Requirements of IWA

The following are the requirements for an application to use IWA:

• A Windows Server
• An Active Directory user store
• CI protected with IWA
• IWA Agent should be on the same domain.

Once all the requirements are fulfilled and the user enters the correct protected web application URL on the browser, the browser and the server uses IWA to authenticate the user. The CI IWA Authenticator implements the Negotiate protocol with Kerberos and NTLM single sign-on support. This allows users to browse a Windows intranet site without having to re-enter credentials. The authenticator integrates with Tomcat Realms and therefore allows you to protect select areas of the website.