Information Technology Reference
In-Depth Information
FIGURE 3-50
The IPv4 Static Route dialog box
Web Application Proxy can be configured to do passthrough preauthentication without
requiring Active Directory Federation Services (AD FS) to publish applications. When Web
Application Proxy is used in pass-through mode, domain users who have authenticated to the
domain as part of their sign in on their computer can then access the application by passing
through their AD DS credentials. When configured this way, the applications can't take ad-
vantage of Workplace Join, Multi-Factor Authentication (MFA), or Multi-factor Access Control.
These features require AD FS. The flow for Web Application Proxy in passthrough mode is as
follows:
A client attempts to connect to a public resource URL for an application. This URL is a
public address that the Web Application Proxy listens on for HTTPS requests.
1.
2.
The Web Application Proxy passes the HTTPS request to the backend server hosting
the application via HTTP or HTTPS.
Optionally, the user authenticates directly to the backend server or application.
3.
4.
If the user successfully authenticates (or if no authentication is required), the client now
has access to the published application.
To publish an application using passthrough mode, follow these steps:
Open the Remote Access Management Console and click Web Application Proxy.
1.
Right-click Web Application Proxy and select Publish.
2.
Click Next. On the Preauthentication page of the Publish New Application Wizard, click
Pass-Through and then Next.
3.
