WS-Fed Endpoint usernamemixed

[joelhaslerfhnw]

Hi

We currently use ADFS 3.0 as a «protocol Gateway» to authenticate SharePoint 2013 against our SAML2-based Identity Provider (Shibboleth). We are investigating if we can replace the ADFS Server with a solution based on IdentityServer3 with the WS-Federation plugin together with Kentor Authentication Services (https://github.com/KentorIT/authservices).
In our Proof of Concept Environment 95% woks like a charm, but there is one simple part missing so that we can replace ADFS definitely.
We use a special endpoint from ADFS (/adfs/services/trust/13/usernamemixed) to get a SAML Token based on Username and Password from the Identity Provider "Active Directory". We need this in SharePoint to be able to get the current user context in a web service, because with ADFS and SharePoint by default the impersonation will be done with the IUSER and not with the current logged in user.
Do you know if this can also be implemented in IdentityServer3?

Many Thanks for your help.
Cheers, Joël

[leastprivilege]

That's a WS-Trust endpoint. We don't support that - and it cannot easily be added.

[joelhaslerfhnw]

thanks you very much for the fast answer! But it is possible to add the functionality, it is just a question of time, priority and of course money?

[leastprivilege]

Everything is a question of money ;)