How to display invalid login error message in the login page

Document ID : KB000010265
Last Modified Date : 14/02/2018
Show Technical Document Details
Introduction:

In this blog we will discuss about the steps required to display various login related error message in the login page when using the FCC form authentication

Environment:
Policy Server : ANYWeb Agent : ANY
Instructions:
  • Configure OnAuthAttempt response to set ErrorMsg cookie with value "User Not Found".

authattempt.jpg

  • Configure OnAuthReject response to set ErrorMsg cookie with value "Wrong password. Try again."

authreject.jpg

  • Configure OnAuthAccept response to expire the ErrorMsg cookie on successful authentication.

authaccept.jpg

  • Associate these Responses with the respective rules.

policy.jpg

  • Create an HTML FORMS authentication scheme using customlogin.fcc

authscheme.jpg

  • Save the attached customlogin.fcc in the <webagent>/samples/forms/ directory
  • Restart web server.

 

 

 

Note : In order for web agent to do 302 redirect to back to the login page and to be able to read the error message cookie, the display login form and form being posted to needs to be different.

i.e you need to provide a different FCC form in the FORM ACTION field.

In this example, our login page is customlogin.fcc but instead of posting it to self , it is posting to the OOTB login.fcc

<form NAME="Login" ACTION="/siteminderagent/forms/login.fcc" METHOD="POST">

 

Testing:

  • Invalid User ID

invalid user.jpg

  • Invalid credential

invalidcreds.jpg

  • Successful Authentication

succcesful.jpg

 

Attachment:

 

Additional Information:

Communities : https://communities.ca.com/community/ca-security/ca-single-sign-on/blog/2017/03/31/tech-tip-ca-single-sign-on-policy-serverhow-to-display-invalid-login-error-messages-on-the-login-page

File Attachments:
TEC1251864.zip