Cisco ASA 5505 Configuration Manual page 1545

Chapter 67 Clientless SSL VPN
POST Plug-ins for Homepage SSO and Application-only Portals
The POST plug-in was developed to solve some key single sign-on (SSO) and homepage requirements
for certain key applications like Citrix Web Interface. This clientless SSL VPN plug-in has the following
key capabilities:
•
•
•
POST plug-in has the following capabilities and restrictions:
•
•
•
•
Configuring POST Plug-ins
Obtain the plug-in (such as post-plugin.080414.jar) from Plugins (Latest) at post-plugin.zip or from
http://www.cisco.com/cgi-bin/tablebuild.pl/asa. Use the following procedures to configure the POST
plug-in.
Step 1 Choose Configuration > Remote Access VPN > Clientless SSL VPN Access > Portal > Client-Server
Plug-ins.
Step 2 Click Import.
The Import Client-Server Plug-in dialog box opens.
Choose post from the Plug-in Name (Protocol) drop-down menu.
Step 3
Click one of the following options and insert a path into its text field.
Step 4
•
•
•
Click Import Now.
Step 5
OL-20339-01
The option to display the homepage for a Web application (such as Citrix) in the right frame, as part
of the default clientless portal, or as the only frame in the page (completely hiding anything that is
part of the Cisco portal).
The option for SSO on the homepage or with an application using WebVPN variables (also known
as macros) (and therefore HTTP-POST parameters).
The option to preload a page before issuing a POST request. This option becomes necessary when
a logon page for an application sets some cookies.
It is strictly an HTML/JavaScript code and not a JAVA plug-in. It contains no client components.
No support on Firefox. It is supported only on Internet Explorer and Mac Safari.
Does not support URLs with queries such as http://example.company.com/names?Login. The ?
character is not supported.
A POST plug-in adds approximately a 10-second delay to make sure an intermediate page is fully
loaded with all objects for an application. This delay is beneficial for an application such as Citrix
where an intermediate page performs client detection functions.
Local computer—Click to retrieve the plug-in from the computer with which you have established
the ASDM session. Enter the location and name of the plug-in into the associated Path field, or click
Browse Local Files and navigate to the plug-in, choose it, and then click Select.
Flash file system—Click if the plug-in is present on the file system of the security appliance. Enter
the location and name of the plug-in into the associated Path field, or click Browse Flash and
navigate to the plug-in, choose it, then click OK.
Remote Server—Click to retrieve the plug-in from a host running an FTP or TFTP server. Choose
ftp, tftp, or HTTP from the drop-down menu next to the associated Path attribute, depending on
which service is running on the remote server. Enter the host name or address of the server and the
path to the plug-in into the adjacent text field.
Configuring Browser Access to Client-Server Plug-ins
Cisco ASA 5500 Series Configuration Guide using ASDM
67-81