Cisco Cisco Web Security Appliance S170 Guía Del Usuario
8-2
Cisco AsyncOS for Web User Guide
Chapter 8 SaaS Access Control
Authenticate SaaS Users
Authenticate SaaS Users
Step 1
Configure the “PasswordProtectedTransport” value when you create a SaaS Application Authentication
Policy using the Authentication Context setting
Policy using the Authentication Context setting
Step 2
Choose “Automatic” as the Authentication Context setting.
Related topics
•
Certificates and Keys
When the browser prompts users to authenticate, the browser sends the authentication credentials to the
Web Proxy using a secure HTTPS connection. The appliance uses its own certificate and private key to
create an HTTPS connection with the client by default. Most browsers will warn users that the certificate
is not valid. To prevent users from seeing the invalid certificate message, you can upload a certificate
and key pair your organization uses.
Web Proxy using a secure HTTPS connection. The appliance uses its own certificate and private key to
create an HTTPS connection with the client by default. Most browsers will warn users that the certificate
is not valid. To prevent users from seeing the invalid certificate message, you can upload a certificate
and key pair your organization uses.
Configuring the Appliance as an Identity Provider
When you configure the Web Security appliance as an identity provider, the settings you define apply to
all SaaS applications it communicates with. The Web Security appliance uses a certificate and key to
sign each SAML assertion it creates.
all SaaS applications it communicates with. The Web Security appliance uses a certificate and key to
sign each SAML assertion it creates.
Before You Begin
•
(Optional) Locate a certificate (PEM format) and key for signing SAML assertions.
•
Upload the certificate to each SaaS application.
Step 1
Choose Security Services > Identity Provider for SaaS page.
Step 2
Click Edit Settings.
Step 3
In the Identity Provider Domain Name field enter a virtual domain name.
Step 4
In the Identity Provider Entity ID field enter text (a URI format based string is recommended)
Step 5
Either upload or generate a certificate and key:
Step 3
Configure the SaaS application for single
sign-on.
sign-on.
Step 4
(Optional) Configuring multiple web
security appliances
security appliances