Skip to Content
author's profile photo Former Member
Former Member

Web Dispatcher with Windows Intgrated Authentication

Hello,

We are setting up the relay of Browser ==> IISProxy ==> Web Dispatcher ==> Cluster. We plan to use Windows Integrated Authentication and terminate the SSL connection at the IIS. We are wondering how smoothly this will go as we have read differences in the order between IISProxy and WebDispatcher (in these forums) and have found nothing on the combination with SSL. I assume that the IISProxy will encrypt, authenticate, provide the cookie and then forward the request to the Web Dispatcher for further routing to the cluster.

Needless to say, has anyone done this successfully? Can anyone provide information, warnings, caveats, etc... so that we can decide to use the Web Dispatcher or another software-based NLB solution. We understand the technical benefits - especially in an SAP shop, but if there are richer features for authentication in latter releases we may consider putting it on hold and going with a known solution.

We have seen some appliances that can perform the SSL termination, 3rd party authentication, etc, etc,... are there any plans for the Web Dispatcher to be able to perform the authentication with windows (NTLM or Kerberos)?

All of the other features are grat and a breeze to work with however authentication on the MS domain is a must here and it may be the missing functionality.

Thanks and kind regards,

Judson

Add a comment
10|10000 characters needed characters exceeded

Related questions

1 Answer

  • Posted on Oct 14, 2005 at 08:17 PM

    Hi Judson,

    currently there is no plan to enhance web dispatcher into that direction. Instead we started to work together with network technology providers to offer the funtcionality of web dispatcher together with additional security and authentication stuff.

    network is not our business, so there are no plans to boldly go into that direction. Because of that such combinations like authentication with wd are sometimes hard to do.

    If you want a tip for the future I'd say, what you will see is boxes that have everything in there and two plugs for the internet and the sap network -everything else (firewalls, authentication, load balancing with automatic recognition of the sap cluster) would be in the box.

    Regards,

    Benny

    Add a comment
    10|10000 characters needed characters exceeded

    • Former Member

      Hi Benny,

      What a wonderful dream, I eagerly await that future. But until then we can work with what we have today.

      If there is an influence channel, see if they can throw in SSL Acceleration/Offloading 😊

      Thank you kindly for the information and your thoughts.

      Warm regards,

      Judson

Before answering

You should only submit an answer when you are proposing a solution to the poster's problem. If you want the poster to clarify the question or provide more information, please leave a comment instead, requesting additional details. When answering, please include specifics, such as step-by-step instructions, context for the solution, and links to useful resources. Also, please make sure that you answer complies with our Rules of Engagement.
You must be Logged in to submit an answer.

Up to 10 attachments (including images) can be used with a maximum of 1.0 MB each and 10.5 MB total.