We need to implement seamless SSO with ADFS SAML 2.0 using OpenSSO & we plan to go with IdP initiated GET binding. The user in client network will log in to ADFS with Windows credentials once every morning. Thereon, whenever he accesses our application hosted in SaaS environment (different network/domain than that of the client), he should not be prompted for login credentials.
The SSO Profiles supported by SAML 2.0 (including IdP initiated) require the user to enter credentials (on ADFS login page) whenever the request goes to ADFS for authentication.
Is it possible to prevent ADFS prompt from authentication? If so, How can this be achieved?