The IAM Loginapp must necessarily be placed behind an Airlock Gateway or Airlock Microgateway. It is configured as back-end application that is allowed to authenticate sessions.
This applies to both Loginapp (JSP) and the Loginapp REST API.
Each of the Airlock IAM modules (i.e. Loginapp or Adminapp) may be used with a single Airlock Microgateway mapping.
- However, multiple mappings are required in the following situations:
- Two or three mappings are required if the Airlock Microgateway's API Enforcement feature is used to protect IAM's Loginapp REST API (enhances security).
- Two mappings are required if client certificate authentication is mixed with form-based authentication in one virtual host (domain).