Perhaps you’re working with another Web Access Management (WAM) product and want to disable local realm authentication in AD FS 2.0. To do this, the web.config needs to modified and the appropriate sections commented out.
<add name=”Integrated” page=”auth/integrated/” />
<add name=”Forms” page=”FormsSignIn.aspx” />
<add name=”TlsClient” page=”auth/sslclient/” />
<add name=”Basic” page=”auth/basic/” />
Wrap the above section with comments <!—and –-> to disable the listed authentication types. With all types commented out, AD FS will no longer authenticate users and will forward all requests to any configured claims providers.
Why do this? You may want to use AD FS as a broker, passing traffic between WS-* / WIF applications and an upstream WAM solution (e.g. Shibboleth, OpenAM etc.), making AD FS a SAML 2.0 Service Provider (SP) as part of this process.