My WebMethods Portal SSO with ADFS 2.0 as Identity Provider

Hello,

could somebody explain to me how to configure SSO to the My WebMethods Portal with Microsoft Active Directory Federation Services 2.0 (ADFS 2.0) Identity Provider?

Is there a Tutorial somewhere?

In the SAML Authentication Administration it says : In order to properly configure webMethods Portal to accept External SAML authentication credentials, the URI of the SAML Security Provider must be specified.

I’ve entered the Federation service identifier: http://adfs.myserver.com/adfs/services/trust

What is the next step? I’ve created a relying party trust but now i am stuck. I’ve read that i have to import a certificate or the XML Metadata. But where can i do this in my Webmethods Portal?

Thanks in advance for helping me out! :slight_smile:

best regards

Andreas

P.S. It would be awesome if somebody could link a tutorial for this (like http://support.talentlms.com/knowledgebase/articles/328229-how-to-configure-sso-with-microsoft-active-directo ) or just post the necessary steps here!

Did you check the “Setting up Single Sign-On” in
“Administering My webMethods Server” guide?

Updated:

First of all thanks for your reply Tong Wang,

Yes, i’ve read the chapter “Setting up SSO” of the Administering My webMethods Server Version 9.5 SP 1 Guide:

First it says to import the CA certificates with the command line (explained on page 34)

I’ve imported the Token Signing certificate from my ADFS 2.0 Manager

In the next step at the Administration Dashboard > Configuration >SAML Authentication Administration I didn’t change anything except of the Security Provider URI field, where I’ve entered the Federation service identifier of the ADFS.

For clarification:

The goal is to authenticate directly with the AD user to the my WebMethods portal without seeing this login screen:

Hi Andreas,
We have also achieved the same in our project. For that we tried NTLM V2 not the ADFS.
One reason is NTLMv2 is east to configure and from licence point of view it is quite cheaper than ADFS.
In-case you already have licence for ADFS server then you can give it a try but if you did not buy licence for it then i would suggest go for NTLMv2.

Hi Vikas, Thanks for your information.

We are using wM 9.12 and we are trying to configure NTLMv2 at our end and failed while doing the same. Could you please help in guiding me to configure the same for our environment? Also let me know what are the prerequisites to achieve this.