We are still trying to get the integration working with ADFS. We have followed all the steps to import the ADFS Public certificate under idp_cert and we now have below error in the log trace
14.10.2013 17:11:22.811 *INFO* [10.10.100.147  GET /libs/cq/i18n/dict.en.json HTTP/1.1] org.apache.sling.auth.core.impl.SlingAuthenticator getAnonymousResolver: Anonymous access not allowed by configuration - requesting credentials 14.10.2013 17:11:22.812 *WARN* [10.10.100.147  GET /libs/cq/i18n/dict.en.json HTTP/1.1] com.adobe.granite.auth.saml.SamlAuthenticationHandler Private key of SP not provided: Cannot sign Authn request.
Below are the configurations in Adobe Granite SAML 2.0 Authentication Handler
Path : /
Service Ranking : 5002
IDP URL : http://<adfs-hostname>/adfs/services/trust ( Again is this the right POST URL for ADFS or should there be any parameters appended to this url, as at the moment we receive web page unavailable when we hit this url as it is )
Service Provider Entity ID : https://<adfs-hostname>
1) At ADFS Configure * Relaying party & make the nameid format used is same you configure in SAML authentication handler at AEM. * In the ADFS outgoing configure to pass uid (generally windows login name) & group.
2) At cq configure * Saml authentication handler. (Nameid, groupattribute, username attribute should match what is configured in ADFS) * Upload public certificate at /etc/key/saml/@idp_cert * Configure referer filter.
File a daycare if you need additional help. Because a simple wrong configure mistake can lead to looping problem in browser only.