Contents
Environment
* Domain: contoso.com
* Windows server version: 2012 R2
* ADFS server: adfs1.contoso.com
* Web server: web1.contoso.com
* Sample App name: SampApp
Obtain ADFS Signing Token Cert Thumbprint
* Login ADFS server
* Start PowerShell_ISE as admin
* Run:
Get-AdfsCertificate -CertificateType Token-Signing | Select -ExpandProperty Thumbprint
* Remember thumbprint value which is used in SampApp’s Web.Config file.
Prepare Sample App
* Download SampApp and Rules.zip
* Extract SampApp folder from SampApp.zip to web server, e.g.: \\web1\d$\inetpub\Websites\Default Web Site
Edit Web.config
* Replace thumbprint values
* Replace:
app1.contoso.com
with:
web1.contoso.com
* Add before <system.web> if you happen to get code not trusted exception:
<trust level="Full" />Edit FederationMetadata.xml
* Open FederationMetadata.xml which is located at: \\web1\d$\inetpub\Websites\Default Web Site\SampApp\FederationMetadata\2007-06\FederationMetadata.xml
* Replace:
app1.contoso.com
with:
web1.contoso.com
Convert SampApp to Web App
* Start IIS Manager
* Go to: Sites > Default Web Site
* Right click SampApp and select Convert to Application
* Restart Default Web Site
* SampApp URL:
https://web1.contoso.com/SampApp
https://web1.contoso.com/sampapp/federationmetadata/2007-06/federationmetadata.xml
Add Sample App as Relying Party
* Login ADFS server
* Extract two files from SampAppRules.zip to C:\Temp\adfs3\rp\SampApp
* Copy modified SampApp federationmetadata.xml to same location
* Start PowerShell_ISE as admin
* Run:
Add-AdfsRelyingPartyTrust -Name "Sample Claims Aware Application" -IssuanceAuthorizationRulesFile C:\Temp\adfs3\rp\SampApp\IssuanceAuthorizationRules.txt -IssuanceTransformRulesFile C:\Temp\adfs3\rp\SampApp\IssuanceTransformRules.txt -MetadataFile C:\Temp\adfs3\rp\SampApp\federationmetadata.xml
Test Sample App
* Point browser to:
https://web1.contoso.com/SampApp/
* Sign in with a valid domain account
Reference
* Install and Configure a Simple .Net 4.5 Sample Federated Application (aka.ms/SampApp)