Symantec Access Management

Tech Tip : CA Single Sign-On :Policy Server:How to set custom error message using custom authentication scheme

By Ujwol posted 10-05-2016 02:15 AM

  

Summary:

In this guide we will discuss how to set custom error messages while using custom authentications scheme (java)

Environment:

  • Policy Server : R12.0+
  • OS : ANY

Instructions:

 

To set a custom error message, from custom authentication scheme you will need use SmAuthenticationContext.setUserText() API.

 

At the client end, then the error message is set as a SMUSRMSG cookie response.

 

Example : In the following sample, if the user logs in with invalid credential , a custom error message is set.

 

Modify custom authentication scheme to set custom error message

try
{
authUserText = theUserContext.authenticateUser(thePassword);
}
catch (Throwable exc)
{
// insure subsequent code knows the authentication attempt failed
authUserText = null;
}

if (null == authUserText)
{
context.setUserText("Custom Error : Authentication Failed..");

 

return
new SmAuthenticationResult(SmAuthStatus.SMAUTH_REJECT, SmAuthenticationResult.REASON_NONE);
}

 

Modify login page (login.asp for e.g) to read the SMUSRMSG cookie and display if the value is not empty 

if Request.Cookies("SMUSRMSG") <> "" then
response.write "<h2>"+ Request.Cookies("SMUSRMSG")+ "</h2>"
END if

 

Testing:

 

 

Attachment

  • Sample CustomErrorMessage.java - Sample Custom Authentication scheme
  • login.asp - Sample custom login page
  • Fiddler.saz - sample http header capture from the testing

Additional Information:

0 comments
9 views

Permalink