ADFS seems to be the preferred method of authentication for SSO. I have it working with ADFS 2.0, but there really isnt a proper fallback method for users to do forms based auth (or even get a prompt) Our situation is kind of unique in that we have users from two other organizations who connect to our network. So effectively I want firstname.lastname@example.org to have SSO , and if email@example.com or firstname.lastname@example.org tries to login they get prompted for their credentials for domain1.com (its a strange setup... but i have no say in that matter).
Would enabling forms and windows integrated auth work in this case? Or would it still simply grab the credentials for email@example.com and fail because it cant find it? Also, if theres an alternative method where they would simply get prompted with an ugly browser based login, I'd love to hear that as well!
This post may be what you are looking for:
I'm sure you could adapt the approach. There is some official Episerver documentation around this too:
Thanks David. To handle outside users, I added a custom action to the base Page Controller which does a little check to see who you are. If they're local (and not logged in) it fires the authentication challenge. If not, it simply sends them through and I have a manual login link. It'd be nice if ADFS handled that, but I cant complain given how old 2.0 is already :)