We want to be able to use an external non-FCC based login page to do multistep authentication, using a combination of AJAX requests to get an SMSESSION cookie.
At the end of the steps we want to redirect the user to where they originally wanted to go.
As we are using SecureURLs, so the orginal TARGET is not available to the login page, only the encrypted SMQUERYDATA, and hence at this point we can't redirect the user to the TARGET.
When using an .fcc file as the login page, you can extract the original TARGET URL using the $$TARGET$$ string in the FCC.
Has anyone got any suggestions that would address this?
I had thought of replaying the original SMQUERYDATA that was in the redirect from the original request, along with the SMSESSION cookie to some .fcc file, and hoping to configure the directives so that this resulted in a redirect to the TARGET. Not sure if this approach would work, or which @directive I would need.
As a fallback position we have configured an fcc, but ideally would like this in an HTML file as then the custom's UX people would be able to update it through their content management system.