I am asked more and more often about how to create a solution for identities that can operate across multiple platforms, even non-Windows environments. Customers want a solution that is Internet-scalable, highly extensible, and has an identity access solution that is as secure as possible. In those cases I always consider the Active Directory Federation Services (AD FS) server role, which comes with the Microsoft Windows Server 2008 operating system. In the following sections I will give an overview of AD FS. The idea behind AD FS is to take advantage of single-sign-on (SSO) to authenticate a user to multiple Web applications over the entire life of a particular session. AD FS can accomplish this by ...