Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

User profile for user: redparadox
redparadox Author
User level: Level 1
10 points

Issues with Safari and ADFS

I'm having an issue with Safari 8.0 and Microsoft ADFS 3.0. Whenever a user is redirected to the ADFS authentication portal, the page just "hangs" and never displays the authentication form. Eventually the connection will timeout and return just a generic "Safari Can't Open the Page". If you run Chrome on the same Mac, there are no issues with ADFS, so I'm convinced it is Safari specific. I have been able to duplicate the issue both on my iMac and MacBook Air.


The topic was discussed quite heavily in this thread: https://social.msdn.microsoft.com/Forums/vstudio/en-US/af0ac0c0-fdc8-42aa-91f5-9 45a29eec333/adfs-20-web-sso-not-working-in-current-versions-of-safari-for-window s-or-ios?forum=Geneva


That thread was specific to ADFS 2.0 but it looks like the same problem still exists with Safari and ADFS 3.0. Several articles seem to point to cookie size limitations in Safari as the root cause of the issue. I can find no evidence that the cookies are greater than 4K in size. I would rather not tell users that their only option is to run Chrome.


Ideas?

Posted on Oct 20, 2014 5:19 AM

Reply
Question marked as Best reply
User profile for user: Plural CRL
Plural CRL
User level: Level 1
8 points

Posted on Feb 11, 2015 6:06 AM

Hello,


Did you manage to solve this issue?


Within our organization we have only one mac with Safari 8 that can authenticate ond the ADFS, the other simple hangs like you say on your problem discription. I just can't figure out why that machine can's and the others not...


Other thing is, all our stations with Mac Osx 10.8.5 runs everything smoothly.

View in context
3 replies
Question marked as Best reply
User profile for user: Plural CRL
Plural CRL
User level: Level 1
8 points

Feb 11, 2015 6:06 AM in response to redparadox

Hello,


Did you manage to solve this issue?


Within our organization we have only one mac with Safari 8 that can authenticate ond the ADFS, the other simple hangs like you say on your problem discription. I just can't figure out why that machine can's and the others not...


Other thing is, all our stations with Mac Osx 10.8.5 runs everything smoothly.

Reply
User profile for user: Vexix
Vexix
User level: Level 1
0 points

Sep 10, 2015 11:31 PM in response to redparadox

Hi


ADFS3.0 has increased security features (increased ssl cert security) which might affect to phone usage plus there might be missing user-agent issues also.


For ssl cert (do in every ADFS server):

Command prompt with admin permissions: netsh http show sslcert

Search right certhash and appid values.

Command prompt with admin permissions: netsh http add sslcert ipport=0.0.0.0:443 certhash=*insertcerthashherewithoutasterisk* appid="{*insertappidherewithoutasterisk*}"


Restart ADFS services on all ADFS servers.


For user agent issues (do in every ADFS server):

http://jackstromberg.com/2014/03/adfs-v3-on-server-2012-r2-allow-chrome-to-autom atically-sign-in-internally/


(You have to know the right user-agent what must be added. Might be Mozilla/5.0 but I'm not sure.)


Restart ADFS services on all ADFS servers.

Reply

Issues with Safari and ADFS

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple ID.
Learn more Sign up