[cisco-voip] Open SSO with WebEx and AD
Bernhard Albler
bernhard.albler at gmail.com
Fri Jul 27 13:25:41 EDT 2012
Hi Matthew.
Webex SSO is quite different beast since it is either SAML or ADFS based.
Basically SAML is a token based authentication scheme.
In the preferred option (browser post) it can be either SP(e.g. Webex) or
IDP (the authentication provider) based.
It will work like this:
you need to configure OpenSSO for SAML including a login page (
http://docs.oracle.com/cd/E19681-01/820-5986/ghmmn/index.html)
Link the SSO portion in webex with the SAML Config in OpenSSO by exchanging
the metadata (which includes the relevant certificates).
To enable the SSO tab in Webex you will need to contact webex customer
support.
If you linked the sites sucessfuly, go to the webex site and click "host
login".
You will now be dropped to your OpenSSO sign in page and either sign in or
are signed in through something like NTLM auth.
The OpenSSO page will now redirect (POST) you back to the webex site while
including a signed token which authenticates you.
Webex will match your identities and if you exist on the webex site will
sign you in.
cheers
bernhard
On Fri, Jul 27, 2012 at 6:47 PM, Matthew Loraditch <
MLoraditch at heliontechnologies.com> wrote:
> I am playing with OpenSSO and am having success with CUCM due to an
> excellent white paper that shows everything on the AD, OpenAM and CUCM
> Sides. I’d like to do it for Webex as well, but can’t find any
> documentation beyond this:
> http://developer.cisco.com/documents/4733862/4734214/Sun+OpenSSO+to+WebEx+SAML+SSO+Configuration+Guide.pdf
> ****
>
> That doc basically says users have to be setup but we aren’t telling you
> how. Google isn’t helping, I found ways to integrate OpenAM with AD but not
> sure how that links to what Webex needs, etc.****
>
> ** **
>
> Has anyone here done this? Any hints or ideas?****
>
> Thanks!****
>
> ** **
>
> ** **
>
> Matthew G. Loraditch – CCNP-Voice, CCNA, CCDA
>
> 1965 Greenspring Drive
> Timonium, MD 21093
>
> voice. 410.252.8830
> fax. 410.252.9284
>
> Twitter <http://twitter.com/heliontech> | Facebook<http://www.facebook.com/#!/pages/Helion/252157915296>
> | Website <http://www.heliontechnologies.com/> | Email Support<support at heliontechnologies.com?subject=Technical%20Support%20Request>
> ****
>
> ** **
>
> ** **
>
> _______________________________________________
> cisco-voip mailing list
> cisco-voip at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-voip
>
>
--
Bernhard Albler, +4369917207384
--
"Was Nachwelt! Wie komm' ich dazu was für die Nachwelt zu tun? Was hat denn
die Nachwelt für mich getan?"
--Carl Friedrich Zelter
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20120727/02e65410/attachment.html>
More information about the cisco-voip
mailing list