Symantec Access Management

Dear Team,

@How can i force the user to redirect to the message page before redirecting to any other page?

I am using policy server R12.5 and i have done the following changes in APS.cfg file:

define MOTD                 http://www.commentsdb.com/wp-content/uploads/2015/07/Welcome-Text-On-Wooden-Table.jpg

MOTD=http://www.commentsdb.com/wp-content/uploads/2015/07/Welcome-Text-On-Wooden-Table.jpg

Generational Redirect= LICENSE=2 http://www.commentsdb.com/wp-content/uploads/2015/07/Welcome-Text-On-Wooden-Table.jpg

please help me on this.

Hi,

I tried this today and haven't been able to figure this out myself.

It seems that there is some bug.

However, I was able to successfully test the "Always Redirect" option.

Only difference with "Always Redirect" option is that the user is always redirected to the page, irrespective of how many times he logins during the day.

You will need following two things :

1. In APS.cfg set :

Always Redirect=/AlwaysRedirectWarning.html (or any other page of your choice)

2. Create OnAuthAccept Policy for the domain. The Response for OnAuthAccept must have a single response of type OnAccept-Redirect. This should be an Active Expression using the

   following values (these values are case-sensitive):

      Library     = smaps

      Function    = SmApsRedirect

      Parameters  = Leave Empty

I will do some more investigation later and get back to you on MOTD setitngs

Regards,

Ujwol

Hi,

Thanks for your prompt reply Ujwol.

I have tried this thing and as you mentioned the user is redirected to the "Message" page.

How can i redirect the user to the page that he actually accessed after the Message page?

can i use generational redirect instead of MOTD?

You said "I have tried this thing and as you mentioned the user is redirected to the "Message" page.

How can i redirect the user to the page that he actually accessed after the Message page?"

Ujwol : I believe your question is how to redirect the user to the actual target after displaying the message page. I guess, the target is preserved in the "target" query parameter. If it is, all you have to do, create a hyperlink , let say "Continue" which should read the "target" param and redirect there on the click event.

You said "can i use generational redirect instead of MOTD?"

Ujwol: I haven't tested this thoroughly, but in ky quick test even the Generational redirect was not working. I need to do some more testing there

Hi,

Thanks Ujwol.

Please let me know once you will find the solution for it.

Regards,

Shrawan

Hi Shrawan,

Please refer below KB article

Advanced Password Services - Message of the Day 

Introduction: 

Message of the Day will show the designated page to all applicable users the first (and only the first) time that they log in each day.

Background: 

Message of the Day uses the smapsGenerationalRedirects attribute to "remember" whether a user has been redirected on any given day, with a key value of APS_MOTD.

Environment:  

CA Single Sign-On Advanced Password Service 12.52

Instructions: 

1) Under Domain create 2 rules.

1. a) Create a rule1 with GET/POST/PUT (WebAgent Actions)
2. b) Create a rule2 with OnAuthAccept (Authentication Events)

 2) Create a Policy with Rule1 and Rule2.

    For Rule2, create a new response with below details

          Attribute Kind - Active Response

          Library Name - smaps

          Function Name - AZRedirect

3) Policy Server <install_location>\siteminder\bin

Add the below line under APS.cfg 

MOTD=http://www.ca.com  (Define the desired page that user wants to get redirected)

Regards,

Leo Joseph.

Hi Leo,

Great work!

Thanks & Regards

Shrawan Bhagwat

VOIP- 04228512

Ext.-98512

Ultimatix Access Management

Tata Consultancy Services

Mailto: shrawan.bhagwat@tcs.com

Website: http://www.tcs.com