The following forum(s) have migrated to Microsoft Q&A (Preview): Azure Active Directory!
Visit Microsoft Q&A (Preview) to post new questions.

Learn More

 locked
ADFS Protected ASMX and WCF service RRS feed

  • Question

  • We registered all On-Premise applications and Services(ASMX/WCF) on Azure Active Directory to make them ADFS protected. We have DUO integrated on ADFS. But Since Azure AD Application proxy is in picture so all needs to be KCD authenticated. When an ADFS protected web application calls any service which is also ADFS protected, It breaks. Let me know what all changes, i can make in application or service to make both of them as ADFS Authenticated.
    Tuesday, January 8, 2019 3:18 PM

All replies


  • Hello Vipin,

    As per your description , it seems you have a scenario with 2 Apps. Both the apps are federated with ADFS and published on Azure through Azure App proxy connectors installed in your on-premise environment . I believe that the user is trying to access App1 using public URL and App1 tries to access App2 on behalf of the User using its public URL. If my understanding of your environment is correct , this would be a Kerberos multi-hop scenario I believe. Even though both the apps are protected by same ADFS , there is multi-level delegation which would happen in this scenario. Do you have any specific error that you get ? You can check this article for related errors in case you are getting any specific error as mentioned in the article. In case it is a different one , you can go through this article on how to setup KCD and multi-hop scenario using Azure App Proxy . 

    Thank you. 



    Wednesday, January 9, 2019 11:07 AM
  • Hello Shashi,

    Your understanding is correct. For now, I have removed Background services as Passthrue. Will get back to you when i'll again set the Pre-Auth mode as "Azure Active Directory.

    I have one mobile app which is calling ASMX service using basis authentication. ASMX service is deployed as Windows and Basis authentication. Please suggest, how can i integrate Mobile App and Service both with ADFS.

    Would like to keep ASMX service federated with ADFS by publishing on Azure through Azure App proxy connectors installed in your on-premise environment 

    Thanks

    Wednesday, January 16, 2019 2:52 PM