In CA Access Gateway environment, it could be useful to setup a login page directly on the Apache Proxy.
As there are some rules in the httpd.conf we should be careful on where to put the files to prevent the mod_jk to send information to tomcat for proxying requests.
Root cause :
in httpd.conf we have the following
JkUnMount /*/siteminderagent/forms/images/* ajp13
AliasMatch /*/siteminderagent/forms/images/(.*) "C:/Program Files (x86)/CA/secure-proxy/proxy-engine/examples/siteminderagent/forms/images/$1"
1. Copy CUSTOM_POST.fcc to C:\Program Files (x86)\CA\secure-proxy\proxy-engine\examples\siteminderagent\forms
2. Copy custom_image.png and custom_style.ccs to C:\Program Files (x86)\CA\secure-proxy\proxy-engine\examples\siteminderagent\forms\images
3. Modify the CUSTOM_POST.fcc to reference correctly the custom_image.png and custom_style.ccs files
<link rel="stylesheet" href="/siteminderagent/forms/images/custom_style.css" />
<img id="bordergradient" src="/siteminderagent/forms/images/custom_image.png" />
4. Form authentication scheme :
webservername : server.domain.com
port : apache port (88)
target : /siteminderagent/forms/custom_post.fcc
Once these instructions applied, you'll get the custom_post.fcc served by the Apache from CA Access Gateway.
How to fix the deployment location of login pages on CA Access Gateway (formerly SPS Secure Proxy Server) :