![]() The only other thing to change is the user Login ID Mapping. The reason the certificate is uploaded is so that STA will only accept requests originating from a source secured by this certificate. The certificate should then show something like below. I used the full certificate chain in PEMfor mat for this. For step 4 below, you will need the certificate used to secure the UAG appliance.Īssertation Consumer Service = https : ///portal/samlsso ![]() Replace the FQDN with the FQDN of your Unified Access Gateway. Make a note of the two URLs and download the certificate, you will need these later.Īfter clicking the next step button, click the manual configuration link for Step02: STA SetupĪs shown below, complete the URLs as shown. On the next screen, click to switch to manual configuration. Locate the Generic Template option and click add. Login into STA and choose the option to add a new application. Step 1 – Configure a new application in STA I will also assume you have an active Thales Safenet Trusted Access subscription. For this, to work, you need to be running a Horizon Unified Access Gateway appliance as well as a minimum of Horizon 7.11. This guide will show you how to make it work.īefore we begin, I am going to make a few assumptions. Safenet Trusted Access support a lot of applications out of the box, but Horizon is not one of them. namely that as far as I know it does not support conditional access and does not support push notifications for One Time Passcode soft tokens. ![]() Prior to this, it was only possible to use RADIUS based authentication to enable MFA, which has some limitations. Since the release of Horizon version 7.11, SAML based authentication has been a supported protocol for enabling MFA. One of those platforms is VMware Horizon. I have been working on a project to integrate many platforms with Thales Safenet Trusted Access to enable multi-factor authentication to improve access security to those platforms. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |