I have Active Directory Federation Services 2.0 all setup and ready to work, but I have a scenario that falls outside pretty much everything I've read on enabling a relying party application. The 2 scenarios that are well documented involve A) Passive authentication for a web site or B) Using a thick client that's authenticated for calling web services.
My scenario is as follows: I have a web application that calls WCF services via Net.TCP for data access. I need to use ADFS 2.0 to secure each WCF call with a secure token.
I also can't use use the passive method of authenticating with ADFS from the web site (security restrictions outside my control).
So my question is, is it possible to manually request a secure token from ADFS via a web site, then use that same token to call my WFC service methods?