Authentication Chain with IWA Authentication Scheme Fallback to Form not happening PCs outside company domain
book
Article ID: 108650
calendar_today
Updated On:
Products
CA Single Sign On Secure Proxy Server (SiteMinder)CA Single Sign On SOA Security Manager (SiteMinder)CA Single Sign-On
Issue/Introduction
We have set up Authentication chaining using Access Gateway on Windows, but in some configurations, the fallback form is not displayed and the "classic" Windows popup appears instead
If browser on a Domain PC, correctly configured for automatic login, then the fallback to form occurs as expected.
However, when the browser is not on a Domain PC that is configured for automatic login, the fallback to form does not occur, and a popup for credentials appears to the user.
How can we resolve this issue as we want the fallback to form to occur in all use cases?
Environment
CA Single Sign.On PS 12.7SP2 on Linux RH 7.5 CA Access Gateway 12.7SP2 on Linux RH 7.5 User Store is MS Active Directory
Resolution
Configuring web browser for automatic login is a pre-requisite, hence it is a must to configure the browsers on PCs for the fallback to form to occur. Please refer the documentation for further info https://docops.ca.com/ca-single-sign-on/12-7/en/configuring/ca-access-gateway-configuration/configure-ca-access-gateway-to-support-integrated-windows-authentication