Preparing for authentication to application servers in IAG
Applies To: Intelligent Application Gateway (IAG)
Whale Communications Intelligent Application Gateway (IAG) 2007 can publish applications and authenticate users to verify their identity before allowing them to access a published application. In addition, IAG provides single sign-on that enables a user with a domain account to log on to the network once by using a password or smart card and to gain access to any published application. Single sign-on can be performed using:
Basic authentication or HTTP forms-based authentication
Kerberos constrained delegation—IAG supports the use of Kerberos constrained delegation to authenticate users after IAG has verified their identity by using a non-Kerberos authentication method. For more information, see Configuring Kerberos constrained delegation with IAG SP2. If you are running IAG with Service Pack 1 only, see Configuring Kerberos constrained delegation with IAG SP1.
You configure single sign-on in the Web settings tab of the application properties in the trunk used to publish the application. For instructions, see "Configuring authentication to published servers" in Configuring the properties of applications published by IAG.