[OpenAM] default processing question
Bernhard Thalmayr
bernhard.thalmayr at painstakingminds.com
Wed Feb 1 02:59:08 EST 2012
Actually OpenAM should only sent the user to the value of the 'goto'
Url in case of a successfull authentication. If authentication fails
the 'authentication failed page' should show up.
If you request <OpenAM-URL>/UI/Login?goto=<some-url> in the browser
and provide wrong credentials by intention what's going to happen?
I just did that test and it behaves as expected.
You may also look into the debug files (set debug level for
'authentication' logger , f.e. using Debug.jsp) to get an idea what's
going on.
-Bernhard
On 1/31/12, Irvin Betts <irvin.betts at sungard.com> wrote:
> If I have a openam login url that contains a goto .. if the user fails
> authentication they are still sent to the application defined in the goto,
> instead of being stopped at the door (so to speak) ... is this the default
> behaviour ? Should I instead place the contents of the goto stmt in the
> default success url location for that realm?
>
> To add a twist - it is possible to have multiple default success locations
> ... should these be handled through an agent instead?
>
> *Irvin Betts* ▪ OSS Tools Development
> SunGard Availability Services ▪ 2481 Deerwood Dr, San Ramon, Ca 94583
> Tel 925-831-7790 ▪ Cell 559-940-1196
> irvin.betts at sungard.com ▪ http://www.sungardas.com
>
> Think before you print
>
> CONFIDENTIALITY: This e-mail (including any attachments) may contain
> confidential, proprietary and privileged information, and unauthorized
> disclosure or use is prohibited.
> If you received this e-mail in error, please notify the sender and delete
> this e-mail from your system.
>
--
IT-Consulting Bernhard Thalmayr
- Painstaking Minds -
83620 Vagen (Munich area)
Germany
More information about the OpenAM
mailing list