You can configure Web Reverse Proxy service to use Access Point with VMware Identity Manager.
Requirements for Access Point deployment with VMware Identity manager.
VMware Identity Manager service must have fully qualified domain name (FQDN) as hostname.
Access Point must use internal DNS. This means that the proxyDestination URL must use FQDN.
- In the admin UI Configure Manually section, click Select.
- In the General Settings > Edge Service Settings line, click Show.
- Click the Reverse Proxy Settings gearbox icon.
- In the Reverse Proxy Settings page, change NO to YES to enable reverse proxy.
- Configure the following edge service settings resources for Horizon.
The edge service identifier is set to WEB_REVERSE_PROXY.
Proxy Destination URL
Enter the address of the VMware Identity Manager server. For example, enter as https://vmwareidentitymgr.example.com.
Proxy Destination URL Thumbprints
Enter a comma-separated list of acceptable SSL server certificate thumbprints for the proxyDestination Url. If you include the wildcard *, any certificate is allowed. This is a colon-separated list of thumbprints. A thumbprint is in the format [alg=]xx:xx, where alg can be sha1, the default or md5. The 'xx' are hexicdecimal digits. For example, sha=C3:89:A2:19:DC:7A:48:2B:85:1C:81:EC:5E:8F:6A:3C:33:F2:95:C3
If you do not configure the thumbprints, the server certificates must be issued by a trusted CA.
Enter the matching URI paths that forward to the destination URL. For example, enter as (/|/SAAS(.*)|/hc(.*)|/web(.*)|/catalog-portal(.*)).
- To configure other advanced settings, click More.
The default is to use pass-through authentication of the user name and password. The authentication methods you configured in Access Point are listed in the drop-down menus. The authentication methods you configured in Access Point are listed in the drop-down menu.
Health Check URL
If a load balancer is configured, enter the URL that the load balancer uses to connect and check the health of the Access Point appliance.
Enter the name of the SAML service provider for the WRONG WRONG WRONG tip
Enter the code generated by VMware Identity Manager service and imported into Access Point to set up trust between VMware Identity Manager and Access Point.
- Click Save.