Product guide
How it works
Figure 3-2 Enterprise Authentication as the Identity Provider
Number Description
1 Users request access protected applications and are redirected to Enterprise Authentication
(Identity Provider) for authentication.
2 At the logon screen, users are prompted to provide their identity credentials, such as a
user name and password.
3 Enterprise Authentication validates user identity information against the identity store and
issues secure access tokens.
4 Users and tokens are redirected to the protected application Service Providers and access
is granted.
For future requests, users are automatically granted access since a session is already
established between users and Identity Providers.
Considerations
All certificates and tokens are available on the Enterprise Authentication administration interface.
High-level steps for implementation
1
Using the administration interface, set up the HTTP listener.
2
Connect Enterprise Authentication to the data source.
3
Configure the SAML authentication flow.
4
Establish the Enterprise Authentication and Service Provider relationship with these metadata
settings:
• Entity ID — URL type, such as idp.mcafee.com
• SSOURL — URL where the Identity Provider is hosted and where the Service Provider redirects
the client
5
Verify the configuration.
See also
Configure HTTP listeners on page 40
Connect Enterprise Authentication to data sources on page 41
Configure SAML Identity Provider flows using the guided configuration tool on page 37
Deployment scenarios
Enterprise Authentication as the Identity Provider
3
McAfee Enterprise Authentication 1.0.0 Product Guide
17