ADFS is a standards-based service that allows the
secure sharing of identity information between trusted partners (known as a
federation) across an extranet. When a user needs to access a Web application
from one of its federation partners, the user's own organization is responsible
for authenticating the user and providing identity information in the form of
"claims" to the partner that hosts the Web application. The hosting partner uses
its trust policy to map the incoming claims to claims that are understood by its
Web application, which uses the claims to make authorization decisions.
CalNetAD has rolling out ADFS in support of Microsoft
Web Based applications that can utilize ADFS as a web based single sign on
solution as well as a solution to support federating web applications with other
partners. The CalNetAD Team will also work with departments on campus that have non Microsoft applications that Support ADFS 3.0 to see if it can be extended to their applications.
To utilize the Campus ADFS with your application please open a ticket by sending an email to win-ticket@berkeley or Contact Campus Shared services to have a request opened.