Modern web applications typically use OAuth or OpenID Connect to authenticate users, but older intranet applications often still rely on Integrated Windows Authentication (IWA) to deliver a single sign-on experience for users. The authentication protocol used for IWA is not always clear: IWA can use NTLM, Kerberos, or both, depending on how the application is configured. This ambiguity can become a problem when we try to migrate the application to Google Cloud and want to deploy it behind a l...
