Application federation (SSO) with Azure AD

Two ways to integrate/federate applications with Azure AD: Azure marketplace: https://azure.microsoft.com/en-us/marketplace/active-directory/all/ check if the application exists: The Microsoft Azure Marketplace is an online store that offers applications and services either built on or designed to integrate with Microsoft’s Azure public cloud. Else, how to configure single sign-on to applications that are not in the AzureContinue reading “Application federation (SSO) with Azure AD”

Understanding SAML protocol

If you’re doing research on protocols that enable single sign-on, a typical question is, “How does SAML work?” (credits: http://www.gluu.org/blog/how-does-saml-work-idps-sps/) Comparing SAML with WS-FED and OAuth; https://blogs.technet.microsoft.com/askpfeplat/2014/11/02/adfs-deep-dive-comparing-ws-fed-saml-and-oauth/ ” SAML, or Security Assertion Markup Language, is the leading SSO protocol today and is a valuable standard to understand in order to fully comprehend how single sign-onContinue reading “Understanding SAML protocol”

What is OAuth? OAuth versus Kerberos ! ADFS and OAuth !

Introduction: When Kerberos was chosen to be AD’s authentication protocol in the mid- to late-1990s, the World Wide Web was a shadow of what the Internet offers today. Although the Kerberos ticket contained an encrypted password hash that could be attacked, there wasn’t any substantial requirement to provide support outside the highly protected corporate firewall.Continue reading “What is OAuth? OAuth versus Kerberos ! ADFS and OAuth !”

How to use fiddler to analyze a SAML response

Web articles: http://social.technet.microsoft.com/wiki/contents/articles/3286.ad-fs-2-0-how-to-use-fiddler-web-debugger-to-analyze-a-ws-federation-passive-sign-in.aspx http://msinnovations.wordpress.com/2011/05/24/using-fiddler-to-trace-a-saml-idp-request-from-adfs-2-0/ Web sites to decode base64 SAMLResponse: http://decode.urih.com/data/ or URL decoder tool: http://meyerweb.com/eric/tools/dencoder/ BASE 64 decoder tool: http://www.opinionatedgeek.com/dotnet/tools/base64decode/ Understanding SAML: http://en.wikipedia.org/wiki/Security_Assertion_Markup_Language Cisco Webex, SSO troubleshooting: http://www.cisco.com/c/en/us/td/docs/collaboration/CWMS/1_1/b_troubleshootingGuide/b_troubleshootingGuide_chapter_01001.html