/
ADFS SessionInitiator

ADFS SessionInitiator

Owned by Rod Widdowson
Last updated: Nov 29, 2021
1 min read

 

Advanced Configuration

Note, this is an advanced configuration feature. Most deployments can rely on the <SSO> shorthand element.

The ADFS handler is only available if the adsfs.so extension library is loaded by the SP.

Indicated by type="ADFS", this initiator supports Microsoft ADFS authentication requests, a subset of the WS-Federation passive requester profile. As a protocol handler, an entityID must be specified/known, which is then used to check for metadata with an <md:IDPSSODescriptor> role supporting ADFS. The absence of either causes a warning to be logged and the handler otherwise ignores the request.

A "supporting" IdP's role element has a protocolSupportEnumeration attribute containing the value "http://schemas.xmlsoap.org/ws/2003/07/secext", with an accompanying <md:SingleSignOnService>with a Binding of "http://schemas.xmlsoap.org/ws/2003/07/secext".

Attributes

Query String Parameters

The following can be provided via the Initiator Protocol

Common Parameters

Specific Parameters

There are no protocol specific parameters



Related content

Sessions
Sessions
Service Provider 3
Read with this
ADFS AssertionConsumerService
ADFS AssertionConsumerService
Service Provider 3
More like this
SSO
SSO
Service Provider 3
Read with this
ADFS LogoutInitiator
ADFS LogoutInitiator
Service Provider 3
More like this
Chaining SessionInitiator
Chaining SessionInitiator
Service Provider 3
Read with this
ADFS Sessions Configurations
ADFS Sessions Configurations
Service Provider 3
More like this