It depends on my ASP.NET MVC / Web API user authentication question . The answers I was given prompted me to research claims-based authentication protocols, and I read through the next book to try to get a better understanding of Microsoft technologies that would allow me to do this.
According to the linked book, you can use Active Directory Federation Services (ADFS) 2.0 to issue claims. It is unclear whether users should be stored in Active Directory. Say I have an existing legacy application that handles authentication and in which user information (username, password, email, etc.) is stored in an Oracle database (according to my previous question), can I use ADFS to issue claims or Do I need to create my own claims issuer (STS) in this existing application?
Given Active Directory in Active Directory Federation Services, it seems that having users stored in AD is a requirement, but the book also has the following image
as well as this
ADFS , Active Directory , ADFS.
. - ?