Policy Server Guides › Policy Server Configuration Guide › Password Policies › Remove the Login ID When Redirecting for Password Services

Remove the Login ID When Redirecting for Password Services

During password services processing, a user's request is redirected multiple times. When the request is redirected, the login ID (typically the username) which was entered by the user, is appended to the request URL by default. To modify the default behavior so that the login ID (username) is not appended to redirects, you can do one of the following procedures.

To remove the login ID when redirecting for password services in Windows

1. Add the following registry key:

   HKEY_LOCAL_MACHINE\SOFTWARE\Netegrity\SiteMinder\CurrentVersion\Authentication\DisallowUsernameInURL
   

2. Set the DWORD value to one of the following:
   • 0 — Applies the default behavior of appending the UID to the request URL.
   • 1 — Changes the default behavior so that the UID is not appended to the request URL.

To remove the login ID when redirecting for password services in UNIX

1. Navigate to:

   <policy-server-install-dir>/registry/
   

2. In a text editor, open the following file:

   sm.registry
   

3. Add the following registry key:

   HKEY_LOCAL_MACHINE\SOFTWARE\Netegrity\SiteMinder\CurrentVersion\Authentication\DisallowUsernameInURL
   

4. Set the DWORD value to one of the following:
   • 0 — Applies the default behavior of appending the UID to the request URL.
   • 1 — Changes the default behavior so that the UID is not appended to the request URL.

Note: If you choose to modify the registry setting so that the login ID is not appended to password services redirects, password services automatically uses the templates with the PWnn prefix. These templates are described in CGI-based Password Services HTML Form Templates.