Cisco Cisco Content Security Management Appliance M160 Guía Del Usuario
14-55
AsyncOS 10.0 for Cisco Content Security Management Appliances User Guide
Chapter 14 Common Administrative Tasks
SSO Using SAML 2.0
SAML 2.0 SSO Workflow
Workflow
1.
The end user uses a web browser to request a resource from the service provider (your appliance).
For example, the end user clicks on the spam quarantine link in a spam notification.
For example, the end user clicks on the spam quarantine link in a spam notification.
2.
The service provider redirects the request to the web browser with SAML authentication request.
3.
The web browser relays the SAML authentication request to the identity provider.
4.
The identity provider authenticates the end user. The identity provider displays a login page to the
end user and the end user logs in.
end user and the end user logs in.
5.
The identity provider generates the SAML assertion and sends it back to the web browser.
6.
The web browser relays the SAML assertion to the service provider.
7.
The service provider grants access to the requested resource.
Web Browser
Service Provider (SP)
Identity Provider (IdP)
User requests for a resource (for
example, EUQ)
1
SP redirects to IdP with SAML
authentication request
2
Browser sends SAML authentication
request to IdP
3
IdP authenticates the user
4
IdP redirects to SP with SAML
assertion
5
SAML assertion
6
SP provides access to the requested
resource
7