I am very confused about my current ADFS setup. I have an identity provider that issues a SAML 2.0 token to ADFS 2.0 in an IDP-Initiated scenario. ADFS translates the token into WS-Federation, and forwards it on to a claims aware (WIF) web application. The web application, however doesn't recognize the user has having authenticated and redirects back to Home Realm discovery. I've used SAML Tracer in Firefox and I can see the SAML assertions going in and the WS-Federation claims in the parameters being sent to the web application. Is there a step I am missing? I set up custom claim rules to translate the SAML assertion into a WS-Federation claim (e.g. http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name) If I switch the SP application to a SAML 2 web app, then everything works fine.
