Enabling UPN logon for forms-based authentication to IAG

Applies To: Intelligent Application Gateway (IAG)

Whale Communications Intelligent Application Gateway (IAG) 2007 Service Pack 2 allows end users to authenticate to the IAG portal and to application servers published through the portal by using form-based authentication with the following credentials: user principal name (UPN) and a password. Because the UPN of an end user is unique in a domain forest, the end user can authenticate to any application server within the forest without providing the domain as a credential.

When an end user authenticates to the IAG portal by using a client certificate (for example, a smart card) and then attempts to open an application that requires authentication, the UPN of that end user will be automatically displayed in the User name box, eliminating the need to manually type in the user name.

Enabling logon with UPN

Enable UPN logon as follows:

To enable UPN logon

1. Copy the file repository_for_upn.inc from the following location:

   ...\Whale-Com\e-Gap\von\InternalSite\samples

   Paste the file repository_for_upn.inc in the following custom folder; if it does not exist, create it:

   ...\Whale-Com\e-Gap\von\InternalSite\inc\CustomUpdate

2. Rename the file as follows:

   <Server_Name> .inc

   Where <Server_Name> is the name of the authentication server against which you wish to enable users to authenticate with their UPN.

   For example:

   If you named the server "AD_auth", name the file AD_auth.inc

3. Repeat steps 1 through 2 for all the authentication servers against which you wish to enable users to authenticate with their UPN.