Using Centrify with Active Directory Federation Services

Centrify for Apache in the Active Directory Federation Services environment authenticates users through interactions between the Account and Resource Federation Servers (AD FS 1.0) or relying party and claims provider trusts (AD FS 2.0). Centrify for Apache supports both claims-aware applications and traditional applications.

  • For claims-aware applications, Centrify for Apache validates and passes along any verified claims from the Web browser client to the application. Because the application has been designed to understand how to interpret the claims presented in the security token, the application itself decides on the level of service to provide to the client based on these claims presented.
  • For traditional applications that do not take advantage of the AD FS claims directly, Centrify for Apache provides custom Apache directives to control access to the application. For example, a page can be configured to require a specific group claim.

If you are using Active Directory Federation Services proceed to Installing Centrify for Apache to install the modules and test applications to support Active Directory AND Active Directory Federation Services. Confirm proper installation with the test applications and then go to the book Active Directory Federation Services Configuration Guide to complete the configuration.