Hi Jason,
An alternative commercial option, which may be suitable for you, is to use
Microsoft ISA 2006 to authenticate to the IdP.
ISA can handle the AD authentication through its form based logon system and
this includes full support for changing passwords and handling expiry. ISA would
then integrate with IdP using the RemoteUser LoginHandler.
Thanks,
Steve
|