ADFS authentication configuration - Bugs & Issues - Bugs & Issues - Progress Community
 Bugs & Issues

ADFS authentication configuration

  • ADFS authentication configuration
  • I'm trying to set up SSO with an ADFS server using sitefinity version 10.0.6412.0. I followed the instructions here - docs.sitefinity.com/administration-adfs-(active-directory-federation-services). When I attempt to log in with this new button on the default sitefinity login screen the ADFS server appropriately responds to the request. After successful ADFS authentication the server returns the expected claims and the login page redirects appropriately. However, no sitefinity roles are automatically assigned.

     

    A couple of notes about my configuration:

    1. The sitefinity web app is hosted in Azure.
    2. The sitefinity web app is currently using a self-signed certificate that I created (both uploaded in Azure and installed locally on my machine as trusted).

     

    Given that I'll eventually need to access custom claim types/values for things other than authentication, I tried implementing the code discussed here - knowledgebase.progress.com/.../ . When I debug this code locally the LoginCompletedEventVerification method is never invoked.

     

    Here is the only relevant information in the Authentication.log file:

    ----------------------------------------
    Timestamp: 11/20/2017 4:06:33 PM
    Message: External login requested for provider: ADFS
    Category: Authentication
    Priority: -1
    EventId: 1
    Severity: Information
    Title:
    Machine: [my machine]
    App Domain: /LM/W3SVC/3/ROOT-3-131556673726617577
    ProcessId: 30936
    Process Name: c:\windows\system32\inetsrv\w3wp.exe
    Thread Name: 
    Win32 ThreadId:7396
    Extended Properties: 
    ----------------------------------------
    ----------------------------------------
    Timestamp: 11/20/2017 4:06:33 PM
    Message: Triggering challenge for external identity provider
    Category: Authentication
    Priority: -1
    EventId: 1
    Severity: Information
    Title:
    Machine: [my machine]
    App Domain: /LM/W3SVC/3/ROOT-3-131556673726617577
    ProcessId: 30936
    Process Name: c:\windows\system32\inetsrv\w3wp.exe
    Thread Name: 
    Win32 ThreadId:7396
    Extended Properties: 
    ----------------------------------------

     

    Here are my sitefinity ADFS configuration settings:

    Metadata Address = https://[MyADFSServer].com/federationmetadata/2007-06/federationmetadata.xml 

    Wtrealm = https://[MySitefinityApp].com/

    Data Provider = Default

    Name = ADFS

    Auto assigned roles = Users,BackendUsers

  • I may have solved the problem by adding /sitefinity/authenticate/openid to my sitefinity Wtrealm (relying party) setting.

     

    Once I'm confident that the configuration is complete then I'll mark this as the answer.