Previous Topic: User Provisioning at the Relying PartyNext Topic: Export Metadata to Aid Partnership Configuration

Federation GuidesPartnership Federation GuideApplication Integration at the Relying PartyFailed Authentication Handling Using Redirect URLs (Relying Party)

Failed Authentication Handling Using Redirect URLs (Relying Party)

Assertion-based authentication can fail at the site that consumes assertions. If authentication does fail, you can configure CA SiteMinder® to redirect the user to different applications (URLs) for further processing. For example, when user disambiguation fails, you can configure CA SiteMinder® to send the user to a provisioning system. Setting up redirect URLs is optional and is only configurable at the relying party.

To configure the redirect URLs

  1. Begin at the Application Integration step of the partnership wizard.

    In the Status Redirect URL section of the dialog, specify redirects only for the specific failure conditions that you want. For SAML 2.0, you can also configure redirects for specific HTTP error conditions.

    Note: Click Help for a description of fields, controls, and their respective requirements.

  2. For each redirect option you configure, specify the method by which CA SiteMinder® redirects the user. The options are:
    302 No Data (default)

    Redirects the user with an HTTP 302 redirect and no data.

    HTTP Post

    Redirects the user with the HTTP Post protocol.

Configuration of the redirect URLs is complete.