Archive for April, 2009

Siteminder custom login page – how to post to FCC

April 15, 2009

With Siteminder, it is possible to use a custom login page for HTML forms authentication (other than the default login.fcc). This custom login page can be a .html file, .asp file, .jsp, file, etc. In order to properly authenticate users, this custom page will need to perform a POST to the .fcc. Here are the basic steps to get this to work:

* In the System tab of the Siteminder admin UI, right-click on Authentication Schemes and select Create Authentication Scheme
* For Authentication Scheme Type, select HTML Form template
* Enter the fully qualified name of the web server hosting your login page
* For Target, enter the relative path to your custom page. By default, this will be set to “/siteminderagent/forms/login.fcc”. As an example, you may want to set it to “/mycustompages/login.asp”
* In your custom login page (“/mycustompages/login.asp”), make sure the form posts to the login.fcc. The example below assumes you are using the default login.fcc located in the forms directory:
o form id=”myform” name=”myform” method=”POST” action=”/siteminderagent/forms/login.fcc
* Also, your custom login page must contain the following parameters (which Siteminder expects to be present on the POST request to the .fcc):
o input type=text name=”USER”>
o type=password name=”PASSWORD”>
o input type=hidden name=target value=””> [note: in this example, we are parsing the target from the query string. you could also hardcode it]
* Assuming your Web Agent has been properly configured, when users now attempt to access Realms protected using this new Authentication Scheme, they will be redirected to your custom login page.
* After entering their credentials and submitting the form, the POST to the FCC will take place which will authenticate the user and redirect them to the original protected target.

More Here