Sharefile SAML AD Authentication Fails on Chrome and Firefox

After configuring our ShareFile to integrate our AD accounts using AD FS 2.0 and SAML for login, we found several user could not log in with Chrome or Firefox.  They would go to the SAML login URL and then enter their correct AD credentials.  The login would then fail.  Using IE with the same credentials was successful.  After investigation, the issue was linked to AD FS 2.0 and Chrome/Firefox, not ShareFile.

The Solution below was found at http://exitcodezero.wordpress.com/2013/05/30/adfs-authentication-issues-with-chrome-and-firefox/

To correct the issues, disable Extended Protection in IIS on your ADFS server

  1. Open IIS Manager on your ADFS Server
  2. Expand your ADFS Server
  3. Expand Sites
  4. Expand Default Web Site
  5. Expand adfs
  6. Click to select ls
  7. Double-click Authentication 2013.05.30_adfs_auth_2
  8. Right-click Windows Authentication and select Advanced Settings… 2013.05.30_adfs_auth_3
  9. Set Extended Protection to Off 2013.05.30_adfs_auth_4
  10. Restart IIS or perform an iisreset