I'm trying to understand what is the mechanism that can send user authentication details to the ADFS server via Internet Explorer is. / P>
I plan to use a cloud-based service that is integrated with the local ADFS server. When a user, who is already authenticated via the local Active Directory, tries to use the cloud-based service through the browser, it will be sent to the local ADFS server for authentication.
I understand that the user will not already prompt the user for the local Active Directory, ADFS password, but it will automatically authenticate it.
I am trying to understand how the authentication information by the user makes the user machine in the adfas server by the browser. Is it done by some function call jscript, etc?
ADFS is configured with Windows integrated authentication. If the user is on the domain, he will authenticate with ADFS as if it was another app on the configured intranet with Windows Integrated Ath (via Kerbo / NTLM). If the user is not on the domain, instead the ADFS will show a form where you enter the user / password. You have to deploy an ADFS proxy for this.
No comments:
Post a Comment