Руководство Пользователя для Cisco Cisco Content Security Management Appliance M1070
14-58
AsyncOS 10.0 for Cisco Content Security Management Appliances User Guide
Chapter 14 Common Administrative Tasks
SSO Using SAML 2.0
Step 5
Click Submit.
Step 6
Note down the service provider metadata (Entity ID and Assertion Customer URL) displayed on the SSO
Settings page and the Name ID Format displayed on the Service Provider Settings page. You will need
these details while configuring the service provider settings on the identity provider.
Settings page and the Name ID Format displayed on the Service Provider Settings page. You will need
these details while configuring the service provider settings on the identity provider.
Optionally, you can export the metadata as a file. Click Export Metadata and save the metadata file.
Some identity providers allow you to load service provider details from a metadata file.
Some identity providers allow you to load service provider details from a metadata file.
Assertion Consumer URL
The URL to which the identity provider should
send the SAML assertion after authentication has
successfully completed. In this case, this is the
URL to your spam quarantine.
send the SAML assertion after authentication has
successfully completed. In this case, this is the
URL to your spam quarantine.
This field is not configurable. You will need this
value while configuring the identity provider.
value while configuring the identity provider.
SP Certificate
Note
The private key must be in .pem format.
Signing Authentication Requests
If you want the appliance to sign the SAML
authentication requests:
authentication requests:
1.
Upload the certificate and the associated
private key.
private key.
2.
Enter the passphrase for the private key.
3.
Select Sign Request.
Decrypt Encrypted Assertions
If you plan to configure your identity provider to
encrypt SAML assertions:
encrypt SAML assertions:
1.
Upload the certificate and the associated
private key.
private key.
2.
Enter the passphrase for the private key.
Sign Assertions
If you want the identity provider to sign the
SAML assertions, select Sign Assertions.
SAML assertions, select Sign Assertions.
If you select this option, you must add the identity
provider’s certificate to the appliance. See
provider’s certificate to the appliance. See
Organization Details
Enter the details of your organization.
Identity provider uses this information in the error
logs.
logs.
Technical Contact
Enter the email address of the technical contact.
Identity provider uses this information in the error
logs.
logs.
Field Description