ACTAS with ADFS in thinktecture identity server v2
Question
I have to authenticate web users with STS (Thinktecture V2 STS).
Following are my applicaitons:
1 asp.net web applications (RP) - act as frontend 2. Backend Web API (RP) - provides data based on claim (lets say c1, c2) 3 STS (Thinktecture identity server v2)
The web application has two types of users:
1 Normal web users (Bob) - User enters username and pwd. STS authentitcates against our own database by implementing IUserRepository. Also implements IClaimrepository to add claims c1 and c2 with values retrieved from our own databse based on username. The token recieved from STS is then use to access web api.
- Internal company user (Allen) : These user provides Active directory credentials for authentication. If they are valid users they should have claims called Group. The group they belong to in active directory. then these users should able to access same backend web api methods on behalf of Bob( normal web user). This means STS should provide a token which has claims c1 and c2 of Bob.
The part to authenticate Normal web user is done. But dont know how to implement authentication for "Internal company user". The only part I know is that to authenticate "internal user" I will have to use ADFS but after that what to do?
Please help.
1 answers
solution1
1 2014-11-08 14:40:56
You typically use ADFS for that -
1) install ADFS and get it up and running
2) Add ADFS as an identity provider in IdSrv (and IdSrv as a relying party in ADFS)
3) use the issue/hrd endpoint in IdSrv instead of the standard wsfed one
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.