asp.net - Sign out from Windows Authenticated ADFS and sign in as different user in form base auth -


we going enhance authentication , authorization system of our intranet web app. after having few days reading adfs, sts, claim based authentication, asp.net identity. still not sure how these things works together.

most of our intranet web applications using windows integrated authentication, uses windows group or azman role base authorization. have few applications(vendor application) use own user database , form base authentication.

we want add following features our web applications.

  1. for windows authentication application, want let user sign out / sign in different user. when user using his/her computer access application, auto logged in (default windows integrated authentication). when he/she log out, redirect form allow input other user credential.

  2. we want allow user login system using system b username/password. e.g. windows authentication application, want allow user login application using credential of form base application (vendor application) of via visa

i don't know if adfs can solve these 2 problems.

from understanding, main purpose of adfs allow access internal application internet, , require ssl.

our application in intranet, , don't want manage ssl cert.

but using adfs, perhaps can enable both windows , form authentication on application, let use log out , re-direct him login form access outside company network. should solve problem 1.

for problem 2, if can create custom sts issue security token using user database of form base authentication appliaction. can use claim based authentication , allow 1 application can use adfs , sts. should solve problem 2.

is direction correct? or complicated problem?

adfs not work without ssl.

furthermore, rp have use ssl.

internally, users logged in seamlessly using wia. when logout, seamlessly logged in again.

also adfs v3.0 , below can authenticate against ad.


Comments