How to redirect to custom page when cancel ADFS windows authentication?

1
votes

I have a ASP Web app have single sign-on with our ADFS server.

If I link to the ASP Web, it popup a windows authentication dialog which want to connect ADFS server. Now when I was successful authenticated,I can redirect to the realm url which I set in web.config of the App Web. But when I cancel the windows authentication, the page is blank, and the url is https://adfs.server.com/asdf/ls/wia?wa=wsignin1.0&wtrealm=url&wctx=url&wct=2014-12-18T06%3a05%3a21Z

How can I specify a custom page where user should be redirected after user cancel windows authentication?

1
adfsunauthorized

1 Answers

0
votes

The short answer: "You cannot". There is no way to improve on this, until Microsoft implements it in their protocol request handlers and authentication handlers.

With major juggling it might, theoretically, be possible in ADFS before S2012R2 (it is already hard without ADFS, because you end up rewriting the authentication stack as SharePoint did). However, it certainly isn't possible in ADFS S2012R2.

Before S2012R2: IIS handles it (WIA required on the path) and doesn't let the request go to ADFS after WIA failure. ADFS doesn't even know it failed.

ADFS on S2012R2: You cannot extend/customize that ADFS as you could with the older ones.