Filter
Top Products
6-18
User Guide for Cisco Digital Media Manager 5.2.x
OL-15762-03
Chapter 6 Authentication and Federated Identity
Concepts
9. Synchronize DMM with your Active Directory server to populate the DMM user database.
Note You MUST configure at least one LDAP bookmark.
10. Synchronize users exactly as you would in LDAP mode.
Note Whenever you change any setting or value on your IdP or any of your SPs, you must reestablish their
pairing to restore mutual trust among them.
11.
Click Update to save your work.
Authentication Scenarios for User Sessions in Federation (SSO) Mode
• SSO Scenario 1—Trusted + Valid + Authorized
• SSO Scenario 2—Trusted + Valid + NOT Authorized
• SSO Scenario 3—Nothing Known
SSO Scenario 1—Trusted + Valid + Authorized
NEW IN CISCO DMS 5.2.3
1. A web browser requests access to a protected resource on an SP.
Your federation will not approve or deny this request until it knows more.
2. The SP asks its IdP if the browser is currently authenticated to any valid user account in the CoT.
3. The IdP verifies that:
• The browser is already connected to an SP elsewhere in the CoT, having authenticated
successfully to a valid user account and having received a SAML “token” or “passport” that
authorizes at least some access.
• The user account has sufficient permissions to access the protected resource.
4.
The IdP acts on the SP’s behalf and redirects the browser immediately to the protected resource.