What's the difference between ADFS, WIF, WS Federation, SAML, and STS?

Question

These are numerous technologies and buzzwords used for single sign-on with Microsoft services.

Can someone explain ADFS, WIF, WS Federation, SAML, and STS (Security

Answer 1

This post is aimed at clarifying SAML Tokens, supported in ADFS 2.0, and SAML protocol, not supported until ADFS 3.0, the version of ADFS in Windows Server 2012 R2

1) The SAML protocol is not supported prior to ADFS 3.0

2) .net 4.5 based WIF applications require using the WS-Fed protocol and currently do not support SAML-Protocol

3) SAML Tokens are XML based. SAML tokens are supported in ADFS 2.0 and previous versions. ADFS 1.0. 1.1. and 2.0 only support the SAML Tokens, not protocol

4) If you are using WIF, WS-Fed (protocol) is required - so you could do the following:

SAML Protocol <---> ADFS <----> WS-FED <----> WIF (.net 4.5)

From Wiki:

• ADFS 1.0 - Windows Server 2003 R2 (additional download)

• ADFS 1.1 - Windows Server 2008 and Windows Server 2008 R2.

• ADFS 2.0 - Windows Server 2008 and Windows Server 2008 R2 (download from Microsoft.com)

• ADFS 2.1 - Windows Server 2012.

• ADFS 3.0 - Windows Server 2012 R2.