If Airlock Gateway is not used for authentication enforcement, this chapter can be skipped.
Why authentication enforcement should be configured
Airlock Gateway has the ability to protect back-end applications from unauthorized access. This functionality is called authentication enforcement. For this purpose, Airlock Gateway is used in combination with Airlock IAM. Airlock Gateway makes sure that the users are authenticated against Airlock IAM and perform a sign-in on their behalf on the back-end application.
The following sections describe how authentication enforcement is configured for Outlook Web Access. The chapters illustrate a setup that uses Basic Authentication between Airlock WAF and the back-end application (called Identity Propagation).
If using different authentication mechanisms, just adapt the mentioned settings. This applies for Airlock Gateway, Airlock IAM and/or the back-end server.
Chapter-related warnings
Depending on the scope of the current Airlock Gateway or IAM license, it could also be required to upgrade or change the licensing for new authentication features, e.g. for back-side Kerberos SSO, front-side Kerberos, etc.
Chapter-related prerequisites
- The previously described configuration steps have been carried out.
- Configuration takes place in Airlock Gateway.
- You must be logged in as an admin in the Airlock Gateway Configuration Center.