Protect a web application from unwanted access using PingAccess.
Prerequisites
Before configuring your PingAccess deployment to protect a web application:
- Install and run PingAccess. See Installing and Uninstalling PingAccess for the full procedure.
- Configure a token provider. The procedures vary depending on the token provider. For more information, see:
Steps
Protecting a web application involves:
- Configure a virtual host – A virtual host represents the external face of the site you will protect.
- Configure a site – A site contains the internal details of the site you will protect, including its actual location.
- Configure a web session – A web session defines the details of how user credential information is retained. This lets the token provider authenticate the user when it is required for a protected application.
- Configure a rule – Rules control who can access what content under what circumstances.
- Configure an identity mapping – An identity mapping lets you share identity information with the protected application as headers.
- Configure an application – An application joins the other pieces together, giving users access to the site according to the configured rules.