Restrict access to the Web application's mapping

Restrict access to the Web application's mapping

To secure the back-end server, the Web application's mapping has to be restricted to authenticated users only.

Procedure-related prerequisites

●
Configuration takes place in Airlock Gateway.

●
You need to be logged in as admin in the Airlock Gateway Configuration Center.

Instruction

1.
Go to: Application Firewall >> Reverse Proxy.
2.
Edit the Web application's mapping.
3.
Change to the Access tab.
4.
Enter the role under Access restrictions >> Restricted to Roles.

-
Restricted to Roles: authenticated

This role is set by Airlock IAM after successful authentication.

5.
Select Authentication flow One-Shot.
6.
Configure Denied access URL to /auth/login-oneshot
7.
Under Credential Propagation >> SSO credential propagation, select Kerberos.
8.
Enable the checkbox Credential mandatory.

Further information and links

●
KB - Verify Host Header sent corresponds to the IIS configuration