Filter
Top Products
6-19
User Guide for Cisco Digital Media Manager 5.2.x
OL-15762-03
Chapter 6 Authentication and Federated Identity
Concepts
SSO Scenario 2—Trusted + Valid + NOT Authorized
NEW IN CISCO DMS 5.2.3
SSO Scenario 3—Nothing Known
NEW IN CISCO DMS 5.2.3
1.
A web browser requests access to a protected resource on an SP.
Your federation will not approve or deny this request until it knows more.
2. The SP asks its IdP if the browser is currently authenticated to any valid user account in the CoT.
3. The IdP verifies that:
• The browser is already connected to an SP elsewhere in the CoT, having authenticated
successfully to a valid user account and having received a SAML “token” or “passport” that
authorizes at least some access.
• The user account DOES NOT have sufficient permissions.
4. The IdP redirects the browser to the SP, where an HTTP 403 Forbidden message states that the user is
not authorized to access the protected resource.
1. A web browser requests access to a protected resource on an SP.
Your federation will not approve or deny this request until it knows more.
2. The SP asks its IdP if the browser is currently authenticated to any valid user account in the CoT.