Skip to content

Secure Application Access by using AD FS and UAG – UAG acting as ADFS Proxy Topology

February 17, 2011

In the previous post I showed to you how UAG can be used with ADFS to publish Claims aware application and provide single sign-on into  such applications along with traditional applications which require UserID/password. In that demonstration UAG was configured with Form Based Authentication (FBA) and user was authenticating to UAG before they could get access to actual applications.

Today’s demonstration shows a different UAG/ADFS topology, with UAG configured as ADFS proxy is exposes ADFS server for authentication and then it can provide you with UAG portal or directly route to the target application.

This demonstration was created to satisfy the following requirements for our fictitious Woodgrove Bank Corp:

  • Woodgrove Bank must provide secure access to documents on its Extranet SharePoint site to remote employees.
  • SharePoint site was designed to accept Claims based authentication.
  • Woodgrove Bank plans to allow access to SharePoint site to its partners using Claims based Federation technologies.
  • Limit access to client computers that do not meet the company policy.

As always, for best user experience please watch this demo in Full screen and enable HD. Let me know if you have any questions.

Advertisements
2 Comments
  1. dealkk80@gmail.com permalink

    I don’t understand what the purpose of ADFS proxy in this video vs regular adfs on video “Secure Application Access with ADFS and UAG – UAG providing FBA”. can you please explain? Also, can you use ADFS proxy with out UAG to provide external access.

    • ADFS Proxy is actually a prefered way to provide access to the ADFS server. ADFS server must be kept very secure and you do not want to expose ADFS to the Internet. ADFS Proxy will terminate all Internet traffic and communicate to the back end ADFS, so the Internet based user will never communicate with it direct.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: