Symantec Access Management

  • Private Community

  • 1.  Login page from Application

    Posted Nov 13, 2014 03:19 AM

    Hi Team,

     

    We working on Siteminder Federation, where SM is IDP and Application is SP.

     

    We wanted to have the login page to be initiated from the Application itself and Authentication from Siteminder. (Currently we have the login page from Siteminder)

     

    Can anyone share your thoughts here?

     

    Regards,

    Sandeep.



  • 2.  Re: Login page from Application

    Posted Nov 19, 2014 01:52 AM

    Any thoughts here?



  • 3.  Re: Login page from Application
    Best Answer

    Posted Nov 19, 2014 11:46 AM

    Sandeep

     

    You could use a HTML Forms Authentication scheme on IdP which would redirect the user to the Application login page URL e.g. http://FQDN/application/login.aspx. The login.aspx would need to submit the credentials to login.fcc with necessary parameters and the TARGET URL to redirect back to.

     

    https://wiki.ca.com/display/sm1252sp1/Authentication+and+a+Centralized+Login+Server

    Identity and Access Management: Siteminder custom login page - how to post to FCC

    single sign on - SiteMinder SSO Custom Login page - Stack Overflow

     

     

    Things you need to be careful about :

    • Setting TARGET URL correctly with query parameters in the TARGET field within login.fcc (Read from URL and set in Login.fcc).
    • What is your solution on IdP is it a single domain SiteMinder solution?

     

     

    Regards

     

    Hubert



  • 4.  Re: Login page from Application

    Posted Nov 20, 2014 07:13 AM

    Thanks for your valuable input, Hubert.

     

    We will work on it.



  • 5.  Re: Login page from Application

    Posted Dec 02, 2014 04:46 AM

    Hi Hubert,

     

    I got stuck at setting the Target URL in Target field with in login.fcc, what would be the Target URL here?

     

    I'm getting "Internal Server Error", When I tried to access the resource.

     

    Its a single domain in IDP.

     

    Regards,

    Sandeeo.



  • 6.  Re: Login page from Application

    Posted Dec 02, 2014 08:18 AM

    Hi Hubert,

     

    I have configured my App login page as below (for sample testing).

     

    <form action="/siteminderagent/forms/login.fcc" method="post">

    ....

    <td><P><span>Username :</span></P></td>

    <td><P><input name="USER" type="text" value="" style="width:150px" /></P></td>

    ....

    <td><P><span>Password :</span></P></td>

    <td><P><input name="PASSWORD" type="password" value="" style="width:150px" /></P></td>

    ....

    <INPUT TYPE=HIDDEN NAME="SMENC" VALUE="ISO-8859-1">

    <INPUT type=HIDDEN name="SMLOCALE" value="US-EN">

    <input type=hidden name=target value="http://HOSTNAME/test">

    <input type=hidden name=smquerydata value="$$smquerydata$$">

    <input type=hidden name=smauthreason value="$$smauthreason$$">

    <input type=hidden name=smagentname value="$$smagentname$$">

    <input type=hidden name=postpreservationdata value="$$postpreservationdata$$">

     

                                           <div class="formRow">

                                           <P><input name="submit" type="submit" value="Login" />

                                           <input name="Reset" type="reset" /></P>

     

    1) If I provide 'smagentname', I'm seeing error message 'Cannot fetch agent $$smagentname$$'

    2) If target = "$$target$$", Error is 'Internal Server Error'

     

    No changes did in login.fcc.

     

    Regards,

    Sandeep.



  • 7.  Re: Login page from Application

    Posted Dec 04, 2014 01:42 AM

    Thanks Hubert.

     

    It worked when I set the target parameter with correct value. And removed all other params.

     

    Regards,

    Sandeep.