The Airlock Gateway (WAF) acts as Access Policy Enforcement Point, i.e. it decides for each request, whether the user (technically: the corresponding session) may access an application or not.
Required information
To do so, it needs the following information:
- Target Applications
- what roles are required to access an application
- what to do, if access is not granted: In this case, the user's browser is redirected to Airlock IAM
Applied to the above example scenario, the Airlock Gateway (WAF) roughly holds the following access policy information:
Application | Required Role |
---|---|
Public Portal | - |
Customer Portal | customer |
Admin Portal | admin |
Airlock Gateway (WAF) configuration
The above information is stored in the Airlock Gateway (WAF)'s mapping configuration.
Please refer to the mapping part in the Airlock Gateway (WAF) online manual (available in the Gateway (WAF) management center web application and online on the Techzone).