You are designing an Azure web application.
All users must authenticate by using Active Directory Domain Services (AD DS) credentials.
You need to recommend an approach to enable single sign-on to the application for domainauthenticated users.
Which two actions should you recommend? Each correct answer presents part of the solution.
A.
Use Forms authentication to generate claims.
B.
Use the SQL membership provider in the web application.
C.
Use Windows Identity Foundation in the web application.
D.
Use Active Directory Federation Services (AD FS) to generate claims.
Explanation:
What is Windows Identity Foundation?
https://msdn.microsoft.com/en-us/library/ee748475.aspxDirSync with Single Sign-On
https://msdn.microsoft.com/en-us/library/azure/dn441213.aspx
Given answers are correct: Check from book – Page 165 – Architecting Microsoft Azure Solutions.
———————————————————
In Visual Studio 2013, when you create the Web API application, there is a Change Authentication option. The two options that you want to look at are Organizational Accounts and Windows Authentication.
If the application being developed is for your company Intranet only, use Windows Authentication.Intranet applications can also use the Organizational Account option and then
set the authentication to be On-Premises. This will tie in to the on-premises Active Directory and perform similar to the Windows Authentication.
The On-Premises option uses Windows Identity Foundation (WIF) instead of the standard Windows Authentication module. WIF allows access to query directory data and configure applications access in Active Directory.