3

Does anyone know is it possible to do a single sign up web application with ADFS in a "pure" angularjs enviroment? I am at the point to decide which framework for my next project. One of the main requirement is the ability to do "single sign up" with ADFS, but I don't want to "mix" angularjs with asp.net, just make thing more complicated. I would like to go pure angular without any asp.net framework, is it even possible?

I know there are a lot of questions on this topic, but it seems no one is really answering the question. Is it because it's not doable?

By the way, It is an intranet web application.

cjskywalker
  • 3,285
  • 2
  • 16
  • 16
  • I always recommend to keep the authentication piece of an app outside Angular. This makes life lot more simpler. See my answer here http://stackoverflow.com/questions/18288329/how-to-handle-authentication-in-angular-js-application/18289326#18289326. – Chandermani Mar 27 '15 at 15:31
  • Does ADFS work over HTTP? Can it do CORS? If yes then you can implement a pure JavaScript "client" for it. - Also AngularJS does not bring anything to this. It's a matter of does JS running in a browser talk the necessary protocols. – Sergiu Paraschiv Mar 27 '15 at 15:31
  • Thanks, but all of your suggestion, User still need to go to login page at least "once", is there anyway we can avoid that? since they are already authenticated once when they log in to their windows computer. – cjskywalker Mar 27 '15 at 15:36

2 Answers2

0

The problem is not with your ADFS server, the ADFS protocol itself, AngularJS, JavaScript or the browser. It's with the way you tell your client-side application that the user is logged in from your server-side application. As far as I know there is no way to do "pass-through" authentication over HTTP so you will need to have your users go through the preauthentication step. With ASP.NET you get an access token "for free" because the ASP.NET application runs on a machine that's in the "trusted" ADFS network. Your browser on the other hand is not. The only way for ADFS to know you are who you say you are is to preauthenticate you.

Sergiu Paraschiv
  • 9,929
  • 5
  • 36
  • 47
0

I just implemented it using the Azure Active Directory for JavaScript library. After IT registered my app for me, I was up and running in 10 mins. There is an AngularJs example in the source code. https://github.com/AzureAD/azure-activedirectory-library-for-js

You should also register your development workstation so you can test locally.

Eric Rohlfs
  • 1,811
  • 2
  • 19
  • 29