Custom login page to POST to login.fcc with SecureURLs enabled

Document ID : KB000056337
Last Modified Date : 04/10/2018
Show Technical Document Details
Introduction:

 

Use custom login page to POST to login.fcc with SecureURLs=yes.

 

If this is not setup correctly, webagent trace will logged the following error:

[CSmHttpPlugin::ProcessResource][Error. Unable to handle request in Secure mode.]

 

With SecureURLs enabled, Web Agent encrypts all SiteMinder query parameters (e.g: smagentname, target) in a redirect URL, further securing Agent interactions. All the query parameters are grouped into a single query parameter called SMQUERYDATA.

 

 

     

    Background:

     

    You can use the OOTB login.fcc. However, if you are using custom FCCs, you must add the smquerydata directive along with other FCC directives, such as TARGET to the custom FCC.
    < >Customize custom login page (ASP/ JSP page) to extract the SMQUERYDATA from the redirect response, append the SMQUERYDATA to the subsequent POST request as query string and as POST data.
    Instructions:

    SETUP

    1. 1.       Setup form authentication scheme that reference the custom login page e.g: login.asp.
    2. 2.       Customize the login.asp to extract the SMQUERYDATA from the redirect response, POST to login.fcc with SMQUERYDATA appended to the URL as query string and as POST data.
    3. 3.       Customize the login.fcc to include the following directive: <INPUT type='hidden' name='smquerydata' value='$$smquerydata$$'>
    4. 4.       Apply this authentication scheme for a protected realm.
     

    POINTERS

    HTTP Header trace will capture the POST data and request redirections. The trace will help to identify the failing point within the login process.
     
    Additional Information:
    This has been incorporated into the documentation. Please visit 
    docops.ca.com for your version for updated information