Customizing the AD FS 2.0 Sign-in Web Pages

re: Customizing the AD FS 2.0 Sign-in Web Pages

Martin Bélanger — Thu, 17 Nov 2011 18:29:01 GMT

With this solution, the SSO doesn't work.

re: Customizing the AD FS 2.0 Sign-in Web Pages

Catalin Pop — Tue, 14 Sep 2010 12:56:31 GMT

This sample doesn't work, for some reason I've tried with multiple custom STS'es and with "ipsts.federatedidentity.net/.../Sts" and the result is the same: "http 500 Internal Server Error".

Any ideeas what's happening?

re: Customizing the AD FS 2.0 Sign-in Web Pages

busta — Tue, 16 Mar 2010 18:03:01 GMT

For authenticating users against a non-AD credential store, calling a custom STS is an "ok" workaround. However, if I have to create a custom STS to authenticate users against a non-AD credential store, then in many cases I may not both with ADFS V2 at all. Why pay the price for another STS bounce? By the time I create the custom STS I can authenticate the user and issue the SAML token carrying appropriate claims in a single call. Insetad I might create a custom RP-STS, federate with ADFS V2 for my windows domain users, and then use the RP-STS as the domain for non-AD users.

What I really wish for is a way to have a sign-in or RST to ADFS V2 look at a different credential store behind the scenes without bouncing to another STS. Is there a roadmap for this?