Previous Topic: Login Page Use Cases

Next Topic: Embedded Form on a Web Portal

Stand–Alone Login Page

In this use case, SiteMinder directs users to a stand–alone login page when they request a protected resource. Specifically:

The following diagram illustrates the authentication process for this use case:

Illustration of the authentication process using a dynamic login page

  1. A user requests a protected resource.
  2. The Web Agent contacts the Policy Server, which determines that the resource is protected.
  3. The Web Agent redirects the user request to login.asp.
  4. The user submits invalid credentials. The credentials are posted to the login.fcc file and processed by the FCC.
  5. The FCC forwards the credentials to the Policy Server.
  6. The Policy Server determines that the credentials are invalid and notifies the FCC.
  7. The FCC inserts the SMTRYNO cookie into the web browser of the user and redirects the user to the login page.
  8. The login page refreshes with an error message. The error message states that invalid credentials were supplied and to try again.
  9. The user submits invalid credentials. The credentials are posted to the login.fcc file and processed by the FCC.
  10. The FCC forwards the credentials to the Policy Server.
  11. The Policy Sever determines that the credentials continue to be invalid and notifies the FCC.
  12. The user has exceeded the maximum number of failed authentication attempts and is redirected to a page that displays a failed authentication message.


Copyright © 2010 CA. All rights reserved. Email CA about this topic