Claims-based authentication involves authenticating a user based on a set of claims about that user's identity contained in a trusted token.Such a token is often issued and signed by an entity that is able to authenticate the user by other means, and that is trusted by the entity doing the claims-based authentication.Active Directory Federation Services (AD FS), a software component developed by Microsoft, can run on Windows Server operating systems to provide users with single sign-on access to systems and applications located across organizational boundaries.
•To create a duplicate of an existing certificate authentication profile, choose the profile that you want to duplicate and click Duplicate.
Step 4 Enter the following details: •Name—(Required) Enter the name of the certificate authentication profile.
This chapter describes how you can configure the following identity sources and certificate authentication profiles in Cisco ISE and contains the following topics: •Certificate Authentication Profiles •Microsoft Active Directory •LDAP •RADIUS Token Identity Sources •RSA Identity Sources •Identity Source Sequences •Viewing and Monitoring the Identity Sources Certificate authentication profiles are used in authentication policies for certificate-based authentications in place of identity sources to verify the authenticity of the user.
The certificate authentication profiles allow you to specify the following items: •The certificate field that should be used as the principal username •Whether a binary comparison of the certificate should be performed The Certificate Authentication Profiles page lists the certificate authentication profiles that you have added.
The Certificate Authentication Profile page appears. Step 3 Do one of the following: •To add a new certificate authentication profile, click Add.