Hi,
I have configured ADFS 2.0 to work with an application vendor that only accepts IdP-Initiated SSO using SAML 2.0; they do not send a SAMLRequest.
When the user goes to the Application page...
- they are redirected to https://adfs-server/adfs/ls/IdpInitiatedSignOn.aspx?SAMLRequest=&RelayState=application-url
- first thing is they have to choose the application (how can i stop this from happening, and direct them directly to the login screen)
- once logged in, they are redirected correctly to the application page and are logged in to the application
- After closing the IE session and going again to the same appilcation page, steps 1 - 3 are repeated (how can I get SSO to work so they don't need to login again).
The application vendor say they do not provide a SAMLRequest to start and expect the ADFS server to do the IdP initiation login directly, so ADFS is suppose to understand the SSO cookie and login the user directly.
Hany Elkady
Infrastructure Consultant