This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements

SecurID® Discussions

Browse the SecurID discussion board to get product help and collaborate with other SecurID users.
RobertMcNair
Beginner
Beginner
‎2020-03-11 11:24 AM

RSA Authentication Agent 8.0 for Web for IIS

Jump to solution

#

My company has SecureID Authentication Manager 8 with hardware tokens and needs to add Web IIS two-factor authentication

We are researching your RSA Authentication Agent 8.0 for Web for IIS as a possible solution.

We have both MS IIS servers hosting web pages and other 3rd party Venders on dedicated servers with web access using AD authentication with user names and password.

 

My question is this:

 

In your documentation: The RSA Authentication Agent 8.0 for Web for IIS Installation and Configuration Guide

Chapter 1 Types of User Access

Allow users access to URLs “on other servers” that the Web Agent protects in the same domain or in multiple domains

 

Does this statement indicate that I can use you Web Agent and RSA token with AD authentication to provide two-factor authentication to the 3rd party web access?

Labels (1)
Labels
Preview file
1023 KB
0 Likes
Reply
1 Solution

Accepted Solutions
EdwardDavis
Employee
Employee
In response to RobertMcNair
‎2020-03-11 12:47 PM

Jump to solution

An RSA web agent that understands 'domain cookies', like IIS or Apache agent. There are separate things done with SSO and apps the agent is 'aware' of like Sharepoint (the docs discuss this). To go deeper into your specific setup and needs should open a support case, rather than leak private details here on the public forums, or go too far in a technical discussion. This way we can get your exact setup and needs and work on specific ideas or plans.

View solution in original post

Reply
4 Replies
EdwardDavis
Employee
Employee
‎2020-03-11 12:33 PM

Jump to solution

It means if both web sites use RSA agent for web, authenticating on one, then being redirected to another protected web site, the agent on the target site reads a cookie and sees the user is still authenticated and not expired, and lets them in without needing to retype a new passcode.

Reply
RobertMcNair
Beginner
Beginner
In response to EdwardDavis
‎2020-03-11 12:42 PM

Jump to solution

So what is the architecture for this scenario?

 

I assume the Web Client must be installed on the AD Servers, MS Web Hosting Server and 3rd party Web hosting server.

 

Robert McNair

UC Engineer

Enterprise Voice Services

Office 301-225-4194

DSN 312-375-4194

VoSIP 302-375-4990

Cell 443-758-7859

0 Likes
Reply
EdwardDavis
Employee
Employee
In response to RobertMcNair
‎2020-03-11 12:47 PM

Jump to solution

An RSA web agent that understands 'domain cookies', like IIS or Apache agent. There are separate things done with SSO and apps the agent is 'aware' of like Sharepoint (the docs discuss this). To go deeper into your specific setup and needs should open a support case, rather than leak private details here on the public forums, or go too far in a technical discussion. This way we can get your exact setup and needs and work on specific ideas or plans.

Reply
RobertMcNair
Beginner
Beginner
In response to EdwardDavis
‎2020-03-13 10:21 AM

Jump to solution

The Open a Support Case link is not working.

Is there a requirement on my account for this to work?

 

Robert McNair

UC Engineer

DoD Enterprise VoIP Branch (SE53)

Office 301-225-4194

DSN 312-375-4194

VoSIP 302-375-4990

Cell 443-758-7859

0 Likes
Reply
© 2023 RSA Security LLC or its affiliates. All rights reserved.