My .NET web application is authenticated using ADFS. I am using the WsFederationAuthentication
component in my OWIN middleware. As part of the process, my understanding is that in order to redirect a user to the appropriate STS, my server will make a call to the MetadataAddress specified in configuration to get the FederationMetadata.xml file and then issue a redirect based on the information in that file.
Here are some questions I had :
- This is a more general question. How do I find out what port my application is using to talk to the server that holds the metadata file? (MetadataAddress is of the form : https://sts.xxxx.com/federationmetadata/2007-06/federationmetadata.xml)
- If there are firewall policies blocking outbound traffic to that STS server, is there a way I could store that xml file locally on my server? Is this even recommended? If so, how would I go about accessing it?
- Even if I store it within my server, access happens over https to self (127.0.0.1) and I guess I will have the same firewall issues.
Any direction on any of the above queries will be helpful. I will add details add needed.