For single sign-on processing, you can configure several optional redirect URLs if authentication at the consumer fails. The redirect URLs allow finer control over where a user is redirected if the assertion is not valid. For example, if a user cannot be located in a user store, you can fill in a User Not Found redirect URL and send the user to a registration page.
Note: These URLs are not required.
If you do not configure redirect URLs, standard SiteMinder processing takes place. How a failed authentication is handled depends on the configuration of the authentication scheme.
To configure optional redirect URLs
The SAML 1.x Auth Scheme Properties dialog opens.
If you enter a value for the Redirect URL, you must also choose a mode.
Note: Click Help for descriptions of settings and controls, including their respective requirements and limits.
Federation Web Services handles the errors by mapping the authentication reason into one of the configured redirect URLs, then the user can be redirected to that URL to report the error.
Note: These redirect URLs can be used in conjunction with the SiteMinder Message Consumer Plug-in for further assertion processing. If authentication fails, the plug-in can send the user to one of the redirect URLs you specify.
Copyright © 2012 CA.
All rights reserved.
|
|