Configure the Gateway for Kerberos Token-Based Authentication

Many organizations authenticate to a Windows environment as part of their overall security structure for internal users. Using the , you can extend the Kerberos framework to include identity and protocol mapping to other formats, such as SAML Tokens and client-based authentication (SSL certificates).
gateway94
Many organizations authenticate to a Windows environment as part of their overall security structure for internal users. Using the
API Gateway
, you can extend the Kerberos framework to include identity and protocol mapping to other formats, such as SAML Tokens and client-based authentication (SSL certificates).
Contents:
Kerberos Workflow Diagram
Workflow Diagram - Kerberos
Workflow Diagram - Kerberos
  1. Initiate back and forth with KDC and TGS to produce a service ticket
  2. Present service ticket to SecureSpan Gateway for validation
  3. Request session from KDC
  4. Decrypts Service Ticket and initiates service request
  5. Two steps:
    1. Authentication initiated: 
      • Delegated Kerberos
      • SAML
      • Client Mutual Authentication
    2. Request sent through to back-end web services
  6. Response sent back to client through the Secure Span Gateway
Prerequisites
Before you configure Kerberos for use within the
API Gateway
, ensure that you have the following:
Configuration Workflow
Kerberos Workflow
Kerberos Workflow