...
See: https://docs.microsoft.com/en-us/windows-server/identity/ad-fs/operations/create-a-relying-party-trust for details of how to setup a Relying Party Trust in the current version on ADFS on Windows 2016, which is how iShareGIS iShare GIS will operate in an ADFS environment. The method will be similar but not identical in Windows 2012 and Windows 2008.
While configuring ADFS itself is outside of the scope of iShare documentation or consultancy, the following are what we understand are the necessary steps to enable iShareGIS to be a Relying Party Trust:
- iShareGIS iShare GIS Relying Party Trust must be setup manually
- Support WS-Federation Passive protocol
- Ensure Replying Party Identifier matches the Relying Party Trust URL (which is the iShareGIS iShare GIS application URL, see below)
- Once the trust has been configured, pass the Federation Metadata document URL (or a file, if the iShareGIS server cannot access your ADFS service or ADFS proxy directly) to the consultant setting up iShareGISiShare GIS.
- Once iShareGIS iShare GIS has been configured to make use of ADFS, test to make sure that users get redirected to the ADFS service or Proxy when trying to access iShareGISiShare GIS, and that they successfully authenticate
- Setup rules for Name and Role claims (see below).
...