Setting up AAA – authentication and authorization
The AAA feature allows us to set up NetScaler as an authentication point in front of different Web-services. This might be Microsoft Exchange, Microsoft SharePoint, or any other load-balanced web service where we want to define NetScaler to do the initial authentication using an AAA vServer and then do an SSO backend to the resource, as shown in the next screenshot:
We can also define within NetScaler what the user is allowed to access on the backed resource using the authorization module, where we can restrict for instance access to PDF files based upon an expression.
Now we can create an AAA vServer that the users are redirected to. Go into the AAA – Application Traffic pane, click on Virtual Servers, and click Add.
Here under the settings we need to enter a name, IP-address, and port number. By default, it is set to SSL and 443. We also have an optional parameter: authentication domain. Here we need to enter the FQDN of the AAA vServer if...
