B)SAML Based (ADFS) claims authentication
- Step 1: Assuming that the client computer does not already have a claims-based security token, SAML-based claims authentication occurs when it makes an initial anonymous request of a secured SharePoint web page.
- Step 2: The SharePoint server redirects the client computer to the AD FS server to obtain a SAML-based login page for user credentials.
- Step 3: The user types credentials and the client computer sends them to the AD FS server with a request for a SAML security token.
- Step 4: The AD FS server validates the sent credentials with the identity provider, which in this case is an AD DS domain controller.
- Step 5: The AD FS server constructs a SAML security token, signs it, and then sends it to the client computer.
- Step 6: The client computer sends a new request for the web page, this time it includes the SAML security token that it received from the AD FS server.
- Step 7: The Security Token Service on the SharePoint server then creates a claims-based security token and stores it with the Distributed Cache service on the SharePoint farm. Claims in this security token are based on the claims in the SAML security token from the AD FS server.