For single sign-on processing, you can configure several optional redirect URLs if a user cannot be authenticated at the Resource Partner. The redirect URLs allow finer control over where a user is redirected if the assertion is not valid. For example, if a user cannot be located in a user store, you can fill in a Redirect URL for the User Not Found and send the user to a registration page.
Note: These URLs are not required.
If you do not configure redirect URLs, standard SiteMinder processing takes place. How a failed authentication is handled depends on the configuration.
To configure optional Redirect URLs
The WS-Federation Auth Scheme Properties dialog opens.
If enter a value for the Redirect URL for the Invalid SSO Message status, select a mode.
Note: Click Help for descriptions of settings and controls, including their respective requirements and limits.
Federation Web Services handles the errors by mapping the authentication reason into one of the configured redirect URLs, then the user can be redirected to that URL to report the error.
Note: These redirect URLs can be used with the SiteMinder Message Consumer Plug-in for further assertion processing. If authentication fails, the plug-in can send the user to one of the redirect URLs you specify.
Copyright © 2012 CA.
All rights reserved.
|
|