跳转到主内容

了解 AIQUM 中的 SAML 身份验证工作流

Views:
12
Visibility:
Public
Votes:
0
Category:
active-iq-unified-manager
Specialty:
OM
Last Updated:

适用场景

  • Active IQ Unified Manager (AIQUM)
  • 安全断言标记语言(SAML)

问题描述   

以下示例概述了 Active IQ Unified Manager中的SAML工作流saml-kb-1.png

  1. 管理员连接到Unified Manager (UM) Web GUI。   
  2. UM将 查找为集群配置的Idp。
  3. UM 会将管理员的浏览器重定向到Idp。
  4. Idp会提示管理员输入凭据。Idp负责多个身份验证因素。
  5. Idp将在AD中验证管理员凭据。
  6. Idp发出SAML断言、并将管理员的Web浏览器重定向回UM。
  7. UM处理SAML断言、然后从其内部数据库中查找授权角色。
  8. 此时将建立会话、UM会将SAML会话令牌返回到管理员的Web浏览器的Set-Cookie标头中。从此时起、管理员可以使用安全SAML令牌访问UM。

 

NetApp provides no representations or warranties regarding the accuracy or reliability or serviceability of any information or recommendations provided in this publication or with respect to any results that may be obtained by the use of the information or observance of any recommendations provided herein. The information in this document is distributed AS IS and the use of this information or the implementation of any recommendations or techniques herein is a customer's responsibility and depends on the customer's ability to evaluate and integrate them into the customer's operational environment. This document and the information contained herein may be used solely in connection with the NetApp products discussed in this document.