Symantec Access Management

 View Only
  • 1.  Siteminder Custom login page - smauthreason issue

    Posted Jan 30, 2017 03:56 PM

    As per the CA community i created a custom login using .net [aspx] frame work and posted User creds to login.fcc

    Now, when i provide invalid creds - i am unable to fetch SMAuthreason code.

     

    Note: i have create an ACO with secureURL to "yes".

     

    advise

     

    here is the sample is used in form section

     

    <form action="login.fcc" method="post">
    <div class="formRow">
    <table>
    <tr>
    <td><P><span>Username :</span></P></td>
    <td><P><input name="username" type="text" value=""
    style="width:150px" /></P></td>
    </tr>
    <tr>
    <td><P><span>Password :</span></P></td>
    <td><P><input name="password" type="password" value=""
    style="width:150px" /></P></td>
    </tr>
    </table>
    </div>

    <INPUT TYPE=HIDDEN NAME="SMENC" VALUE="ISO-8859-1">
    <INPUT type=HIDDEN name="SMLOCALE" value="US-EN">
    <INPUT type=HIDDEN name="SMRETRIES" value="1">
    <input type=hidden name=target value="$$target$$">
    <input type=hidden name=smquerydata value="$$smquerydata$$">
    <input type=hidden name=smauthreason value="$$smauthreason$$">
    <input type=hidden name=smagentname value="$$smagentname$$">
    <input type=hidden name=postpreservationdata value="$$postpreservationdata$$">


    <div class="formRow">
    <P><input name="submit" type="submit" value="Login" />
    <input name="Reset" type="reset" /></P>
    </div>
    </form>



  • 2.  Re: Siteminder Custom login page - smauthreason issue
    Best Answer

    Posted Jan 30, 2017 09:27 PM

    Hi Manju,

     

    If you set secureURL=yes, you can NOT read any of the query parameter ( e.g smauthreason, target etc. ) as all of these parameter will be encapsulated into just one encrypted query parameter.

     

    SMAUTHREASON is normally available as HTTP_SM_AUTHREASON header but unfortunately it is available only POST authentication. So , for your case as the user credential is invalid, that is OnAuthReject event, so this header isn't available.

     

    I have submitted an enhancement request to make the HTTP_SM_AUTHREASON header available even during OnAuthReject but that is still under review by PM.

     

    SM_AUTHREASON header during Authentication Failure 

     

    Let me know if any questions.


    Regards,

    Ujwol Shrestha



  • 3.  RE: Re: Siteminder Custom login page - smauthreason issue

    Posted Jan 14, 2020 10:39 AM
    Hi,

    Just checking if the latest releases has the capability to send HTTP_SM_AUTHREASON header even in case of authentication failures?

    Thanks
    Vijay