The SSO details of my application is configured on Azure side. I got metadata and Certificate. Now how to use this on the tomcat side. One of my web application is running on tomcat and this web application is protected using this SSO.
Related
I have an internal web application (ASP.NET) that I want to expose to the internet, preferably thru Azure Application Proxy. The requirements are to use an existing external keycloak server for user authentication, the keycloak server is hosted separately from our Azure. I have read that Azure Application Proxy requires Azure AD ( not sure about this), but it is not clear if Azure AD can be connected/use an external Keycloak server.
My question is can Azure Application Proxy be made to work with an external KeyCloak service to authenticate and authorize users, or is there some other way to expose the internal web application to the internet with Azure and an external Keycloak server.
Using Azure is not a fix requirement, but it is preferred.
Using the external Keycloak server is required.
Thanks in advance for any help with this.
My web application needs windows authentication (Kerberos or NTLM) to manage authorization by Active Directory memberships.
I've configured my IIS web site with windows authentication only.
My web.config is configured with forwardWindowsAuthToken="true"
But how can I use my windows account in my C# MVC controllers?
I have connected an Azure VM with Azure AD Domain Services. I am trying to set up sso for IIS web app which authenticates users using Integrated Windows.
I have followed the guide to setup the Application Proxy and I am stuck at Delegating KCD. https://azure.microsoft.com/en-us/documentation/articles/active-directory-application-proxy-sso-using-kcd/
Has anyone tried to authenticate users with Integrated Windows Authentication via Azure AD SSO?
This is not possible as in Azure AD Domain Services you don't have access to the domain controller so you can't configure KCD for the connector.
Disclaimer - I worked in the App Proxy team :-)
I have a .NET data service that resides on a windows server using basic authentication. I have a custom proxy service set up in the ESB that points to my data service endpoint. When I access the data service through Internet Explorer it asks for my credentials as expected and everything works fine. However when I change the IIS to use Windows Integrated authentication for the data service I don't get a response. How do I get the ESB to handle the authentication handshake between my data service and the browser or any other application calling the data service?
"Windows Integrated authentication" do you mean kerberos ?. if so http://blog.facilelogin.com/2010/12/kerberos-authentication-with-wso2-esb.html might help you.
Regards,
/Nuwan
I have installed OpenAM (OpenSSO) to work with my liferay portal. So authentication for liferay is going now through the openam server. This works fine.
But now I want to secure my own application (EAR) deployed on my glassfish application server.
I can not find any example how to configure my web module to work with openam/opensso.
Can anybody help me how to configure my web application?
The usual approach is to install an OpenAM Policy Agent onto your Glassfish server. The policy agent will intercept all requests to glassfish before allowing them to be processed by the application server, forcing the user to authenticate first if they need to.
Once your policy agent is installed, you will be able to configure it to do many things. Restricting access to some or all URLs in your applications is the most obvious use. Protected applications can also access user details (such as UID or givenName) provided by the policy agent through HTTP headers.
The Glassfish agent is a J2EE policy agent. See here for configuring a J2EE policy agent in OpenAM:
http://openam.forgerock.org/doc/admin-guide/OpenAM-Admin-Guide/chap-agents.html#configure-j2ee-policy-agent
See here for installing the policy agent into Glassfish:
http://openam.forgerock.org/doc/agent-install-guide/OpenAM-Agent-Install-Guide/chap-glassfish.html