Versions Compared

Version Old Version 3 New Version 4
Changes made by

Silvan Grüter

Silvan Grüter

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Introduction

The CoreOne Suite offers the possibility of Integrated Windows Authentication (IWA). This allows the user to log in automatically to any SSO application without the need of entering their Windows credentials. The credentials are passed from the Windows authentication directly to the web server and the user will have seamless SSO experience. This article describes how to configure IWA.

Preconditions

  • The user must be logged into a domain joined client

  • The web server must be joined to the same domain as the client

Step 1 - SSO - Authentication level & Method

Navigate to the menu entry SSO, click on Authentication level, then select the Authentication Level you want to add the Integrated Windows Authentication.

...

In thetab Authentication method, add a new entry and select Windows Authentication

Step 2 - Target System settings

Navigate to the menu entry System Configuration, click on Target Systems, then select the active directory target system you want to add the Integrated Windows Authentication.

...

Open the tab System Feature and activate the function Authentication Provider active.

Step 3 - Identity Type settings

Navigate to the menu entry Identity Management, click on Identity Types, then select the identity type for whom you want to add the Integrated Windows Authentication.

In the tab Identity Type Features activate the function Authentication Provider active.

Step 4 - Identity Provisioning Configuration

Navigate to the menu entry Identity Management, click on Identity Provisioning Configurations.

Make sure the CoreOne Suite Account and the provisioning configuration where you want to use Integrated Windows Authentication have different Usernames.
For the Active Directory this means the Sam-Account-Name has to be different than the Username of the CoreOne Suite Account.

Sept 4 - IIS Settings

Enable Windows Authentication in IIS for the site where the CoreOne Authentication Service according to this link: https://docs.microsoft.com/en-us/iis/configuration/system.webserver/security/authentication/windowsauthentication/

...