All geek questions in one place

ADFS User Authentication (Active Directory Federation Service)

I need to check if a specific user exists or not in Active Directory on ADFS .

So, I want my ADFS to check user Authentication using UserName / Password.

Can someone please provide an example code OR tutorial for the same.

Thanks in advance!

+4
source share
3 answers

To use Username / Password authentication, you can use

trust / 13 / UsernameMixed

ADFS 2.0 endpoint

This does NOT check if the user exists in Active Directory!

In the code, you request a token as follows:

 WSTrustChannelFactory adfsfactory = new WSTrustChannelFactory(new UserNameWSTrustBinding(SecurityMode.TransportWithMessageCredential), StsEndpoint); adfsfactory.TrustVersion = TrustVersion.WSTrust13; // Username and Password here... factory.Credentials.UserName.UserName = "domain\username"; factory.Credentials.UserName.Password = "password"; IWSTrustChannelContract channel = adfsfactory.CreateChannel(); // request the token SecurityToken token = channel.Issue(rst);

Then create a factory channel for your service using your token:

 var binding = new WS2007FederationHttpBinding(WSFederationHttpSecurityMode.Message); var factory = new ChannelFactory<IYourInterface >(binding, "your service address"); factory.ConfigureChannelFactory(); IYourInterface channel = factory.CreateChannelWithIssuedToken(token);

Hope this helps!

+5
source

AD FS 2.0 login pages support authentication of the username and password out of the box. No need for code or settings.

+1
source

According to @Marnix, this does not work.

However, just to indicate:

User authentication is not the same as checking if a specific user exists in Active Directory.

eg. user may be blocked. It still exists in AD, but cannot authenticate.

0
source

Source: https://habr.com/ru/post/1413144/

More articles:


All Articles