Using SSO with the Cisco WebEx and Cisco WebEx Meeting applications
One of the goals of the Cisco WebEx services is to provide comprehensive management of user identities for an organization. User identity management involves providing secure mechanisms for authentication and authorization. These mechanisms facilitate ease of use and policy controls based on the user’s role and group affiliations inside the organization.
Federated Single sign-on standards such as SAML2 (Security Assertion Markup Language) and WS-Federation provide such secure mechanisms for authentication. SAML-compliant identity management systems send SAML assertion to Cisco WebEx services. A SAML assertion is an XML document containing trusted statements about a subject. Typically, these trusted statements include information such as user name, email and other profile information. SAML assertions are digitally signed to ensure their authenticity.
Normally, enterprises deploy a federated Identity and Access Management system (IAM) to manage user identities. These IAM systems use SAML, and WS-Federation standards for user identity management activities. Some of the more prominent enterprise-class IAM systems include CA SiteMinder, Ping Federate, and Windows Active Directory Federation Services (ADFS). These IAM systems form part of an organization's corporate intranet which handles the user authentication and single sign-on requirements for employees and partners. IAM systems use the SAML or WS-Federation protocols to interoperate with partner websites outside their firewalls. Customers, partners, and vendors can utilize their IAM systems to automatically authenticate their users to Cisco WebEx services. This will increase efficiency as users are not required to recall their username and password to use Cisco WebEx services.
Additionally, employees leaving an organization do not have to be explicitly disabled in external administration tools. As soon as they are removed from the customers IAM system, they are not able to authenticate against any of the Cisco WebEx services.
|Top of Page|