locked
single sign on ADFS RRS feed

  • Question

  • Hi All,

    I need to implement SSO between an .net application running on windows and java application running on Linux on the different network.

    I think that i should use ADFS for this.Am i correct.

    Also what will be the procedure of implemention solution based on ADFS(should i use WCF or what for this).

     

    Cheers

    Friday, July 6, 2007 12:54 PM

Answers

  • If it's a serious system take a look at http://www.microsoft.com/technet/security/guidance/identitymanagement/idmanage/default.mspx?mfr=true
    Monday, July 9, 2007 9:23 PM
  • IMO if you're always going to talk to a single AD, your team are fully included with the work done on the AD then going direct should be fine and the connection to the AD is robust then direct comms to the AD is fine. If your application is a satellite application, that isn't really involved with the maintenance of the AD or you need to operate when the AD is unavailable then I'd consider using ADAM - its name suggests its use.

     

    Friday, July 13, 2007 9:32 AM

All replies

  • If it's a serious system take a look at http://www.microsoft.com/technet/security/guidance/identitymanagement/idmanage/default.mspx?mfr=true
    Monday, July 9, 2007 9:23 PM
  • ADAM with custom wrappers is another great option to leverage brokering between two domains or applications.
    Wednesday, July 11, 2007 5:26 PM
  • Here again the important question is what are the driving factors for deciding whether to use ADAM or active directory.

    Can you please throw some light on some of those situation which prompts us to use active directory or ADAM.

     

    Cheers 

    Friday, July 13, 2007 6:12 AM
  • IMO if you're always going to talk to a single AD, your team are fully included with the work done on the AD then going direct should be fine and the connection to the AD is robust then direct comms to the AD is fine. If your application is a satellite application, that isn't really involved with the maintenance of the AD or you need to operate when the AD is unavailable then I'd consider using ADAM - its name suggests its use.

     

    Friday, July 13, 2007 9:32 AM