Redirect to custom url after successful authentication by OAM

Similar Messages

• ISE 1.2 redirect to origin URL after successful login

  Hi, is there a possibility to redirect guests to the URL they tiped in, before they had to authenticate? We're running ISE 1.2., the webserver is running on it and after login the user has to retype the URL he wants to visit.. it would be great if the user would be automatically redirected..
  Thanks!
  KR

  ISE is set up to do this with the latest patch (Patch 5).  Now we are just waiting on new code for the rest of the NADs to implement this.
  Actually, support was added to 1.2 P5, but it is up to access devices to add the support for forwarding the URL in redirect request to ISE.  I believe WLC will be first to do so in 8.0 timeframe.

• Redirect after successful authentication

  Hi Experts,
  I am trying to redirect the users to a different portal component after they are successfully authenticated, as I need the details of the authenticated user, especially the R3Name that was mapped to. I have done the below modifications in umLogonPage.jsp of the logon application:
  Deleted the form action:
  onaction="<%=inPortal?"":logonBean.getLogonURL(proxy, null)%>";
     2. Deleted the onSubmit of the form:
  ?"onSubmit=\"javascript:addTenantPrefix();\"":""
    3. Changed the type of logon button to button from submit.
    4. Then, I have added the below script in the umLogonPage.jsp which is being called onclick of the logon button:
  function payrollPnumCheck()
    addTenantPrefix();
    var logonAction =  "<%=inPortal?"":logonBean.getLogonURL(proxy, null)%>";
    <%
    boolean locked = PayrollStatus.isPayrollProcessing();
    if((locked)){
    %>
    alert(location.pathname);
    window.location.assign("http://zabrysvsapzhd:50000/irj/servlet/prt/portal/prtroot/com.dd.payrollProcessing.systemLocked");
    <%
    }else{%>
    document.logonForm.action=logonAction;
      document.logonForm.submit();
    <%}%>
  But, the portal is not being redirected after the authentication.
  Please let me know what am I doing wrong here. I am quite new to js and jsp.
  Thank you,
  Sai

  How are these Portal components deployed in the portal, NWDI activites or EAR/SDAs?
  IN either way you should be able to get a link to the landing page (might be index.html or jsp) e.g. http://<SAP>.<domain>:5xx000/<Application-Deployed-EAR>/root/landingIndex.html (in case of EAR SDA deployments) or http://<SAP>.<domain>:5xx000/<SID_TrackID_D><DC>/landingIndex.html
  These URLs can be wrapped in a URL iVIew and then assigned to a Page with no padding and borders so as to appear as a like any other normal webpage.
  If you don't change he page display settings you'll get the Framework headings, title and all SAP standard components and would look weird if the application is not a dynpro one.

• ISE Guest Access- Redirect to URL after successful logon

  Currently, when guest users attempt to browse they get redirected to the guest portal.  After login, they get a message that they can now access the original URL.  Is there a way to automatically redirect to the URL they were trying to access, or remember the URL after they login?

  ISE guest flow :
  The user associates to the web authentication Service Set Identifier (SSID).
  The user opens the browser.
  The WLC redirects to the guest portal (such as ISE or NGS) as soon as a URL is entered.
  The user authenticates on the portal.
  The guest portal redirects back to the WLC with the credentials entered.
  The WLC authenticates the guest user via RADIUS.
  The WLC redirects back to the original URL

• After successful authentication, Redirection is not working properly.

  I am protecting an application with OAM 11g say http://ohs-host:7777/test/. If I am accessing http://ohs-host:7777
  /test/, I am getting OAM login page. I have enabled SSL for OAM and the login page which I am getting is a https
  url (https://LB-IP/oam/server/obrareq.cgi?encquery....). After successfull authentication it is redirecting me to https://ohs-host/obrar.cgi?encreply.... and I will get a 404 error.
  Here after successfull authentication it is redirecting to https url and port number also removed from the url. If I change the url manually by changing https to http and add port number 7777, it will navigate me to the requested page.
  please help !
  regards
  Shantanu

  Hi,
  Sorry to hear your issue.
  Please remember always need to backup before updating.
  You can use Nokia ovi service for this.
  Can you give me so information to study this case:
  1. I need to know which countryyou live
  2. Which sw versions he has upgraded from and to
  3. The product code of the phone (7 digit under the battery)
  4. by which method has he upgraded the software? – FOTA, NSU, or at the Service Centre?
  Br
  Mahyav

• ISE no redirect to origin URL after guest login

  Hi, is there a possibility to redirect a guest user to the origin URL after he logged in successfully?
  Right now the attached file is what the user sees after login.
  Thanks!

  The first method is local web authentication. In this case, the WLC  redirects the HTTP traffic to an internal or external server where the  user is prompted to authenticate. The WLC then fetches the credentials  (sent back via an HTTP GET request in the case of an external server)  and makes a RADIUS authentication. In the case of a guest user, an  external server (such as Identity Services Engine (ISE) or NAC Guest  Server (NGS)) is required because the portal provides features such as  device registering and self-provisioning. The flow includes these steps:
  The user associates to the web authentication Service Set Identifier (SSID).
  The user opens the browser.
  The WLC redirects to the guest portal (such as ISE or NGS) as soon as a URL is entered.
  The user authenticates on the portal.
  The guest portal redirects back to the WLC with the credentials entered.
  The WLC authenticates the guest user via RADIUS.
  The WLC redirects back to the original URL.
  This  flow includes several redirections. The new approach is to use central  web authentication. This method works with ISE (versions later than 1.1)  and WLC (versions later than 7.2). The flow includes these steps:
  The user associates to the web authentication SSID, which is in fact open+macfiltering and no layer 3 security.
  The user opens the browser.
  The WLC redirects to the guest portal.
  The user authenticates on the portal.
  The  ISE sends a RADIUS Change of Authorization (CoA - UDP Port 1700) to  indicate to the controller that the user is valid, and eventually pushes  RADIUS attributes such as the Access Control List (ACL).
  The user is prompted to retry the original URL.

• Custom processing after logon authentication in portal

  I want to do some custom processing after the user logs in and is authenticated and before the portal contents are visible to the user.....
  Can someone please help me where exactly i can write the code. Which par file? and where exactly ?

  Setu, try to start from com.sap.portal.navigation.portallauncher.par

• Redirect to the jsp page after user authenticated successfully  …

  Here is the requirement …
  I’m using “JAAS – Custom Login Module” for user authentication.
  I have few questions in Portal Logon process …
  1. Exactly at what point I can conclude that the user has been authenticated successfully, because I have to redirect the user to some other page for the first time logon to enter some information, subsequent logins shouldn’t be redirected. (I can update flag upon entering information).
  2. Where should I add my redirection code? Is it in my JASS Custom Login Module?
  If yes, how can I do that ? I’m more consider on “where should I add it”?
  3. Do I need to change my “UmLogonPage.jsp” to complete my requirement?
  4. Once after entering the Logon information, who will call my JASS – Custom Login Module for authentication? If authentication has failed who will return the control back to the “umLogonPage.jsp”?
  5. In my JASS Custom Login Module, I have no redirections except having logic for authentication process, and some Login Exceptions are thrown for failure logins.
  6. Who will catch these exceptions for failure logins to redirect back to the “umLogonPage.jsp”.
  7. Finally I like to know where can I add my redirection logic once the user has been authenticated successfully?
  8. last but not least can any of the experts explain the whole login process (using JASS module)? How the control goes from one component to another?
  Any kind of help is appreciated.
  Points can be awarded for useful answers.
  Thanks
  MMK

  Thanks a lot for your valuable reply.
  yes what you said was correct, storing information in R/3 System and getting the details from FM using Connector framework.
  You said i have to modify "header.jsp", can you please tell which .par file should i get to modify?
  one more question to you ... i have provide custom logon error messages to the user ... i did all the modification in logon.par and deployed in EP 6 .. working fine .. i can able to see "User ID Missing" , "Password Missing" etc ..
  when i place same peace of code in EP 7 it always displaying "User Authentication failed". can u guess what whould be the problem?
  Thanks
  MMK

• Web Auth Type: Customized(downloaded) Redirect URL after login not working.

           5508WLC as anchor controller with WLC1 and WLC2 with WCS. I have 2 public ssids set up to go directly to the internet.
  Everything is working as it should.  I downloaded the web auth bundle from Cisco and  will just use a disclaimer page and then if the user clicks on the accept button they will be redirected to our company web page, and then they can get out to the internet.
  I have edited the aup.html and login.html to say what I want it to.  I have 2 different login.html pages and bundle to a .tar file like the documentation says.  I download it via tftp to the controller and it is successful. The disclaimer page opens up when I connect and it looks as it should.  The problem is I cannot seem to get the accept button to work. It redirects to a web page but it is undefined. 
     I must be missing some setting somewhere, but I just can not seem to find it.  Is there any line I need to edit in the login.html files that will redirect the page.    The config on the Web Login Page  Redirect URL after login is http://www.mccg.org which is our home page.
  Any help will be appreciated.  I cannot seem to fine very good documentation, or I am just overlooking something.
  Thanks
  John   

  Your HTML code is wrong. Attach your code if your okay with it and I can check.
  Sent from Cisco Technical Support iPhone App

• User authentication error after a successful authentication

  Hi,
  I have configured OAM 10g (10.1.4.3).It uses AD as the Directory server and OHS 11g (11.1.1.6) as the web server.
  Created a policy domain with the resouce URL /test.Created an authentication scheme which has the plugins: credential_mapping, validatepassword and a custom plugin which is a ".dll" file.
  So when i browse the URL http://IP:7777/test (Resource URL in policy domain), it redirects me to "/public/login.html" page which is the login page and resides in the web server. The login page consists of 3 fields: username, password and security code. This performs a 2 factor authentication. The first factor "username + password" is validated against AD, the second factor (username + security code) is validated against RADIUS, the custom plugin takes care of this.
  When the user is redirected to "/public/login.html", i can see the cookies "obFormLoginCookie" and "ObssoCookie" in the browser (mozilla). These 2 cookies are present even before the user authentication.
  User authentication works fine and user is redirected to a page which says "Authentication successful". This page doesn't have a logout button, you just have to close the page and login again.
  The next time when the user browses the URL "http://IP:7777/test (resource URL in Policy domain), it ideally has to redirect to "/public/login.html" where you have the form, but it throws an error saying "Not Found.The requested URL /test isn't found". But when i directly access the login page "/public/login.html", it would give you the login page and when i enter the credentials, this time it says "Not Found.The requested URL /access/dummy.cgi isn't found.
  /access/dummy.cgi" is the action URL present in the login page, the same is present in the authentication schemes.
  But when i clear the cookies, and login again, this time the authentication would be successful. So, i will always have to clear the cookies and login, which i think isn't feasible. Is the above mentioned error message expected? I just Couldn't understand the behaviour of these cookies in this context.
  Any ideas/suggestions would be really helpful to me.
  Thanks.
  Edited by: 886322 on Apr 12, 2012 4:11 AM

  Try to disable authorization and see if this error stops

• OIM - Redirection URL in a Authentication Rule Action must not contain "?"?

  Hello,
  we run OAM to secure some APEX-Application. For one or two reasons we have to use a redirection URL to forward after successfull authentication with Form-Based-Authentication to the application. This works wonderfull with "normal" HTML-Pages. But as soon there is a parameter to be delivered, the Parameter Redirection URL isn't interpreted correct anymore.
  An Example:
  Redirection URL: https://test.net/test/index.htm
  works wonderful, after authentication user is forwarded to the specified URL.
  Redirection URL: https://test.net/pls/htmldb/f?p=300
  does not work, after authentication user is forwarded to https://test.net/pls/htmldb/f. Everything after the "?" (within ?) is being cut off.
  Is it possible to enter a URL for redirection with parameter identifiers like "?" ?
  Regards
  Hans

  Already found a solution,
  when entering only /pls/htmldb/f?p=300 it works...
  strange..

• Force re-authentication to access certain URLs after authenticated by OAM?

  Hi,
  I have not came across this requirement, but curious if anyone ever implement this? Or this is possible at all?
  Basically, after a user is authenticated by OAM, is it possible to force a re-authentication of each access to certain URLs?
  Thanks

  Hi ,
  I presume that you are looking for a step-up authentication. Yes, Sagar is correct. That is one of the way to do it.
  But ideally when you prefer higher authentication for more secured resources, you can challenge the user with KBA question and that is what most of customers use (either Banking applications etc.,). So in that case, OAAM is the best choice for it, where you can configure KBA questions while user first login.
  -M

• CSS: "authentic​ation failed" after successful fingerprin​t authentica​tion - twice!

  T61p
  CSS: 8.10.0006.00
  Vista 32 Ult
  After successful fingerprint login, CSS states that the Windows password had been changed (it hasn't) and then asked me to verify that the CSS password matched my Windows password; this failes, even though the password entered is correct. This dialog pops up until it is cancelled.
  I've also lost the ability to use my fingerprint reader to login to websites, it says that
   - the print is okay, with that green checkmark, but then
   - proceeds to say "authentication failed"
  The password manager does not show up any more if started.
  @ lenovo: any ideas, this is a very annoying one! And it is old, I think. Any ideas, before I go and buy
      an  Apple?
  Moderator Note; please update your profile with your correct country location as per the forum rules. Products, options and services vary from market to market. Knowing your location helps us help you
  Message Edited by andyP on 06-21-2008 09:54 PM

  I have the same issue here.
  The fingerprint software is working perfectly and it is properly linked with the Windows password so I can logon with no problems. However, right after I get the message the password has been changed when it hasn't.
  The issues start when I need to use the Thinkvantage Password Manager or any other CCS applications. It does recognize my finger but it says "authentication failed".
  I have emailed Lenovo and they recommended me to removed the CCS and the fingerprint software. I did it and it didn't work. Then they said I should take my laptop to a service center because it is no longer in warantee period.
  In my case, all these issues began when I updated the CCS to the newer version (8.2)
  I have read in other forums that it has to do with TPM or security chip encryption. It seems the CCS has not taken control over it. They state all will be fixed once the chip is clear which is done thru the BIOS>Security Chip>Clear Encryption. The big problem is that all encrypted data is erased in the process!!!
  I have used the password manager for so long now with no problems that I have forgotten most of the keywords.
  T60
  Vista Ultimate 32 bits
  CCS 8.2

• Pinterest still blocked, even after adding to custom URL exception

  Hi,
  In WSA I have a custom URL list for exception which are allowed from Proxy.
  I have added pinterest.com in the exceptions list. For some users website work perfectly fine via proxy, but the users which are using the global policy cannot open this website. In global policy that custom URL is allowed, even policy trace with that AD users shows that URL is allowed via custom URL list but user gets proxy error denied?
  Is there something I am missing in configuration?
  Regards,
  Sakun Sharma

  Hi Sakun,
  the best way to troubleshoot this kind of issue is to grep/tail logs from WSA, policy trace is not always accurate. So :
  - connect to your WSA via ssh and type the 'grep' command;
  - at the following prompt select 'accesslogs'
  - at the prompt Enter the regular expression to grep insert the ip address of a user that cannot display the website
  - at the prompt Do you want this search to be case insensitive? [Y]> press enter
  - at the prompt Do you want to search for non-matching lines? [N]> press enter
  - at the prompt Do you want to tail the logs? [N]> type 'y' and press enter
  - at the prompt Do you want to paginate the output? [N]> press enter
  then from the client with ip address you inserted before try to connect to pinterest, on WSA you will see the logs, to stop log collection press CTRL+C . Post here the output of the logs.
  Regards,

• LPM Custom URL for Force change password

  Hi All,
  I have configured LPM in OAM Identity Server, In the password policy i have given the custom URL of my application for the change password screen after resetting the password.
  The issue here is... When the user tries to login with the new password (resetted password) it is not redirecting to the force change password page...

  I am having a similar issue with getting this feature to work.
  I have the Force Change Password on Next Login checked, and I'm using (just for testing purposes) the amadmin account as the Bind DN.
  Then when I configure a secret question for a user account, and change the password, then log in with the new password, I go to the configured "Default Success URL", and I am never forced to change my password.
  Does anyone know what the expected functionality is when this does work?
  I'm working with Identity 6.1 on a Solaris box.
  Thanks for your time.
  chris