We know that there are multiple ways to use ADFS for single sign feature. Here is the scenario which I need to resolve:
One .Net web application is on DMZ network within an Organisation. We also have Active Directory on DMZ which have to be used for keeping credentials of users logging into this web application. Another .Net web application is on DMZ network within another organisation. We want to implement Single sign feature in between these two web applications.
The question is if we want to have SSO implemented, then will this be possible by just deploy an ADFS server on first organisation without any ADFS proxy server? Also, is it fine if we don't have any federation server within second organisation?
The structure will be somewhat similar to following diagram.
One .Net web application is on DMZ network within an Organisation. We also have Active Directory on DMZ which have to be used for keeping credentials of users logging into this web application. Another .Net web application is on DMZ network within another organisation. We want to implement Single sign feature in between these two web applications.
The question is if we want to have SSO implemented, then will this be possible by just deploy an ADFS server on first organisation without any ADFS proxy server? Also, is it fine if we don't have any federation server within second organisation?
The structure will be somewhat similar to following diagram.