
SquareWheel on Mon, 09 Sep 2013 15:20:47
We currently have a custom-made module that handles SSO tokens from client portals so client users can get into our web application seamlessly. The process is in general is like this:
- client portal/identity provider posts SAML response token to our custom-made SSO module
- custom-made SSO module decrypts and verifies the SAML token and passes claims info to the business web application (relying party)
- business web application initializes user session based on the claims info.
We are looking to migrate to a most robust solution like either ACS, ADFS or something else. ACS looks the most promising from a maintenance perspective. I'm new to ACS but I suppose that it can handle the above use case, since it's one of the a very common SSO scenario. In addition, I would like to know if ACS can do the following too:
- Issue SAML Request token to client identity providers
- Federate with multiple client identity providers and one single business web application.
Thanks a lot for any information in advance.
Yuan2013 on Tue, 10 Sep 2013 04:19:11
>>Issue SAML Request token to client identity providers
YES, please refer to http://msdn.microsoft.com/en-us/library/windowsazure/gg185948.aspx
>>Federate with multiple client identity providers and one single business web application.