Cisco Cisco Content Security Management Appliance M1070 Mode D'Emploi

14-56

AsyncOS 10.0 for Cisco Content Security Management Appliances User Guide

Chapter 14 Common Administrative Tasks

SSO Using SAML 2.0

Guidelines and Limitations for SAML 2.0

•

Logout, page 14-56

•

General, page 14-56

•

Spam Quarantine Access for Administrators, page 14-56

Logout

When end users log out of Spam Quarantine, they are not logged out of other SAML 2.0 SSO enabled
applications.

General

You can configure only one instance of service provider and identity provider on Cisco Content Security
Management appliance.

Spam Quarantine Access for Administrators

If you are enabling SSO for Spam Quarantine, keep in mind that the administrators will no longer be
able to access the Spam Quarantine using the Spam Quarantine URL
(

http://<appliance_hostname>:<port>

). Administrators can access the Spam Quarantine using the

web interface (Email > Message Quarantine > Spam Quarantine).

How to Configure SSO for Spam Quarantine

Do This

More Info

Step 1

Review the prerequisites.

Prerequisites, page 14-57

Step 2

Configure your appliance as a service
provider.

Configure Cisco Content Security
Management Appliance as a Service
Provider, page 14-57

Step 3

[On IDP] Configure the identity provider to
work with your appliance.

Configure the Identity Provider to
Communicate with Cisco Content
Security Management Appliance,
page 14-59

Step 4

Configure identity provider settings on your
appliance.

Configure Identity Provider Settings
on Cisco Content Security
Management Appliance, page 14-60

Step 5

Enable SSO for Spam Quarantine on your
appliance.

Enable SSO for Spam Quarantine,
page 14-61

Step 6

Notify the end users about the new
authentication mechanism.