You can protect a web application from unwanted access using PingAccess.
Before configuring your PingAccess deployment to protect a web application:
- PingAccess must be installed and running. See Installing and Uninstalling PingAccess for the full procedure.
- You must have a configured token provider. The procedures vary depending on the token provider. For more information, see:
- You must have installed an agent on the web server or servers that host the site you want to protect. For more information, see:
After you have completed the following steps, your web application is protected.
- Configure a virtual host – A virtual host represents the site you will protect and contains information about its location.
- Configure a web session – A web session defines the details of how user
credentialinformation is retained. This lets the token provider authenticate the user when it is required for a protected application. credential Information used to identify a subject for access purposes (for example, username and password). A credential can also be a certificate.
- Configure a rule – Rules control who can access what content under what circumstances.
- Configure an identity mapping – An identity mapping lets you share identity information with the protected application as headers.
- Configure an application – An application joins the other pieces together, giving users access to the application according to the configured rules.