Previous Topic: Collect Additional Attributes

Next Topic: Configure an HTML Form Authentication Scheme

Tell Users Why Login Failed

The default behavior of forms-based authentication is to redirect unauthenticated or unauthorized users back to the original login form. Although you can configure the smretries directive (@smretries) to provide users with additional login attempts, the default behavior does not let you display a message that informs users why the login failed.

The SiteMinder Web Agent is shipped with the DynamicRetry.fcc and DynamicRetry.unauth files. This sample pair of .fcc files changes the behavior of the redirect. The login page (DynamicRetry.fcc) is configured to send users to the unauthorized page (DynamicRetry.unauth) after one failed login attempt. The unauthorized page is a different HTML page than the login page. As a result, the unauthorized page can contain a message stating why the login failed. By default, the unauthorized page is configured with a message that informs users that they have entered invalid credentials for the resource they are attempting to access.

Note: You can change this message by opening DynamicRetry.unauth and updating the text in between the h3 tags.

To tell users why login failed, specify the target path to the DynamicRetry.fcc file when configuring the authentication scheme. The default path to the DynamicRetry.fcc file is agent_home\samples\forms\DynamicRetry.fcc

Consider the following limitations when using the DynamicRetry pair of .fcc files:


Copyright © 2010 CA. All rights reserved. Email CA about this topic