Summary:
In this guide we will discuss how to collect additional attributes from the user during login beside username and password while using custom authentication scheme.
Environment:
- Policy Server : R12.0+
- OS : ANY
Instructions:
1. Modify the .fcc template file (login.fcc) to collect additional attribute
Add the following line at the beginning of the file:
@password=PASSWORD=%PASSWORD%&department=%department%
If the additional attributes have special characters, the line looks like the following sample:
@password=PASSWORD=%PASSWORD%&department=%urlencode(department)%
Where, 'department' is the new attribute that you are configuring to collect from the user during login.
Also, create a new text field to provide the additional parameter :
<input type="text" name="department" size="30" style="margin-left: 1px">
Let's save this as a new customlogin.fcc file.
2. Modify the custom authentication scheme in the Administrative UI to pass the path to the customlogin.fcc as a parameter to the custom authentication scheme class.
3. Modify the OOTB custom authentication scheme class as below :
Create a method to retrieve the redirect URL :
/***
* The redirectURL is exepcted to be first parameter in the Auth scheme definition
* @param parameter
* @return
*/
String getRedirectURL(String parameter){
String redirectURL = parameter;
logInJavaUtilLogger("parameter :"+redirectURL);
if (parameter.indexOf(';') != -1)
{
String[] params = parameter.split(";");
redirectURL = params[0];
}
return redirectURL;
}
Modify the query() method to redirect to the custom login page as specified in the Administrative UI:
else if (SmAuthQueryCode.SMAUTH_QUERY_CREDENTIALS_REQ == request)
{
//response.setResponseCode(SmAuthQueryResponse.SMAUTH_CRED_BASIC);
response.setResponseCode(SmAuthQueryResponse.SMAUTH_CRED_FORM_REQUIRED);
response.setResponseBuffer(getRedirectURL(parameter));
}
Create a method to parse 'Password' field and extract additional parameters:
Map<String,String> parsePassword(String param)
{
logInJavaUtilLogger("Inside parsePassword param is :"+param);
Map<String, String> map = new HashMap<String, String>();
String[] parts = param.split("&");
for (String keypair : parts) {
String[] keyval = keypair.split("=");
try {
map.put(keyval[0], URLDecoder.decode(keyval[1], "UTF-8"));
} catch (UnsupportedEncodingException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
return map;
}
Invoke the parsePassword method to parse the password attribute:
//String additonalParams = theUserCredentialsContext.getPassword();
Map<String,String> paramMaps = parsePassword(theUserCredentialsContext.getPassword());
String thePassword = paramMaps.get("PASSWORD");
logInJavaUtilLogger("User Password :"+thePassword);
logInJavaUtilLogger("Department :"+paramMaps.get("department"));
Testing:
1. Login :
2. Custom log output:
Sep 12, 2016 11:01:56 AM com.netegrity.sdk.javaauthapi.AuthApiSample logInJavaUtilLogger
FINE: AuthApiSample::FileLogger::Inside parsePassword param is :PASSWORD=siteminder&department=ujwol%24%25^%26
Sep 12, 2016 11:01:56 AM com.netegrity.sdk.javaauthapi.AuthApiSample logInJavaUtilLogger
FINE: AuthApiSample::FileLogger::User Password :siteminder
Sep 12, 2016 11:01:56 AM com.netegrity.sdk.javaauthapi.AuthApiSample logInJavaUtilLogger
FINE: AuthApiSample::FileLogger::Department :ujwol$%^&
Sep 12, 2016 11:01:57 AM com.netegrity.sdk.javaauthapi.AuthApiSample logInJavaUtilLogger
FINE: AuthApiSample::FileLogger::User Successfully Authenticated :shruj01
Sep 12, 2016 11:01:57 AM com.netegrity.sdk.javaauthapi.AuthApiSample logInJavaUtilLogger
FINE: AuthApiSample::FileLogger::parameter :http://iis-01.ca.com/siteminderagent/forms/customlogin.fcc
Attachment:
- Sample customlogin.fcc
- Sample Custom Authentication scheme
Additional Information: