Cisco Cisco Web Security Appliance S170 사용자 가이드
7-2
AsyncOS 8.6 for Cisco Web Security Appliances User Guide
Chapter 7 SaaS Access Control
Authenticate SaaS Users
Authenticate SaaS Users
Step 1
Configure the “PasswordProtectedTransport” value when you create a SaaS Application Authentication
Policy using the Authentication Context setting
Policy using the Authentication Context setting
Step 2
Choose “Automatic” as the Authentication Context setting.
Related topics
•
Certificates and Keys
When the browser prompts users to authenticate, the browser sends the authentication credentials to the
Web Proxy using a secure HTTPS connection. The appliance uses its own certificate and private key to
create an HTTPS connection with the client by default. Most browsers will warn users that the certificate
is not valid. To prevent users from seeing the invalid certificate message, you can upload a certificate
and key pair your organization uses.
Web Proxy using a secure HTTPS connection. The appliance uses its own certificate and private key to
create an HTTPS connection with the client by default. Most browsers will warn users that the certificate
is not valid. To prevent users from seeing the invalid certificate message, you can upload a certificate
and key pair your organization uses.
Configuring the Appliance as an Identity Provider
When you configure the Web Security appliance as an identity provider, the settings you define apply to
all SaaS applications it communicates with. The Web Security appliance uses a certificate and key to
sign each SAML assertion it creates.
all SaaS applications it communicates with. The Web Security appliance uses a certificate and key to
sign each SAML assertion it creates.
Before You Begin
•
(Optional) Locate a certificate (PEM format) and key for signing SAML assertions.
•
Upload the certificate to each SaaS application.
Step 1
Choose > Identity Provider for SaaS.
Step 2
Click Edit Settings.
Step 3
Check Enable SaaS Single Sign-on Service.
Step 4
Enter a virtual domain name in the Identity Provider Domain Name field.
Step 5
Enter a unique text identifier in the Identity Provider Entity ID field (a URI formatted string
is recommended).
is recommended).
Step 3
Configure the SaaS application for single
sign-on.
sign-on.
Step 4
(Optional) Configue multiple Web
Security appliances.
Security appliances.