ALERT! The community will be read-only starting on April 19, 8am Pacific as the migration begins. Read more for important details.
ALERT! The community will be read-only starting on April 19, 8am Pacific as the migration begins.Read more for important details.
Commander
Commander
427 views

After authenticated to NAM, Windows Authentication coming up


Hello NG

I have a reverse proxy where i configured on NAM. The contract is Secure
Username/Password Form. Now when I authenticate to NAM and select this
specific reverse Proxy, I get a Windows Authentication window from
webserver. How I can forward the credentials to the Windows
Authentication popup, so that SSO can be used there?

regards
Ramon


--
RamonLustrati
------------------------------------------------------------------------
RamonLustrati's Profile: https://forums.netiq.com/member.php?userid=798
View this thread: https://forums.netiq.com/showthread.php?t=53811

0 Likes
1 Reply
Knowledge Partner Knowledge Partner
Knowledge Partner

RamonLustrati wrote:

>
> I have a reverse proxy where i configured on NAM. The contract is Secure
> Username/Password Form. Now when I authenticate to NAM and select this
> specific reverse Proxy, I get a Windows Authentication window from
> webserver. How I can forward the credentials to the Windows
> Authentication popup, so that SSO can be used there?


This really varies depending on the web app in question and the way the user's browser is configured.
Verify that the windows authentication is expecting (for example confirm if that it expects Kerberos and not NTLM.)

You need to configure one of the following:

a. Configure web app to support Form based login and configure a Form Fill policy.
b. Configure web app to support authentication based on a HTTP header and configure an Identity Injection policy.
b. Verify that the windows authentication is Kerberos and not NTLM. Then configure your (windows based) access gateway to support Kerberos Constrained Delegation and Inject a kerberos token.
c. Configure the web app to support federation (via SAML or WS-Fed) and use NAM as an Identity Provider.
Alex McHugh - Knowledge Partner - Stavanger, Norway
Who are the Knowledge Partners
If you appreciate my comments, please click the Like button.
If I have resolved your issue, please click the Accept as Solution button.
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.