Cisco PIX 500 Series Configuration Manual page 774

Getting Started
6wthdlAmCnvlJCDfDoXtn8DpabgiW6VDTrvl3SGPyQtUv7Wdahuq5SxbUzjY2JxQnrUtwB977NCzYu2sOtN+dsEReW
J6ueyJBbMzKyzUB4L3i5uSYN50B4PCv1w5KdRKa5p3N0Nfq6RM6dfipMEJw0Ny1sZ7ohz3fbvQ/YZ7lw/k7ods/8Vb
aR15ivkE8dSCzuf/AInHtCzuQ6wApzEp9CUoG8/dapWriHjNoi4llJOgCst33wEhxFxcWy2UWxs4EZSjsI5GyBnefS
QTPVfma5dc/emWor9vWr0HnTQaHP5rg5dTNqunkDEdMIHfbeP3F90cZejVzihM6igiS6P/CEJAjE;Domain=.examp
le.com;Path=/
Figure 37-4
example; output varies widely across different websites.
Figure 37-4 Authorization cookies in sample HTTP analyzer output
In some cases, the server may set the same cookie regardless of whether the authentication was
Step 7
successful or not, and such a cookie is unacceptable for SSO purposes. To confirm that the cookies are
different, repeat
cookie with the "success" cookie.
You now have the necessary parameter data to configure the security appliance for SSO with HTTP Form
protocol.
Task Overview: Configuring SSO with HTTP Form Protocol
This section presents an overview of configuring SSO with the HTTP Form protocol.To enable SSO
using HTTP Forms, perform the following tasks:
•
•
•
Cisco Security Appliance Command Line Configuration Guide
37-18
shows an example of authorization cookies in HTTP analyzer output. This is only an
1
1 Authorization cookies
Step 1 through
Configure the uniform resource identifier on the authenticating web server to receive and process
the form data (action-uri).
Configure the username parameter (user-parameter).
Configure the user password parameter (password-parameter).
1
Step 6 using invalid login credentials and then compare the "failure"
Chapter 37 Configuring Clientless SSL VPN
OL-12172-03