1. At first an anonymous user initiates a request to a secured SharePoint page.
2. SharePoint server redirects the user to the AD FS server to obtain a SAML-based login page for user credentials.
3. The user types the credentials and the client computer sends them to the AD FS server with a request for a SAML security token.
4. The AD FS server validates the user credentials against the identity provider AD DS.
5. The AD FS construct the SAML security token, signs it and sends it to the client computer.
6. The client computer sends a new request to the webpage and this time it includes the SAML token.
7. The Security Token Service on the SharePoint server creates a claims based security token and stores it with the distributed cache service on the SharePoint farm. Claims in the security token are based on to the claims in the SAML security token from AD FS, SharePoint sever is then created and sends a federated authentication cookie to the client computer, this cookie contains an encrypted key of the security token. If the user is authorized to access the requested webpage through analysis of the claims in the security token then SharePoint sends the contents of the page.
For more information about other authentication types check my other posts:
Happy coding...
Diagrams source: Microsoft Technet