The CRES Admin Guide (v4.1), on page 2-28, while describing SAML configuration, it refers to the following Identity Providers:
Web Security Appliance
Are these the only two supported IDP's or any SAML 2.0 IDP is supported? Well, the doc actually states "PingFederate equivalents". I'm just double checking the support level.
If there are folks out there who have used CRES with SAML, could you provide comments on your experience? Are things working reasonably smooth with SAML?
While the CRES's implemention of SAML should work with various providers, CRES is only supported to work with the two that have been certified by the QA team. However, CS will work with customers, if they are trying to use a different
Identity Provider than those supported. If the Identity Provider fails to work, defects and feature requests can be filed to expand and enhance CRES's SAML implemention.
Cisco IronPort Web Security Appliance and PingFederate."
Thanks Alvaro. That makes sense.
My primary concern was if ADFS 2.0 (in SAML2.0 mode) is supported for CRES. From your response, I assume it should work.
If there is anyone out there who has actually used CRES with ADFS 2.0, would be great if you could share your experience.
We are planning to use Microsoft ADFS as IdP as well.
Do anyone have a sample of a SAML Respons that the CRES web site accept?
What information is needed in the respons?
I think the trick is to get the claims in ADFS defined correctly, and it may not be straight forward.