I am attempting to use Thinktecture Identity Server v2 as a federated identity manager. I have the identity server up and running and authentication works fine. My issue is that my test site I am using to test the authentication redirects to the identity server on page load at localhost:8080/, but what I would like to happen is the authentication redirect happen after a user clicks a link and only protect certain directories such as localhost:8080/app/ and localhost:8080/ should be accessible by non-authorized users. I essentially followed this tutorial to set up the IdP.
My web.config currently contains
<appSettings>
<add key="ida:FederationMetadataLocation" value="https://localhost/idsrv/FederationMetadata/2007-06/FederationMetadata.xml" />
<add key="ida:Realm" value="https://localhost:8080/" />
<add key="ida:AudienceUri" value="http://localhost/" />
<appSettings>
...
<system.identityModel.services>
<federationConfiguration>
<cookieHandler requireSsl="true" />
<wsFederation
passiveRedirectEnabled="true"
issuer="https://localhost/idsrv/issue/wsfed"
realm="http://localhost/"
requireHttps="true" />
</federationConfiguration>
</system.identityModel.services>
I have attempted to change the realm using
<add key="ida:Realm" value="https://localhost:8080/app/" />
but the redirect still happens when I land on localhost:8080/ instead of where I want it to happen at localhost:8080/app/.
EDIT: I guess what I am really asking here is what is a Realm and what is AudienceUri and how can I configure those to only protect certain sections (directories) of my app.
