Cookie authentication with SAML back end and fixed ACS URL rule set

To support SAML authentication using an external Identity Provider, Web Gateway performs the Service Provider role. The rules in this rule set support this SAML scenario.

Library rule set – Cookie authentication with SAML back end and fixed ACS URL
CriteriaAlways
Cycles – Requests (and IM)

This rule set contains the following nested rule sets:

  • Cookie authentication with SAML back end and fixed ACS URL
    • Intercept SAML assertion if IdP uses a fixed ACS URL
    • Cookie authentication at HTTP(S) proxy
      • Set cookie for authenticated clients
      • Authenticate clients with authentication server
    • Cookie authentication at authentication server
      • Authentication server request

This rule set contains the following rule.

Set client context

Rule element Definition
Criteria Always
Action Continue
Events Enable SSL Client Context without CA <Default Without CA>

This rule secures all HTTP communication with the SSL protocol using the default certificate that comes with Web Gateway or one that you import. To configure the SSL certificate, click <Default Without CA>.