Secure content after /usm

Idea created by Andreas_Eriksson on Feb 20, 2019
    New
    Score7
    • Wagberg
    • sthmiwe
    • Louis_van_Amelsfort
    • Andreas_Eriksson
    • tesfha
    • martin.hermansson
    • ksdolsk

    Please also secure the basic authentication (when not AD/NTLM is selected in the catalog).

    One possible solution would be to redirect the user to the login page and then redirect the user to the original URL the user tried to access. If a session token already is valid a redirect would not be needed.

     

    Scenario:

    1) User access http://hostname/usm/FileStore/images/offerings/image.jpg

    2) No valid session ID (JSESSIONID) is found.

    3) Redirect user to loginpage for the Service Catalog but remember the originating URL. There are webscripts for that function.

    4) The user login and then gets redirected to the origin/requested URL.