Installation and Configuration Guide
Websense Authentication Service

Library Search:


Go to the table of contents Go to the previous page Go to the next page View or print as PDF
Using the Administration Console > Configure Authentication Service metadata in your Websense product > Cloud Web Security

Cloud Web Security
 
* 
Note 
Authentication Service is supported on Internet Explorer 7 or later, Firefox version 3.5 or later, and Google Chrome 10.x or later.
1.
Log on to the Cloud Web Security portal.
2.
Go to Web Security > Settings > Authentication Service.
3.
Enter the IdP metadata URL in the Identity Provider Metadata URL field.
4.
Click Get metadata.
5.
Click Submit.
6.
For each Web policy that will use Authentication Service to authenticate end users:
*
Click the policy name.
*
Select the Access Control tab.
*
Under Authentication settings, mark Authentication Service provided by VMware Horizon.
*
Under Session Timeout, define how long user credentials are valid for use with Authentication Service. Credentials must be revalidated periodically for security reasons: this happens transparently once the selected period has elapsed.
*
Click Submit.
To complete your configuration of Cloud Web Security with Authentication Service, you may also want to define the following:
*
Authentication Service relies on SSL decryption to redirect SSL sites for authentication. If you want Authentication Service to seamlessly authenticate end users browsing to HTTPS sites, you should download the Websense root certificate from the Web Security > Settings > Authentication Service page, and install it on all client machines that will use Authentication Service.
*
If there are some sites where you don't want SSL decryption performed (for example, sites that include personal identification information that should not be decrypted), you can maintain a list of host names on the SSL Decryption tab of each policy for which decryption is bypassed.
*
If you wish to enforce the use of Authentication Service for certain end users, overriding the authentication settings in the policy, you can deploy a PAC file URL to those users that ends in the a=t parameter:
http://webdefence.global.blackspider.com:8082/proxy.pac?a=t
See the Cloud Web Security Help and the Cloud Web Security Getting Started Guide for more information.

Quick Links



Go to the table of contents Go to the previous page Go to the next page View or print as PDF
Using the Administration Console > Configure Authentication Service metadata in your Websense product > Cloud Web Security
(c) 2011 Websense, Inc. All Rights Reserved.