Shibbolet SP/iDP and ADFS 2.0 iDP to protect web pages

[Cantor, Scott]

On Aug 8, 2012, at 3:11 AM, "Renzo De Renzi" <renzos at me.com> wrote:

> I couldn't understand how to redirect the authentication of that folder to the ADFS 2.0 machine, I imagine it should be managed through the shib.conf and shibboleth2.xml files but I did some tests changing AuthType in shib.conf from "shibboleth" to "adfs" with no success. I worked on the SessionInitiator tag in shibboleth2.xml as well but nothing to do, here how it is now:

Neither is correct and you don't need or want a SessionInitiator at all.

Add ADFS to the protocol list in the SSO element and specify the IDP by adding an entityID property pointing to that system in your content rules with ShibRequestSetting.

> Even reading the official documentation it's still not so clear for me the role of the defaultacsindex tag.

That's been deprecated for years, it's acsIndex, and that shouldn't be used in the majority of cases.

-- Scott