|
|
|
The CA Federation Manager Agent for Windows Authentication lets users on systems implementing one of the Integrated Windows Authentication (IWA) protocols to federate with business partners.
When a user requests access to a protected resource, Federation Manager uses the log-on identity information from a third-party web access management (WAM) system for delegated authentication. Federation Manager redirects the request to the Federation Manager Windows Agent. The Federation Manager Windows Agent verifies the user identity, creates an open format cookie, and passes the cookie to Federation Manager. Federation Manager generates a SAML assertion and starts the federation process.
Note: See the Federation Manager Guide for information about delegated authentication.
IWA supports the Windows NT LAN Manager (NTLM) and Kerberos encryption protocols. On Windows systems, the Federation Manager Windows Agent can use NTLM or Kerberos. On UNIX systems, the Federation Manager Windows Agent can only use Kerberos.
The Federation Manager Windows Agent is installed on the same Windows or UNIX system that Federation Manager is installed on. The following restrictions apply:
| Copyright © 2012 CA. All rights reserved. |
|