We are not using CA SiteMinder for OpenID connect provider, we use API Gateway with OTK and using CA SSO for authentication of uid/pwd only.
For example..
1. User goes to
https://www.coke.com/login-sso2. In this above page, user has an option to click 'Login with COMPANY-A-Z'
3. User clicks the 'Login with COMPANY-A-Z' button and user is redirected to COMPANY-A-Z login page along with OpenID parameters
4. User enters invalid uid or pwd in the login page of COMPANY-A-Z
https://login.COMPANY-A-Z.com5. Since user enters invalid uid/pwd, user is redirected to failed page
https://login.COMPANY-A-Z.com/failed-login.htmlIn this failed-login.html, we have a try again link and if user clicks that try again link, how can we get the openID parameters again which he came with in above step#3.
Original Message:
Sent: 02-18-2020 07:29 AM
From: Ronald Dsouza
Subject: Bad Login redirect page in AUTH server
Usually Authorization Code has a callback url or redirect_uri that it redirect to post Authorization. Looking at this article it is a required parameter in your POST
https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-identity-and-access-management/single-sign-on/12-8/configuring/use-ca-single-sign-on-as-openid-connect-provider.html
------------------------------
Pre-Sales Consultant
CA Southern Africa
Original Message:
Sent: 02-17-2020 12:47 PM
From: Suthakar Maharajan
Subject: Bad Login redirect page in AUTH server
It's not SAML... we use openID connect authorization code flow.
Original Message:
Sent: 02-17-2020 11:03 AM
From: Ronald Dsouza
Subject: Bad Login redirect page in AUTH server
Do you have parameter like target, spurl or relaystate in you url .. Usually that hold the page to redirect to...
This is one of the external guide for integration that covers the requirement we use for one of our integration https://help.zscaler.com/zia/saml-configuration-guide-ca-single-sign-on
------------------------------
Pre-Sales Consultant
CA Southern Africa
Original Message:
Sent: 02-17-2020 10:21 AM
From: Suthakar Maharajan
Subject: Bad Login redirect page in AUTH server
Hello there,
We have L7 API Gateway 9.4 with OTK 4.3 version. We use CA SSO for authentication and authorization. My question is, when user clicks login from the RP application the Auth server gets clientid, redirecturi, scope etc and in the Gateway policy we send the user to CA SSO if there is no SMSESSION exist. So user logs in with good uid/pwd and he is able to login. Everything is fine here.
However when user enter enters invalid uid/pwd, we redirect the user to a login failed page and now if user wants to login again, what URL should we redirect the user and with what parameters?
Thanks