Configuring form-fill applications in Cloud Access Manager
Configuring form-fill applications in Cloud Access Manager
Learn how to configure form-fill applications in Cloud Access Manager (CAM), a web-access management solution from Dell Security that offers secure and unified access to all your internal and cloud-based web applications.
Welcome to this video on configuring form fill applications using Cloud Access Manager. Form-fill authentication is one of many ways applications can be configured to authenticate their users. It's, quote unquote, "one of the legacy types of authentication methods, which can also include header injection, windows, or basic authentication, when compared to more modern, federation-type authentication, such as SAML or Windows Federation."
But there are a ton of applications out there that's been built using form-fill authentication. So what we're going to do in the next few minutes is configure one example using form-fill application. So I've logged into my Cloud Access Manager web portal interface. I'm going to go ahead and click on Cloud Access Manager Administration.
And I don't have any applications configured right now. So we're going to configure a new application. Now, Cloud Access Manager by default ships with a number of templates that you can use to connect to the applications that you see here on the screen. They use various types of authentication. Obviously, some of them may be SAML, Windows Federation, or even form-fill or other types of authentication.
But for our purposes today, I'm going to actually walk you through the steps manually to configure a form-fill application. And the example will use will be Evernote. So again, we're going to click on Form-Fill. And we're going to click Next.
The instructions on this screen is basically asking us to browse over to the site we want to provide single sign-on into. And in our example, it's Evernote. And then also, it's asking us to copy this Inspect login form utility to our bookmarks toolbar, which I've already done.
So let's go ahead and browse to Evernote. And I want to be on the sign-in page, because that the login page. I'm going to grab this login page address and paste it in here. As a matter of fact, I don't really need the after action question mark. I'm going to get rid of all of that. This should take me to the exact same place.
Will go ahead and click Go. And when we are on the login page, we'll click on the Inspect Login form so that the utility shows up. And basically, it read the HTML. It's telling me that blue is blue, green is green, and orange is orange. If it's not reading it correctly or if I want to make sure 100% that this is the right field, I could say Change, Go, click on the field. And again, the color matching will tell me exactly what the fields are.
We'll go ahead and save. This will take us back to Cloud Access Manager. We can configure external access, proxy or not proxy the application. The idea here is if we have an internal application that needs to be accessed by users or employees from outside the network, we can reverse-proxy the application so that users don't have to VPN back into the network to access the application. There's a lot of useful use cases for that.
We're going to go ahead and click Next here. The only thing I'm going to do on this screen is put a slight delay so that we see the username password being replayed for us when we are done with the wizard. We'll go ahead and click Next. This is the login.
So we're going to proxy the application. So we need to tell the interface here what's going to be the URL, the reverse proxy URL that will be translated from Evernote to whatever it is that we come up with. And I do have a wildcard DNS entry. So all I need to do here for the address is give it the first variable in this wildcard. And we'll say Evernote. So it will be evernote.webapps.dellsoftware.sharepoint.com, which will equal to evernote.com.
Go ahead and click Next. Who will get access to the application? By default, if I leave this empty, all users will get access. But if I want it to be granular in who gets access to the application, I could start moving roles from the right-hand side to the left-hand side. I'm going to keep it empty. And for the application name, we'll say Evernote.
And we'll go ahead and click Next. Now we can go out and fetch the application URL or the application icon, see if it-- sometimes it renders and sometimes it doesn't. If it doesn't, you can choose your own file in here. I'm going to make sure that this is the right address, as well. The URL is this.
We can put this in a specific section when, as we build applications, basically, we're going to have a lot of icons on the screen. So we may want to logically kind of organize them in specific sections. Right now, I don't have anything going on, so I'll just put it in section Application. And we'll go ahead and click on Finish.
So we just configured a form-fill application. Let's go ahead and test it out. Just going to launch the browser one more time. Let me log in. I don't think I typed "administrator" correctly. Administrator. OK.
All right. So we see Evernote in here now. We're going to go ahead and click on it. This should take us to the login screen. Notice the URL is evernote.webapps.dellsoftware.sharepoint.com. So we kind of took over through a reverse proxy URL. I'm going to provide my credentials. This will be the one and only time I provide my credentials, the first time I hit the application.
OK. And I should be logging in now. I'm logged in. Let's go ahead and exit out.
A couple ways to confirm that this actually worked. You could click on the application, and you'll see the password being replayed in front of you on the screen. And it's back in. Or you could just go and click on Navigate and look at the password wallet, make sure