How to use IIS as a trusted proxy for ActiveDirectory SSO?
- by brofield
I'm trying to add Active Directory single-sign-on support to an existing SOAP server. The server can be configured to accept a trusted reverse-proxy and use the X-Remote-User HTTP header for the authenticated user. I want to configure IIS to be the trusted proxy for this service, so that it handles all of the Active Directory authentication for the SOAP server.
Basically IIS would have to accept HTTP connections on port X and URL Y, do all the authentication, and then proxy the connection to a different server (most likely the same X and Y).
Unfortunately, I have no knowledge of IIS or AD (so I am trying my best to learn enough to build this solution) so please be gentle. I would assume that this is not an uncommon scenario, so is there some easy way to do this?
Is this sort of functionality built into IIS or do I need to build some sort of IIS proxy program myself?
Is there a better option for getting the authentication done and the X-Remote-User HTTP header set than requiring IIS?