INTEGRATION GUIDE. DIGIPASS Authentication for SimpleSAMLphp using IDENTIKEY Federation Server
|
|
- Patience Payne
- 8 years ago
- Views:
Transcription
1 INTEGRATION GUIDE DIGIPASS Authentication for SimpleSAMLphp using IDENTIKEY Federation Server
2 Disclaimer Disclaimer of Warranties and Limitation of Liabilities All information contained in this document is provided 'as is'; VASCO Data Security assumes no responsibility for its accuracy and/or completeness. In no event will VASCO Data Security be liable for damages arising directly or indirectly from any use of the information contained in this document. Copyright Copyright 2013 VASCO Data Security, Inc, VASCO Data Security International GmbH. All rights reserved. VASCO, Vacman, IDENTIKEY, axsguard, DIGIPASS and logo are registered or unregistered trademarks of VASCO Data Security, Inc. and/or VASCO Data Security International GmbH in the U.S. and other countries. VASCO Data Security, Inc. and/or VASCO Data Security International GmbH own or are licensed under all title, rights and interest in VASCO Data Security Products, updates and upgrades thereof, including copyrights, patent rights, trade secret rights, mask work rights, database rights and all other intellectual and industrial property rights in the U.S. and other countries. Microsoft and Windows are trademarks or registered trademarks of Microsoft Corporation. Other names may be trademarks of their respective owners. 1 DIGIPASS Authentication for SimpleSAMLphp using IDENTIKEY Federation Server
3 Table of Contents 1 Overview Architecture Two factor authentication Technical Concepts SimpleSAMLphp VASCO IDENTIKEY Federation Server IDENTIKEY Authentication Server Configuration details Architecture Pre-requisites SimpleSAMLphp configuration Authentication source Adding Metadata Setting up a signing certificate IDENTIKEY Federation Server configuration Create application Basic IDENTIKEY Federation Setup Setup Back-ends LDAP IDENTIKEY Authentication Server IDENTIKEY Authentication Server Client Creating a demo user Attaching a DIGIPASS Additional authentication methods DIGIPASS Authentication for SimpleSAMLphp using IDENTIKEY Federation Server
4 4.3.1 MYDIGIPASS.com Test SimpleSAMLphp connection IDENTIKEY Federation Server Response only Challenge response and Backup Virtual DIGIPASS Attachments Authsources DIGIPASS Authentication for SimpleSAMLphp using IDENTIKEY Federation Server
5 1 Overview 1.1 Architecture IFS Ifs.labs.vasco.com SAML OAuth SimpleSAMLphp MyDIGIPASS.com RADIUS LDAP IDENTIKEY Server 1.2 Two factor authentication Active Directory Many organizations still rely on a username and password to protect their data or external access. However passwords are often very simple and very easy guessed, cracked or even stolen. Once it is compromised it can take quite a lot of time before anyone notices that it has been compromised. Recently a lot of services are being moved to the cloud where anyone can access the service from anywhere. This means that the users are often accessing it from outside the safe network, making protecting your password even more important and harder. Two factor authentication of VASCO Data Security will add an additional factor, called DIGIPASS, to your password. The DIGIPASS will generate a One Time Password, or OTP, which you can use in combination with your password. This means that people will need a specific device and password if they want to gain access. Imagine if the device were to be stolen, this will be noticed quickly and that way access using that device can be denied, stopping any attacker quickly. With this in mind you can secure your WEB accounts, granting you the comfort of Single Sign-On with the hardened security of two factor authentication. 4 DIGIPASS Authentication for SimpleSAMLphp using IDENTIKEY Federation Server
6 2 Technical Concepts 2.1 SimpleSAMLphp If you have a web application that needs to authenticate users, simplesamlphp can help you out. In addition to support local authentication with one of the authentication module, you can use the service provider functionality. If you are using SimpleSAMLphp as a service provider, it will communicate and delegate authentication with an Identity Provider. More information can be found on their website VASCO IDENTIKEY Federation Server IDENTIKEY Federation Server is a virtual appliance providing you with the most powerful identity & access management platform. It is used to validate user credentials across multiple applications and disparate networks. The solution validates users and creates an identity ticket enabling web single sign-on for different applications across organizational boundaries. As validated credentials can be reused, once a user s identity is confirmed, access to authorized services and applications is granted. Users can securely switch between the different applications and collaborate with colleagues, business partners, suppliers, customers and partners using one single identity. IDENTIKEY Federation Server works as an Identity Provider within the local organization, but can also delegate authentication requests (for unknown users) to other Identity Providers. In a Federated Model, IDENTIKEY Federation Server does not only delegate but also receives authentication requests from other Identity Providers, when local users want to access applications from other organizations within the same federated infrastructure IDENTIKEY Authentication Server IDENTIKEY Authentication Server is an off-the-shelf centralized authentication server that supports the deployment, use and administration of DIGIPASS strong user authentication. It offers complete functionality and management features without the need for significant budgetary or personnel investments. IDENTIKEY Authentication Server is supported on 32bit systems as well as on 64bit systems. IDENTIKEY Appliance is a standalone authentication appliance that secures remote access to corporate networks and web-based applications. The use and configuration of an IDENTIKEY Authentication Server and an IDENTIKEY Appliance is similar. 5 DIGIPASS Authentication for SimpleSAMLphp using IDENTIKEY Federation Server
7 3 Configuration details 3.1 Architecture IFS Ifs.labs.vasco.com SAML SimpleSAMLphp 3.2 Pre-requisites In our test environment we used a Windows server and installed WAMP. To install SimpleSAMLphp on your server please follow the steps by this guide: Make sure that you have enabled OpenSSL on your webserver. 3.3 SimpleSAMLphp configuration Authentication source Once the initial setup is completed you must add some additional lines of code to authsources.php. This file can be found under the install folder: <simplesamlphpx.x>/config/authsources.php. In here add a new authsource; find an example in the last chapter. 6 DIGIPASS Authentication for SimpleSAMLphp using IDENTIKEY Federation Server
8 3.3.2 Adding Metadata Start by downloading the Metadata from the IDENTIKEY Federation Server by navigating to (in our environment: Open the file and copy the contents in the Metadata converter of SimpleSAMLphp. You can find the Metadata converter here: Now you copy the output and paste it in the saml20-idpremote.php file. This file can be found in your SimpleSAMLphp install folder under: metadata/saml20-idp-remote.php Setting up a signing certificate By default the SimpleSAMLphp has a signing certificate. This certificate is widely known and holds very little security. Open a command window and navigate to <simplesamlphp-install-folder>/cert/. in the command window: enter openssl req -newkey rsa:2048 -new -x509 -days nodes - out labs.crt -keyout labs.pem. 7 DIGIPASS Authentication for SimpleSAMLphp using IDENTIKEY Federation Server
9 It is very likely that your server does not recognize the openssl command even though OpenSSL is installed together with WAMP. Use <wamp-installfolder>/bin/apache/apachex.x.x/bin/openssl instead. Edit the authsources.php file and change the privatekey and the certificate variables in openaselect to match the newly created certificate. Certificate: labs.crt Privatekey: labs.pem You can use your own certificates as well. To do so, copy the certificate and the private key file to <simplesamlphp-install-folder>/cert/ and change the values in authsources.php. 3.4 IDENTIKEY Federation Server configuration Create application Navigate to your IDENTIKEY Federation Server manager console, (in our environment: and go to Applications/Add Application. Select SAML generic and enter as the Metadata URL. 8 DIGIPASS Authentication for SimpleSAMLphp using IDENTIKEY Federation Server
10 4 Basic IDENTIKEY Federation Setup 4.1 Setup IFS Ifs.labs.vasco.com SAML OAuth MYDIGIPASS.com RADIUS LDAP IDENTIKEY Server Back-ends LDAP Active Directory Log into IDENTIKEY Federation Server s management web console and navigate to Authentication, LDAP. LDAP URL: ldap:// :389 DN base: DC=labs,DC=vasco,DC=com 9 DIGIPASS Authentication for SimpleSAMLphp using IDENTIKEY Federation Server
11 DN user field: CN Security principal DN: CN=Administrator,CN=Users,DC=labs,DC=vasco,DC=com Security principal password: <administrator password> Check Allow user attribute gathering Click Save By clicking on Test Connection you can verify if the data you set is correct IDENTIKEY Authentication Server Log into IDENTIKEY Federation Server s management web console and navigate to Authentication, Manage methods. Edit DIGIPASS authentication. Friendly name: DIGIPASS authentication Maximum retries: 3 Method: PAP Server address: Server port: 1812 NAS-IP-Address: Shared secret: <RADIUS secret> (can be chosen) Click Save IDENTIKEY Authentication Server Client Log into your IDENTIKEY Authentication Server and go to Clients, Register. Client Type : select Radius Client from select from list Location : DIGIPASS Authentication for SimpleSAMLphp using IDENTIKEY Federation Server
12 Policy ID : Select a policy Protocol ID: RADIUS Shared Secret: <RADIUS secret> Confirm Shared Secret: re-enter the <RADIUS secret> Click Create Make sure that the <RADIUS secret> is the same on both IDENTIKEY Federation Server and IDENTIKEY Authentication Server Creating a demo user The user created in the IDENTIKEY Authentication Server has to exist in the Active Directory. Log into your IDENTIKEY Authentication Server and go to Users, Create. User ID: <your-user> (in our setup: Demo) Domain: <your-domain> (in our setup: labs.vasco.com) Organizational unit: <your-ou> (OPTIONAL, in our setup: WEB Users) Enter static password: <your-password> Confirm static password: <your-password> Local Authentication: Default Back-end Authentication: Default Click on Create You have now added a user in your IDENTIKEY Authentication Server Attaching a DIGIPASS Log into your IDENTIKEY Authentication Server and type the name of a user in the FIND field then click SEARCH. Click on the User ID and navigate to Assigned DIGIPASS. 11 DIGIPASS Authentication for SimpleSAMLphp using IDENTIKEY Federation Server
13 Click on ASSIGN. Click NEXT. Click ASSIGN. Click FINISH. With the DIGIPASS assigned, the user is now ready for testing. 12 DIGIPASS Authentication for SimpleSAMLphp using IDENTIKEY Federation Server
14 4.3 Additional authentication methods MYDIGIPASS.com To illustrate adding an OAuth provider, MYDIGIPASS.com s sandbox environment will be used as example. If you do not have a MYDIGIPASS developer account, you can create one for free on Log into your MYDIGIPASS.com developer account and go to Sandbox. Click on Connect your test site. Identifier: IFS_vasco (this must be a unique identifier) Name: Vasco Federated Login Redirect uri: (in our application: Click on Create application Go to Sandbox and click on your newly generated test site. Take note of the client_id and the client_secret. Log into your IDENTIKEY Federation Server s management web console and go to Federated authentication, Manage OAuth providers. 13 DIGIPASS Authentication for SimpleSAMLphp using IDENTIKEY Federation Server
15 Check Enabled for MYDIGIPASS.COM (Sandbox) Fill in the client_id of your OAuth provider Fill in the client_secret of your OAuth provider Click Save 5 Test SimpleSAMLphp connection 5.1 IDENTIKEY Federation Server Response only To test if the SimpleSAMLphp and the IDENTIKEY Federation Server are both configured correctly you can open a browser and navigate to: and select openaselect. Then you will be asked to select the Identity Provider. In our example this is Labs. Now you are redirected to the login page on the IDENTIKEY Federation Server using the authentication method selected in the application. Username: Demo (this is the user we added in Creating a demo user) Password: One Time Password (this is an OTP received from the device assigned to the user in Attaching a DIGIPASS) Once you entered your login data you are redirected to the screen of SimpleSAMLphp giving you information about your user (if the information is set in the attributes, see administrative guide). 14 DIGIPASS Authentication for SimpleSAMLphp using IDENTIKEY Federation Server
16 5.1.2 Challenge response and Backup Virtual DIGIPASS The IDENTIKEY Federation Server version 1.2 does not yet support challenge response and Backup Virtual DIGIPASS. 6 Attachments 6.1 Authsources 'openaselect' => array( 'saml:sp', // The entity ID of this SP. // Can be NULL/unset, in which case an entity ID is generated based on the metadata URL. 'entityid' => 'NULL', // The entity ID of the IdP this should SP should contact. // Can be NULL/unset, in which case the user will be shown a list of available IdPs. 'idp' => NULL, will be used. // The URL to the discovery service. // Can be NULL/unset, in which case a builtin discovery service 'discourl' => NULL, 'certificate' => 'server.crt', 'privatekey' => 'server.pem', 'redirect.sign' => TRUE, 'redirect.validate' => false, //'NameIDPolicy' => 'urn:oasis:names:tc:saml:2.0:nameidformat:persistent', //'NameIDPolicy' => 'urn:oasis:names:tc:saml:1.1:nameidformat: address', //'NameIDPolicy' => 'urn:oasis:names:tc:saml:1.1:nameidformat:unspecified', //'NameIDFormat' => 'urn:oasis:names:tc:saml:2.0:nameidformat:transient', 'NameIDPolicy' => null, 15 DIGIPASS Authentication for SimpleSAMLphp using IDENTIKEY Federation Server
17 'AuthnContextClassRef' => 'urn:oasis:names:tc:saml:2.0:ac:classes:passwordprotectedtransport', //'AuthnContextClassRef' => 'urn:oasis:names:tc:saml:2.0:attrnameformat:unspecified', //WORKING: 'IsPassive' => TRUE, ) 16 DIGIPASS Authentication for SimpleSAMLphp using IDENTIKEY Federation Server
INTEGRATION GUIDE. DIGIPASS Authentication for Google Apps using IDENTIKEY Federation Server
INTEGRATION GUIDE DIGIPASS Authentication for Google Apps using IDENTIKEY Federation Server Disclaimer Disclaimer of Warranties and Limitation of Liabilities All information contained in this document
More informationINTEGRATION GUIDE. DIGIPASS Authentication for Salesforce using IDENTIKEY Federation Server
INTEGRATION GUIDE DIGIPASS Authentication for Salesforce using IDENTIKEY Federation Server Disclaimer Disclaimer of Warranties and Limitation of Liabilities All information contained in this document is
More informationINTEGRATION GUIDE. DIGIPASS Authentication for Office 365 using IDENTIKEY Authentication Server with Basic Web Filter
INTEGRATION GUIDE DIGIPASS Authentication for Office 365 using IDENTIKEY Authentication Server with Basic Web Filter Disclaimer Disclaimer of Warranties and Limitation of Liabilities All information contained
More informationINTEGRATION GUIDE. DIGIPASS Authentication for VMware Horizon Workspace
INTEGRATION GUIDE DIGIPASS Authentication for VMware Horizon Workspace Disclaimer Disclaimer of Warranties and Limitation of Liabilities All information contained in this document is provided 'as is';
More informationINTEGRATION GUIDE. IDENTIKEY Federation Server for Juniper SSL-VPN
INTEGRATION GUIDE IDENTIKEY Federation Server for Juniper SSL-VPN Disclaimer Disclaimer of Warranties and Limitation of Liabilities All information contained in this document is provided 'as is'; VASCO
More informationOVERVIEW. DIGIPASS Authentication for Office 365
OVERVIEW DIGIPASS for Office 365 Disclaimer Disclaimer of Warranties and Limitation of Liabilities All information contained in this document is provided 'as is'; VASCO Data Security assumes no responsibility
More informationINTEGRATION GUIDE. DIGIPASS Authentication for Cisco ASA 5505
INTEGRATION GUIDE DIGIPASS Authentication for Cisco ASA 5505 Disclaimer DIGIPASS Authentication for Cisco ASA5505 Disclaimer of Warranties and Limitation of Liabilities All information contained in this
More informationINTEGRATION GUIDE. DIGIPASS Authentication for Juniper SSL-VPN
INTEGRATION GUIDE DIGIPASS Authentication for Juniper SSL-VPN Disclaimer Disclaimer of Warranties and Limitation of Liabilities All information contained in this document is provided 'as is'; VASCO Data
More informationINTEGRATION GUIDE. DIGIPASS Authentication for Citrix NetScaler (with AGEE)
INTEGRATION GUIDE DIGIPASS Authentication for Citrix NetScaler (with AGEE) Disclaimer Disclaimer of Warranties and Limitation of Liabilities All information contained in this document is provided 'as is';
More informationINTEGRATION GUIDE. DIGIPASS Authentication for F5 FirePass
INTEGRATION GUIDE DIGIPASS Authentication for F5 FirePass Disclaimer Disclaimer of Warranties and Limitation of Liabilities All information contained in this document is provided 'as is'; VASCO Data Security
More informationMIGRATION GUIDE. Authentication Server
MIGRATION GUIDE RSA Authentication Manager to IDENTIKEY Authentication Server Disclaimer Disclaimer of Warranties and Limitation of Liabilities All information contained in this document is provided 'as
More informationINTEGRATION GUIDE. General Radius Config
INTEGRATION GUIDE General Radius Config Disclaimer Disclaimer of Warranties and Limitation of Liabilities All information contained in this document is provided 'as is'; VASCO Data Security assumes no
More informationDIGIPASS Authentication for Microsoft ISA 2006 Single Sign-On for Outlook Web Access
DIGIPASS Authentication for Microsoft ISA 2006 Single Sign-On for Outlook Web Access With IDENTIKEY Server / Axsguard IDENTIFIER Integration Guidelines Disclaimer Disclaimer of Warranties and Limitations
More informationHOTPin Integration Guide: Salesforce SSO with Active Directory Federated Services
1 HOTPin Integration Guide: Salesforce SSO with Active Directory Federated Services Disclaimer Disclaimer of Warranties and Limitation of Liabilities All information contained in this document is provided
More informationDIGIPASS Authentication for Check Point Connectra
DIGIPASS Authentication for Check Point Connectra With IDENTIKEY Server 2009 Integration VASCO Data Security. Guideline All rights reserved. Page 1 of 21 Disclaimer Disclaimer of Warranties and Limitations
More informationDIGIPASS as a Service. Google Apps Integration
DIGIPASS as a Service Google Apps Integration April 2011 Table of Contents 1. Introduction 1.1. Audience and Purpose of this Document 1.2. Available Guides 1.3. What is DIGIPASS as a Service? 1.4. About
More informationDIGIPASS KEY series and smart card series for Juniper SSL VPN Authentication
DIGIPASS KEY series and smart card series for Juniper SSL VPN Authentication Certificate Based 2010 Integration VASCO Data Security. Guideline All rights reserved. Page 1 of 31 Disclaimer Disclaimer of
More informationCheck Point FDE integration with Digipass Key devices
INTEGRATION GUIDE Check Point FDE integration with Digipass Key devices 1 VASCO Data Security Disclaimer Disclaimer of Warranties and Limitation of Liabilities All information contained in this document
More informationINTEGRATION GUIDE. DIGIPASS Authentication for Microsoft Exchange ActiveSync 2007
INTEGRATION GUIDE DIGIPASS Authentication for Microsoft Exchange ActiveSync 2007 Disclaimer Disclaimer of Warranties and Limitation of Liabilities All information contained in this document is provided
More informationDIGIPASS Authentication for Cisco ASA 5500 Series
DIGIPASS Authentication for Cisco ASA 5500 Series With IDENTIKEY Server 2010 Integration VASCO Data Security. Guideline All rights reserved. Page 1 of 20 Disclaimer Disclaimer of Warranties and Limitations
More informationDIGIPASS Authentication for Citrix Access Gateway VPN Connections
DIGIPASS Authentication for Citrix Access Gateway VPN Connections With VASCO Digipass Pack for Citrix 2006 VASCO Data Security. All rights reserved. Page 1 of 31 Integration Guideline Disclaimer Disclaimer
More informationHOTPin Integration Guide: Google Apps with Active Directory Federated Services
HOTPin Integration Guide: Google Apps with Active Directory Federated Services Disclaimer Disclaimer of Warranties and Limitation of Liabilities All information contained in this document is provided 'as
More informationDIGIPASS Authentication for GajShield GS Series
DIGIPASS Authentication for GajShield GS Series With Vasco VACMAN Middleware 3.0 2008 VASCO Data Security. All rights reserved. Page 1 of 1 Integration Guideline Disclaimer Disclaimer of Warranties and
More informationDIGIPASS Authentication for Check Point Security Gateways
DIGIPASS Authentication for Check Point Security Gateways With IDENTIKEY Server 2009 Integration VASCO Data Security. Guideline All rights reserved. Page 1 of 38 Disclaimer Disclaimer of Warranties and
More informationDIGIPASS Authentication for Sonicwall Aventail SSL VPN
DIGIPASS Authentication for Sonicwall Aventail SSL VPN With VASCO IDENTIKEY Server 3.0 Integration Guideline 2009 Vasco Data Security. All rights reserved. PAGE 1 OF 52 Disclaimer Disclaimer of Warranties
More informationHOTPin Integration Guide: Microsoft Office 365 with Active Directory Federated Services
HOTPin Integration Guide: Microsoft Office 365 with Active Directory Federated Services Disclaimer Disclaimer of Warranties and Limitation of Liabilities All information contained in this document is provided
More informationIDENTIKEY Appliance Administrator Guide 3.3.5.0 3.6.8
IDENTIKEY Appliance Administrator Guide 3.3.5.0 3.6.8 Disclaimer of Warranties and Limitations of Liabilities Legal Notices Copyright 2008 2015 VASCO Data Security, Inc., VASCO Data Security International
More informationDIGIPASS Authentication for Windows Logon Getting Started Guide 1.1
DIGIPASS Authentication for Windows Logon Getting Started Guide 1.1 Disclaimer of Warranties and Limitations of Liabilities The Product is provided on an 'as is' basis, without any other warranties, or
More informationHyper-V Installation Guide. Version 8.0.0
Hyper-V Installation Guide Version 8.0.0 Table of Contents 1. Introduction... 1 1.1. About this Document... 1 1.2. Documentation and Training... 1 1.3. About the AXS GUARD... 1 1.3.1. Introduction... 1
More informationaxsguard Gatekeeper Internet Redundancy How To v1.2
axsguard Gatekeeper Internet Redundancy How To v1.2 axsguard Gatekeeper Internet Redundancy How To v1.2 Legal Notice VASCO Products VASCO data Security, Inc. and/or VASCO data Security International GmbH
More informationIdentikey Server Getting Started Guide 3.1
Identikey Server Getting Started Guide 3.1 Disclaimer of Warranties and Limitations of Liabilities Disclaimer of Warranties and Limitations of Liabilities The Product is provided on an 'as is' basis, without
More informationWHITE PAPER. Identikey Server 3.1 Strong Authentication solution for On-Demand Applications and SaaS
WHITE PAPER Identikey Server 3.1 Strong Authentication solution for On-Demand Applications and SaaS Emerging trend: SaaS and Online Applications for every market Software deployments are shifting from
More informationDell One Identity Cloud Access Manager 8.0.1 - How to Configure for SSO to SAP NetWeaver using SAML 2.0
Dell One Identity Cloud Access Manager 8.0.1 - How to Configure for SSO to SAP NetWeaver using SAML 2.0 May 2015 About this guide Prerequisites and requirements NetWeaver configuration Legal notices About
More informationInternet Redundancy How To. Version 8.0.0
Internet Redundancy How To Version 8.0.0 Table of Contents 1. Introduction... 1 1.1. 1.2. 1.3. 1.4. About this Document... Examples used in this Guide... Documentation Sources... About the AXS GUARD...
More informationIdentikey Server Windows Installation Guide 3.1
Identikey Server Windows Installation Guide 3.1 Disclaimer of Warranties and Limitations of Liabilities Disclaimer of Warranties and Limitations of Liabilities The Product is provided on an 'as is' basis,
More informationIDENTIKEY Server Windows Installation Guide 3.2
IDENTIKEY Server Windows Installation Guide 3.2 Disclaimer of Warranties and Limitations of Liabilities Disclaimer of Warranties and Limitations of Liabilities The Product is provided on an 'as is' basis,
More informationIDENTIKEY Server Windows Installation Guide 3.1
IDENTIKEY Server Windows Installation Guide 3.1 Disclaimer of Warranties and Limitations of Liabilities Disclaimer of Warranties and Limitations of Liabilities The Product is provided on an 'as is' basis,
More informationAuthentication Methods
Authentication Methods Overview In addition to the OU Campus-managed authentication system, OU Campus supports LDAP, CAS, and Shibboleth authentication methods. LDAP users can be configured through the
More informationDIGIPASS Authentication for Windows Logon Product Guide 1.1
DIGIPASS Authentication for Windows Logon Product Guide 1.1 Disclaimer of Warranties and Limitations of Liabilities The Product is provided on an 'as is' basis, without any other warranties, or conditions,
More informationConfiguring Single Sign-On from the VMware Identity Manager Service to Office 365
Configuring Single Sign-On from the VMware Identity Manager Service to Office 365 VMware Identity Manager JULY 2015 V1 Table of Contents Overview... 2 Passive and Active Authentication Profiles... 2 Adding
More informationDIGIPASS Authentication for Juniper ScreenOS
DIGIPASS Authentication for Juniper ScreenOS With Vasco VACMAN Middleware 3.0 2007 Integration VASCO Data Security. Guideline All rights reserved. Page 1 of 53 Disclaimer Disclaimer of Warranties and Limitations
More informationaxsguard Gatekeeper Directory Services How To v1.2
axsguard Gatekeeper Legal Notice VASCO Products VASCO data Security, Inc. and/or VASCO data Security International GmbH are referred to in this document as 'VASCO'. VASCO Products comprise Hardware, Software,
More informationSAML single sign-on configuration overview
Chapter 46 Configurin uring Drupal Configure the Drupal Web-SAML application profile in Cloud Manager to set up single sign-on via SAML with a Drupal-based web application. Configuration also specifies
More informationDigipass Plug-In for IAS. IAS Plug-In IAS. Microsoft's Internet Authentication Service. Getting Started
Digipass Plug-In for IAS IAS Plug-In IAS Microsoft's Internet Authentication Service Getting Started Disclaimer of Warranties and Limitations of Liabilities Disclaimer of Warranties and Limitations of
More informationVMware Identity Manager Integration with Active Directory Federation Services 2.0
VMware Identity Manager Integration with Active Directory Federation Services 2.0 VMware Identity Manager J ULY 2015 V 2 Table of Contents Active Directory Federation Services... 2 Configuring AD FS Instance
More informationCA Performance Center
CA Performance Center Single Sign-On User Guide 2.4 This Documentation, which includes embedded help systems and electronically distributed materials, (hereinafter referred to as the Documentation ) is
More informationDIGIPASS Authentication for SonicWALL SSL-VPN
DIGIPASS Authentication for SonicWALL SSL-VPN With VACMAN Middleware 3.0 2006 VASCO Data Security. All rights reserved. Page 1 of 53 Integration Guideline Disclaimer Disclaimer of Warranties and Limitations
More informationHOTPin Integration Guide: DirectAccess
1 HOTPin Integration Guide: DirectAccess Disclaimer Disclaimer of Warranties and Limitation of Liabilities All information contained in this document is provided 'as is'; Celestix assumes no responsibility
More informationSafeNet Authentication Service
SafeNet Authentication Service Integration Guide All information herein is either public information or is the property of and owned solely by Gemalto NV. and/or its subsidiaries who shall have and keep
More informationConfiguring Single Sign-on from the VMware Identity Manager Service to WebEx
Configuring Single Sign-on from the VMware Identity Manager Service to WebEx VMware Identity Manager SEPTEMBER 2015 V 2 Configuring Single Sign-On from VMware Identity Manager to WebEx Table of Contents
More informationaxsguard Gatekeeper Open VPN How To v1.4
axsguard Gatekeeper Open VPN How To v1.4 Legal Notice VASCO Products VASCO Data Security, Inc. and/or VASCO Data Security International GmbH are referred to in this document as 'VASCO'. VASCO Products
More informationIntegrating VMware Horizon Workspace and VMware Horizon View TECHNICAL WHITE PAPER
Integrating VMware Horizon Workspace and VMware Horizon View TECHNICAL WHITE PAPER Table of Contents Introduction.... 3 Requirements.... 3 Horizon Workspace Components.... 3 SAML 2.0 Standard.... 3 Authentication
More informationConfiguring. Moodle. Chapter 82
Chapter 82 Configuring Moodle The following is an overview of the steps required to configure the Moodle Web application for single sign-on (SSO) via SAML. Moodle offers SP-initiated SAML SSO only. 1 Prepare
More informationSecurity Assertion Markup Language (SAML) Site Manager Setup
Security Assertion Markup Language (SAML) Site Manager Setup Trademark Notice Blackboard, the Blackboard logos, and the unique trade dress of Blackboard are the trademarks, service marks, trade dress and
More informationIntegration Guide. SafeNet Authentication Service. Using SAS as an Identity Provider for Drupal
SafeNet Authentication Service Integration Guide Technical Manual Template Release 1.0, PN: 000-000000-000, Rev. A, March 2013, Copyright 2013 SafeNet, Inc. All rights reserved. 1 Document Information
More informationSecure your business DIGIPASS BY VASCO. The world s leading software company specializing in Internet Security
Secure your business DIGIPASS BY VASCO The world s leading software company specializing in Internet Security Secure Your Business A secure and flexible work environment Today s workforce needs to use
More informationSAML 2.0 SSO Deployment with Okta
SAML 2.0 SSO Deployment with Okta Simplify Network Authentication by Using Thunder ADC as an Authentication Proxy DEPLOYMENT GUIDE Table of Contents Overview...3 The A10 Networks SAML 2.0 SSO Deployment
More informationHP Software as a Service. Federated SSO Guide
HP Software as a Service Federated SSO Guide Document Release Date: July 2014 Legal Notices Warranty The only warranties for HP products and services are set forth in the express warranty statements accompanying
More informationWHITE PAPER. Identikey Server 3.1 Strong Authentication solution against MITM Attacks for e-banking
WHITE PAPER Identikey Server 3.1 Strong Authentication solution against MITM Attacks for e-banking Protection against Man-in-the-Middle attacks As the global leader in two-factor authentication solutions
More informationDell One Identity Cloud Access Manager 8.0.1 - How to Develop OpenID Connect Apps
Dell One Identity Cloud Access Manager 8.0.1 - How to Develop OpenID Connect Apps May 2015 This guide includes: What is OAuth v2.0? What is OpenID Connect? Example: Providing OpenID Connect SSO to a Salesforce.com
More informationVERALAB LDAP Configuration Guide
VERALAB LDAP Configuration Guide VeraLab Suite is a client-server application and has two main components: a web-based application and a client software agent. Web-based application provides access to
More informationStrong Authentication for Juniper Networks SSL VPN
Strong Authentication for Juniper Networks SSL VPN with Powerful Authentication Management for Service Providers and Enterprises Authentication Service Delivery Made EASY Copyright Copyright 2011. CRYPTOCard
More informationDell One Identity Cloud Access Manager 8.0.1 - How to Configure Microsoft Office 365
Dell One Identity Cloud Access Manager 8.0.1 - How to Configure Microsoft Office 365 May 2015 This guide describes how to configure Microsoft Office 365 for use with Dell One Identity Cloud Access Manager
More informationMoodle and Office 365 Step-by-Step Guide: Federation using Active Directory Federation Services
Moodle and Office 365 Step-by-Step Guide: Federation using Active Directory Federation Services This document is provided as-is. Information and views expressed in this document, including URL and other
More informationIP Tunnels September 2014
IP Tunnels September 2014 Table of Contents 1. Introduction... 1 1.1. About this Document... 1 1.2. Concept... 1 2. Configuration and Parameters... 2 VASCO Data Security 2014 ii VASCO Products VASCO Data
More informationSecurity Provider Integration RADIUS Server
Security Provider Integration RADIUS Server 2015 Bomgar Corporation. All rights reserved worldwide. BOMGAR and the BOMGAR logo are trademarks of Bomgar Corporation; other trademarks shown are the property
More informationCA Nimsoft Service Desk
CA Nimsoft Service Desk Single Sign-On Configuration Guide 6.2.6 This Documentation, which includes embedded help systems and electronically distributed materials, (hereinafter referred to as the Documentation
More information365 Services. 1.1 Configuring Access Manager. 1.1.1 Prerequisite. 1.1.2 Adding the Office 365 Metadata. docsys (en) 2 August 2012
1 1Configuring Single Sign-On For Office 365 Services NetIQ Access Manager is compatible with Office 365 and provides single sign on access to Office 365 services. Single sign on access is supported for
More informationConfiguring Single Sign-on from the VMware Identity Manager Service to Dropbox
Configuring Single Sign-on from the VMware Identity Manager Service to Dropbox VMware Identity Manager SEPTEMBER 2015 V1 Configuring Single Sign-On from VMware Identity Manager to Dropbox Table of Contents
More informationConfiguring Single Sign-on from the VMware Identity Manager Service to AirWatch Applications
Configuring Single Sign-on from the VMware Identity Manager Service to AirWatch Applications VMware Identity Manager AUGUST 2015 V1 Configuring Single Sign-On from VMware Identity Manager to AirWatch Applications
More informationMcAfee Cloud Identity Manager
NetSuite Cloud Connector Guide McAfee Cloud Identity Manager version 2.0 or later COPYRIGHT Copyright 2013 McAfee, Inc. All Rights Reserved. No part of this publication may be reproduced, transmitted,
More informationApplication Note. Intelligent Application Gateway with SA server using AD password and OTP
Application Note Intelligent Application Gateway with SA server using AD password and OTP ii Preface All information herein is either public information or is the property of and owned solely by Gemalto
More informationIntegration Guide. SafeNet Authentication Service. Oracle Secure Desktop Using SAS RADIUS OTP Authentication
SafeNet Authentication Service Integration Guide Oracle Secure Desktop Using SAS RADIUS OTP Authentication Technical Manual Template Release 1.0, PN: 000-000000-000, Rev. A, March 2013, Copyright 2013
More informationTenrox. Single Sign-On (SSO) Setup Guide. January, 2012. 2012 Tenrox. All rights reserved.
Tenrox Single Sign-On (SSO) Setup Guide January, 2012 2012 Tenrox. All rights reserved. About this Guide This guide provides a high-level technical overview of the Tenrox Single Sign-On (SSO) architecture,
More informationTwo-Factor Authentication
Two-Factor Authentication This document describes SonicWALL s implementation of two-factor authentication for SonicWALL SSL-VPN appliances. This document contains the following sections: Feature Overview
More informationCopyright http://support.oracle.com/
Primavera Portfolio Management 9.0 Security Guide July 2012 Copyright Oracle Primavera Primavera Portfolio Management 9.0 Security Guide Copyright 1997, 2012, Oracle and/or its affiliates. All rights reserved.
More informationIDENTIKEY Server Product Guide 3.0 3.1
IDENTIKEY Server Product Guide 3.0 3.1 Disclaimer of Warranties and Limitations of Liabilities Disclaimer of Warranties and Limitations of Liabilities The Product is provided on an 'as is' basis, without
More informationuh6 efolder BDR Guide for Veeam Page 1 of 36
efolder BDR for Veeam Hyper-V Continuity Cloud Guide Setup Continuity Cloud Import Backup Copy Job Restore Your VM uh6 efolder BDR Guide for Veeam Page 1 of 36 INTRODUCTION Thank you for choosing the efolder
More informationSafeNet Authentication Service
SafeNet Authentication Service Integration Guide All information herein is either public information or is the property of and owned solely by Gemalto NV. and/or its subsidiaries who shall have and keep
More informationIdentikey Server Product Guide 3.0 3.1
Identikey Server Product Guide 3.0 3.1 Disclaimer of Warranties and Limitations of Liabilities Disclaimer of Warranties and Limitations of Liabilities The Product is provided on an 'as is' basis, without
More informationPingFederate. Windows Live Cloud Identity Connector. User Guide. Version 1.0
Windows Live Cloud Identity Connector Version 1.0 User Guide 2011 Ping Identity Corporation. All rights reserved. Windows Live Cloud Identity Connector User Guide Version 1.0 April, 2011 Ping Identity
More informationInternet Information Services Integration Kit. Version 2.4. User Guide
Internet Information Services Integration Kit Version 2.4 User Guide 2014 Ping Identity Corporation. All rights reserved. PingFederate Internet Information Services User Guide Version 2.4 June, 2014 Ping
More informationStrong Authentication in details
Strong Authentication in details Kuznetsov Alexander Technical Account Manager VASCO Core Activities Overview DIGIPASS DIGIPASS Go Range DIGIPASS E-signature DIGIPASS Reader DIGIPASS for Mobile DIGIPASS
More informationOnly LDAP-synchronized users can access SAML SSO-enabled web applications. Local end users and applications users cannot access them.
This chapter provides information about the Security Assertion Markup Language (SAML) Single Sign-On feature, which allows administrative users to access certain Cisco Unified Communications Manager and
More informationHow To Configure A Bomgar.Com To Authenticate To A Rdius Server For Multi Factor Authentication
Security Provider Integration RADIUS Server 2015 Bomgar Corporation. All rights reserved worldwide. BOMGAR and the BOMGAR logo are trademarks of Bomgar Corporation; other trademarks shown are the property
More informationUsing Vasco IDENTIKEY Server with NetScaler
Using Vasco IDENTIKEY Server with NetScaler Deployment Guide This deployment guide describes the process for deploying Vasco IDENTIKEY server with NetScaler to enable secure authentication for application
More informationSection 1, Configuring Access Manager, on page 1 Section 2, Configuring Office 365, on page 4 Section 3, Verifying Single Sign-On Access, on page 5
Configuring Single Sign-On For Office 365 Services NetIQ Access Manager is compatible with Microsoft Office 365 and provides single sign-on access to Office 365 services. Single sign-on access is supported
More informationStrong Authentication for Juniper Networks
Strong Authentication for Juniper Networks SSL VPN SSO and OWA with Powerful Authentication Management for Service Providers and Enterprises Authentication Service Delivery Made EASY Copyright Copyright
More informationInstallation Guide. SafeNet Authentication Service
SafeNet Authentication Service Installation Guide Technical Manual Template Release 1.0, PN: 000-000000-000, Rev. A, March 2013, Copyright 2013 SafeNet, Inc. All rights reserved. 1 Document Information
More informationSalesForce SSO with Active Directory Federated Services (ADFS) v2.0 Authenticating Users Using SecurAccess Server by SecurEnvoy
SalesForce SSO with Active Directory Federated Services (ADFS) v2.0 Authenticating Users Using SecurAccess Server by SecurEnvoy Contact information SecurEnvoy www.securenvoy.com 0845 2600010 Merlin House
More informationEgnyte Single Sign-On (SSO) Installation for OneLogin
Egnyte Single Sign-On (SSO) Installation for OneLogin To set up Egnyte so employees can log in using SSO, follow the steps below to configure OneLogin and Egnyte to work with each other. 1. Set up OneLogin
More informationnexus Hybrid Access Gateway
Product Sheet nexus Hybrid Access Gateway nexus Hybrid Access Gateway nexus Hybrid Access Gateway uses the inherent simplicity of virtual appliances to create matchless security, even beyond the boundaries
More informationDIGIPASS CertiID. Getting Started 3.1.0
DIGIPASS CertiID Getting Started 3.1.0 Disclaimer Disclaimer of Warranties and Limitations of Liabilities The Product is provided on an 'as is' basis, without any other warranties, or conditions, express
More informationVMware Identity Manager Administration
VMware Identity Manager Administration VMware Identity Manager 2.4 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by a new
More informationConfiguring TLS Security for Cloudera Manager
Configuring TLS Security for Cloudera Manager Cloudera, Inc. 220 Portage Avenue Palo Alto, CA 94306 info@cloudera.com US: 1-888-789-1488 Intl: 1-650-362-0488 www.cloudera.com Notice 2010-2012 Cloudera,
More informationApplication Note. Gemalto s SA Server and OpenLDAP
Application Note Gemalto s SA Server and OpenLDAP ii Preface All information herein is either public information or is the property of and owned solely by Gemalto NV. and/or its subsidiaries who shall
More informationRSA Authentication Manager 7.1 Security Best Practices Guide. Version 2
RSA Authentication Manager 7.1 Security Best Practices Guide Version 2 Contact Information Go to the RSA corporate web site for regional Customer Support telephone and fax numbers: www.rsa.com. Trademarks
More informationIntegration Guide. SafeNet Authentication Service. Using SAS as an Identity Provider for Salesforce
SafeNet Authentication Service Integration Guide Technical Manual Template Release 1.0, PN: 000-000000-000, Rev. A, March 2013, Copyright 2013 SafeNet, Inc. All rights reserved. 1 Document Information
More informationExternal Authentication with Juniper SSL VPN appliance Authenticating Users Using SecurAccess Server by SecurEnvoy
External Authentication with Juniper SSL VPN appliance Authenticating Users Using SecurAccess Server by SecurEnvoy Contact information SecurEnvoy www.securenvoy.com 0845 2600010 1210 Parkview Arlington
More informationDigipass for Citrix VM3.0: troubleshooting guide. Creation date: 11/07/2007 Last Review: 30/11/2007 Revision number: 2
Digipass for Citrix VM3.0: troubleshooting guide Creation date: 11/07/2007 Last Review: 30/11/2007 Revision number: 2 Document type: Whitepaper Security status: EXTERNAL Summary This document describes
More information