ASA single sign-on

Unanswered Question

Hi all!

I had ASA version 7.2.4 and WebVPN. WebVPN users authentication happen through AD. How can I configure SSO for Microsoft Outlook Web Access?

In Cisco guides I see configuration through Siteminder, is it independent product or AD can provide http cookies?

I also try configure auto signon through ASDM and apply it to WebVPN policy but when go to OWA link I should autenticate as before.

I try different type of autentication methods for OWA and ip blocks.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
hadbou Tue, 06/17/2008 - 06:28

Single sign-on support lets users of clientless SSL VPN enter a username and password only once to access multiple protected services and web servers. In general, the SSO mechanism either starts as part of the AAA process or just after successful user authentication to a AAA server. The clientless SSL VPN server running on the security appliance acts as a proxy for the user to the authenticating server. When a user logs in, the clientless SSL VPN server sends an SSO authentication request, including username and password, to the authenticating server using HTTPS. If the server approves the authentication request, it returns an SSO authentication cookie to the clientless SSL VPN server. The security appliance keeps this cookie on behalf of the user and uses it to authenticate the user to secure websites within the domain protected by the SSO server.

Refer the following url for more information about Single sign-on:

http://www.cisco.com/en/US/docs/security/asa/asa81/config/guide/webvpn.html#wp1003053

Actions

This Discussion