How it works...
Web Application Proxies can be used to publish the AD FS farm on the internet safely. For authentication requests toward the AD FS farm from the internet, the Web Application Proxy functions as a reverse proxy for the AD FS servers, terminating the connection yet relaying the authentication requests to the AD FS servers.
When an authentication request comes in via a Web Application Proxy, the insidecorporatenetwork claim is set to false. This claim is leveraged in AD FS control access policies to distinguish between outside and inside clients. Using a configured MFA adapter, admins can require multifactor authentication for outside clients using the built-in access control policy.
Web Application Proxies have a certificate-based ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access