WIF using SAML 2 / Federate AD FS 2.0 with CAS

Question

WIF using SAML 2 / Federate AD FS 2.0 with CAS

I am trying to implement requirements based web SSO using WIF and AD FS 2.0 right now. Right now I have an existing ASP.Net application that delegates authentication to the AD FS 2.0 server and trusted security brands. This is working fine.

However, the organization has an existing JA-SIG Authentication Service Server (CAS) that supports SAML 2. I would like to replace AD FS 2.0 with the existing CAS.

In my understanding, WIF uses WS-Federation, which looks like a container around a SAML token. Can I use the simple SAML 2 protocol and its bindings (redirection or POST)? If this is not possible (as I believe), a second alternative would be to use a federation identifier and AD FS 2.0 federation with CAS. Is it possible? There is little information on the Internet about this.

Thank: -)

+3

wif cas single-sign-on adfs2.0

spa Mar 19 '10 at 16:10

source share

2 answers

. v2 (ACS v2) . SAML1.1, 2.0, , - (SWT) .. . https://portal.appfabriclabs.com/Default.aspx

+1

noob 06 . '11 19:44

spa · Accepted Answer · 2010-03-23T10:20:21+0000

After some research, I came up with the following problems. CAS 3.x supports SAML 1.1 tokens and the SAML 1.1 protocol, including Web SSO. ADFS 2.0 has support for SAML 1.1 / 2.0 tokens. However, only SAML 2.0 protocol is supported. This means that it is not possible to combine between CAS and ADFS 2.0.

OpenSSO, , WS-Federation WIF-.

WIF using SAML 2 / Federate AD FS 2.0 with CAS

More articles: