Security

Hello,

 

I'm trying to setup a wired web-auth authentication for guest AND ADFS user.

Guest authentication works fine.

For SSO, I've configured a link to the IdP URL and i've used "Clearpass Admin SSO login" template (as described in SAML Config Guide v1.5) and this part works fine also.

But after successful SAML authentication, I get redirected to the guest login page with a login failure message.

Looking at the access tracker, a Web-auth service is triggerd after successful SSO login. But [SSO] cannot be an authentication method of a Web-auth service.

 

Is there any other ways to proceed with wired SSO authentication ?

Did you get this working by any chance and any feedback?  I'm investigating this same thing!

Unfortunately not. I guess it's not supported (yet ?).

I got this working with a Web-Based Open network access. You check the SSO as the preauth method on the Web Login page, and then the web login is 'allow all' which basically means anyone what a valid SSO account works.

With wireless i can map attributes and reference them with the WLAN RADIUS service, but with webauth i have not found a way to pull the SSO_TOKEN attributes out as usable data.

_ELiasz

------------------------------
eliasz zurawka
------------------------------

Original Message:
Sent: Sep 18, 2019 12:11 PM
From: Jerome Lecerf
Subject: Wired ADFS SSO authentication

Unfortunately not. I guess it's not supported (yet ?).

Just realized i replied to a 2+ year old post. Did you find any other workaround to map SSO Attributes to Wired WebAuth?

------------------------------
eliasz zurawka
------------------------------

Original Message:
Sent: Sep 18, 2019 12:11 PM
From: Jerome Lecerf
Subject: Wired ADFS SSO authentication

Unfortunately not. I guess it's not supported (yet ?).