I'm interesting about details on the new feature named Authentication Chaining.
Use Case: we have 4 AD domains + 1 LDAP as user-stores for all the applications to integrate with SSO and we would like implement the IWA for all the 4 AD domain before to fallback to the HTML Form authentication.
Idea: create an Authentication chain with 4 Windows Authentication Schemes (one for each AD domain) and finally the HTML Form Authentication Scheme for the fallback.
may you elaborate a little more your answer?
I understood to use Authentication Chain feature I need CA Access Gateway and the CA SSO
Or I have to create 4 Authentication Chain objects with the pair Domain X + fallback Form-based:
Thanks and regards,
Based on documentation/Prerequistes
Number 2 - Add CA Access Gateway host as a member of domain host for the Windows domain controller.
Yes based on prerequisites
CA Access Gateway server 1 member of Domain A - Windows Authentication on Domain A + fallback scheme to Form-based
CA Access Gateway server 2 member of Domain B -Windows Authentication on Domain B + fallback scheme to Form-based
CA Access Gateway server 3 member of Domain C - Windows Authentication on Domain C + fallback scheme to Form-based
CA Access Gateway server 4 member of Domain D - Windows Authentication on Domain D + fallback scheme to Form-based