Cisco Cisco Unified MeetingPlace 7.0 빠른 설정 가이드
Configuring User Authentication for Cisco Unified MeetingPlace Web Conferencing
How to Configure Windows Integrated Authentication
18
•
If you are on a different domain, enter your Windows NT account user ID and password. You are
then authenticated to the Cisco Unified MeetingPlace Web Server and see the Welcome page with
your name displayed in firstname, lastname order. The Sign In link does not display.
then authenticated to the Cisco Unified MeetingPlace Web Server and see the Welcome page with
your name displayed in firstname, lastname order. The Sign In link does not display.
•
Only users authenticated by the Web Server can log in.
•
In IIS, the MPWeb/Scripts folder is set to Integrated Windows Authentication.
Troubleshooting Tips
If you configured your Web Server Home Page hostname by using an IP address or FQDN, you will be
prompted for your Windows login information even if you log in by using your domain Windows
account.
prompted for your Windows login information even if you log in by using your domain Windows
account.
See
in the
module for a workaround to this problem.
See
in the
module for information about configuring your Web Server Home Page
hostname.
Configuring SiteMinder for Use With Cisco Unified MeetingPlace Web
Conferencing
Conferencing
If your deployment includes the SiteMinder application for authentication and single-sign on support,
you will need to make the following changes to the SiteMinder configuration so that it can interoperate
properly with Cisco Unified MeetingPlace Web Conferencing Release 7.1.
you will need to make the following changes to the SiteMinder configuration so that it can interoperate
properly with Cisco Unified MeetingPlace Web Conferencing Release 7.1.
String Blocking in URLs
SiteMinder looks for invalid strings in all URLs before processing. Web Conferencing uses internal
URLs that include the “.” character (period), which is blocked by the default SiteMinder configuration.
The default block is:
URLs that include the “.” character (period), which is blocked by the default SiteMinder configuration.
The default block is:
badurlchars="./, /., /*, *., ~, \, %00-%1f,%7f-%ff"
In order for Web Conferencing to function properly, remove /. from the badurlchars string, for example:
badurlchars="./, /*, *., ~, \, %00-%1f,%7f-%ff"
Localhost Redirection and Hostname Blocking in URLs
Web Conferencing uses internal URLs that include connecting to the localhost/loopback on port 8002,
for example, http://localhost:8002. When SiteMinder receives a localhost request, it resolves localhost
to the actual host name of the server. SiteMinder then looks up the host name in its list of hosts and
matches it to the name of an agent. In order for web conferencing to function properly, you must add this
agent name to the exception list so that it is not blocked by SiteMinder.
for example, http://localhost:8002. When SiteMinder receives a localhost request, it resolves localhost
to the actual host name of the server. SiteMinder then looks up the host name in its list of hosts and
matches it to the name of an agent. In order for web conferencing to function properly, you must add this
agent name to the exception list so that it is not blocked by SiteMinder.
The following example shows the SiteMinder logging for a localhost request on port 8002:
[5812/7912][Tue Apr 24 14:00:07 2007][..\..\..\CSmHttpPlugin.cpp:219][INFO:2] PLUGIN: Read
HTTP_HOST value 'localhost:8002'.
[5812/7912][Tue Apr 24 14:00:07 2007][..\..\..\CSmHttpPlugin.cpp:270][INFO:2] PLUGIN:
ProcessResource - Resolved Host 'YOURHOSTNAME:8002'.
[5812/7912][Tue Apr 24 14:00:40 2007][..\..\..\CSmHttpPlugin.cpp:290][INFO:1] PLUGIN:
ProcessResource - Resolved Agentname 'yourhostname-unprotected' for HTTP_HOST
'YOURHOSTNAME:8002'.