ADFS - On premises SSO Implementation

0
votes

I have an Asp.Net application that communicate with ADFS(on some other Windows Server) for authentication purpose. Currently, when we navigate to application, it redirects to ADFS SSO authentication page. I followed this blog to implement SSO and have some questions here:

  1. Can we change implementation so that it may redirect to authentication page only when I press login button ?
  2. Can we change implementation so that only one page/URL of my application can be accessed without any authentication ?
  3. What parameters are returned when user is authenticated and redirected back to landing page. How do we get all available parameters ? In this blog returning things are are Value, ValueType, Subject Name, Claim Issuer and Claim Issuer type. Can I get email or username ? so that I may link that person to a client in my application.

If anyone of above is possible, how I can get it ?

1
asp.netsingle-sign-onforms-authenticationadfs

1 Answers

0
votes

  1. The login button is part of the ADFS screen. That's by design. The sample uses WIF so you are outsourcing authentication to ADFS.

  2. Yes - Use the "location" annotation in the web.config. refer Location Element.

  3. The parameters that are returned are the claims configured in the claims rules. The article show "Display-Name" and UPN. If you want email, just add another row and select it from the dropdown.