System and method for pass-through authentication

摘要

A gateway device comprising a processor and a memory, the processor is configured to receive a login operation request from an external endpoint, the login operation request including a user identifier and user login credentials of a user. The processor is also configured to construct an authentication request including the user identifier and the user login credentials and transmit the authentication request to an internal directory service. The processor is further configured to receive an authentication response from the internal directory service, the authentication response including an authentication identifier for the user, and store the authentication identifier in the memory, the authentication identifier for use by the processor in pass-through impersonation of the user.

主权项

1. A gateway device comprising a processor and a memory, the processor is configured to:
receive a login operation request from an external endpoint, the login operation request including a user identifier and user login credentials of a user; construct an authentication request including the user identifier and the user login credentials; transmit the authentication request to an internal directory service; receive an authentication response from the internal directory service, the authentication response including an authentication identifier for the user; store the authentication identifier in the memory without transmitting the authentication identifier to the external endpoint; and initiate a resource operation with an internal resource, the resource operation including the gateway device authenticating as the user using the authentication identifier, the gateway device resides in an internal network, the endpoint resides in an external network separated from the internal network such that the endpoint is restricted from performing the authentication request directly with the directory service.