Implementation Guide › Configuration Considerations › Authentication and a Centralized Login Server › Login Page Use Cases › Stand–Alone Login Page
Stand–Alone Login Page
In this use case, SiteMinder directs users to a standalone login page when they request a protected resource. Specifically:
- A dynamic login page (login.asp) is deployed to the Web Agent host system.
- The dynamic login page is coded to:
- The login FCC file is configured with an @directive (@smretries) to redirect users to a failed authentication page (login.unauth) after two failed authentication attempts.
Note: For more information about configuring an FCC file with @directives, see the Policy Server Configuration Guide.
- A SiteMinder administrator has configured a formbased authentication scheme named Auth1. The target of Auth1 is login.asp.
Note: For more information about configuring authentication schemes, see the Policy Server Configuration Guide.
The following diagram illustrates the authentication process for this use case:
- A user requests a protected resource.
- The Web Agent contacts the Policy Server, which determines that the resource is protected.
- The Web Agent redirects the user request to login.asp.
- The user submits invalid credentials. The credentials are posted to the login.fcc file and processed by the FCC.
- The FCC forwards the credentials to the Policy Server.
- The Policy Server determines that the credentials are invalid and notifies the FCC.
- The FCC inserts the SMTRYNO cookie into the web browser of the user and redirects the user to the login page.
- The login page refreshes with an error message. The error message states that invalid credentials were supplied and to try again.
- The user submits invalid credentials. The credentials are posted to the login.fcc file and processed by the FCC.
- The FCC forwards the credentials to the Policy Server.
- The Policy Sever determines that the credentials continue to be invalid and notifies the FCC.
- The user has exceeded the maximum number of failed authentication attempts and is redirected to a page that displays a failed authentication message.