asp.net - Federated Services

Question

I have a .NET web application, authentication is typically done through windows authentication. Normally it's placed on a local lan and is a member of a domain so users authenticate directly to AD. However I was told that I had to figure out to authenticate to the domain when the web server is on a perimeter network. I was told that adfs is the way to go. However I'm unsure of how to implement this. I read about the web application proxys but those would have the application on the lan. A relying trust sounds like what I want but it's not clear on technet how this works and how to integrate with anything other than a sharepoint site. I was told not to use something like a rodc because they don't want to extend the domain any further, which makes sense. Any suggestions on how to authenticate to active directory through adfs with the application being on the perimeter

Answer 1

There is a free and well known e-book on federated authentication from the Patterns & Practices group, Claims based identity and access control

https://msdn.microsoft.com/en-us/library/ff423674.aspx

The book covers all you need to set up federated applications, write federated clients and servers and much more. When you are done with reading, come back with more specific questions.