Deploying Federated Applications
Applies To: Windows Server 2003 R2
To deploy a federated Windows NT token–based application or claims-aware application in the resource partner organization, complete each of the tasks in Checklist: Installing a Windows NT token-based application or Checklist: Installing a claims-aware application.
Note
When you use this checklist, we strongly recommend that you first read the references to federated application planning in the ADFS Design Guide before continuing to the procedures for configuring the servers. Following the checklist in this way helps provide a better understanding of the full Active Directory Federation Services (ADFS) design and deployment story for federated applications.
The type of federated application that you choose to deploy will determine the type of ADFS Web Agent and setup tasks that you need to apply to your ADFS-enabled Web server. In other words, if your Web server will host only claims-aware applications, you install only the assemblies of the ADFS Web Agent that are used for claims-aware applications. For more information, see Identify the type of federated application to deploy.
About Windows NT token–based applications
A Windows NT token–based application is an Internet Information Services (IIS) application that has been written to use Windows native authorization mechanisms and that is not prepared to consume ADFS claims. Microsoft Windows® SharePoint® Services is one example of a Windows NT token–based application. You can configure Windows SharePoint Services, through ADFS, to provide access to SharePoint sites across the Internet.
About claims-aware applications
Claims are statements about a user, such as the user's e-mail address or job function. A claims-aware application is a Microsoft ASP.NET 2.0 application that has been written using the ADFS library and that is fully capable of using claims to make authorization decisions directly. A claims-aware application accepts claims that the Federation Service sends in ADFS security tokens.