leastprivilege
commented
8 years ago That's a WS-Trust endpoint. We don't support that - and it cannot easily be added.
Open joelhaslerfhnw opened 8 years ago
leastprivilege
commented
8 years ago That's a WS-Trust endpoint. We don't support that - and it cannot easily be added.
joelhaslerfhnw
commented
8 years ago thanks you very much for the fast answer! But it is possible to add the functionality, it is just a question of time, priority and of course money?
leastprivilege
commented
8 years ago Everything is a question of money ;)
Hi
We currently use ADFS 3.0 as a «protocol Gateway» to authenticate SharePoint 2013 against our SAML2-based Identity Provider (Shibboleth). We are investigating if we can replace the ADFS Server with a solution based on IdentityServer3 with the WS-Federation plugin together with Kentor Authentication Services (https://github.com/KentorIT/authservices). In our Proof of Concept Environment 95% woks like a charm, but there is one simple part missing so that we can replace ADFS definitely. We use a special endpoint from ADFS (/adfs/services/trust/13/usernamemixed) to get a SAML Token based on Username and Password from the Identity Provider "Active Directory". We need this in SharePoint to be able to get the current user context in a web service, because with ADFS and SharePoint by default the impersonation will be done with the IUSER and not with the current logged in user. Do you know if this can also be implemented in IdentityServer3?
Many Thanks for your help. Cheers, Joël