Hello everyone,
A custumer wants to do ASO with ClearPass and ADFS.
Example : a employee goes to a captive portal and logs in. Then, when he goes to an web application ASO compatible (SharePoint for example), he's automatically logged in.
I read the technote about SAML Configuration, but i'm not sure to understand how it works. I've never worked on that.
https://support.arubanetworks.com/Documentation/tabid/77/DMXModule/512/Command/Core_Download/Default.aspx?EntryId=24992
If i'm right, ClearPass would be the Service Provider (SP) and ADFS would be the Identity Provider (IdP). After a succesful 802.1X authentication, un token is generated by ClearPass and sent to the controller.
When the user goes to the application, he is redirected to the IdP URL to do a SAML request. The controller intercepts the request and inserts the token and forward it to the SAML IdP.
Then the IdP checks the token. If it's valid, it sends a SAML assertion in the response to the user.
My question is : how the IdP can check the validity of the token ?
Thank you for your help