Previous Topic: Servlet-based Password Services JSP Form Customization

Next Topic: Modify Servlet-based Password Services JSP Forms

Overview of Servlet-based Password Services JSP Forms

The Password Services servlet uses JSP forms to collect password information from users and send it to the Policy Server. The Policy Server checks the information against the password policy and then sends a message back to the Password Services servlet using another form.

The SiteMinder Web Agent installation provides form templates that you can customize. The sample JSP forms are installed in the following locations:

Where <Web-Agent-Install-Dir> is the SiteMinder Web Agent installation directory.

The templates include the following:

Template

Description

PWAccountInactive.jsp

Informs users that their account has been disabled due to inactivity.

PWChange.jsp

Requires users to change their password before accessing the protected resource. Users must enter their old password, new password, then confirm the new password.

PWChangeAccept.jsp

Informs users that their password has been changed successfully.

PWChangeErr.jsp

Informs users that their password has not been changed because of an internal problem, such as a server overload, which caused the password change request to fail.

PWExcessLogin.jsp

Informs users that they have exceeded the permissible number of login attempts. Users must wait a specified amount of time before attempting to log in again or contact the administrator to reactivate their password.

PWChangeMismatch.jsp

Informs users that the password they selected is not valid and prompts them to select a new one.

PWChangeOption.jsp

Allows users whose passwords are about to expire to change their passwords now or be reminded later. Users can enter their old password, new password, and confirm a new password.

PWExpired.jsp

Informs users that their password has expired.

PWAccountDisabled.jsp

Informs users to contact an Administrator because their account has been disabled.

PWSelfChangeLogin.jsp

Allows users to change their passwords from a login page.

PWLogin.jsp

Allows a user to enter credentials and login. This .jsp file generates the form shown to the user for login if the redirect path in the HTML Forms Based authentication scheme to the servlet (i.e.
/siteminderagent/pwservlet/
PSWDChangeServlet).

UserMsg.jsp

UserMsg.jsp returns the messages depending on the reason of user rejection.

PWExpiredLogin.jsp

When a user's session expires, this .jsp displays a login screen to allow a user to establish a new session.

PSWDChangeError.jsp

This jsp informs users that their password has not been changed because of an internal problem, which caused the password change request to fail.

PWAuthLevelLogin.jsp

If a user with an established session attempts to access a resource that is protected at a higher level than the original resource requested at login, this .jsp presents a form that allows the user to authenticate again, gaining access to the more secure resource.

Resource.jsp

Specifies the content type as UTF-8 and indicates the resource bundle that contains localized strings for all password services forms.

More information:

Modify Servlet-based Password Services JSP Forms


Copyright © 2010 CA. All rights reserved. Email CA about this topic