Application Authorization RRS feed

  • Question

  • Is there a way to default the on-the-fly login page to one authenticator?  I've set up a trunk and would like to authorize some users when they click a link.  The trunk uses a custom authenticator written to use siteminder.  i'm trying to protect the link with RSA SecurID.  If I set the Authorization to just SecurID I get an error that I am not authorized to view the link.  I then applied the Custom Authenticator:Authenticated Users to have view to the link and combined it with SecurID:Authenticated Users with Allow and view access.  Now I get a logon screen and lists both authenticators and defaults to the custom authenticator.

    1)  Is there any way to just use RSA SecurID by itself for Authorization?

    2)  If not,  any way I can force the on-the-fly login to default to SecurID?

    Thanks in advance.

    Thursday, September 1, 2011 5:13 PM

All replies

  • Hi Amig@. The on-the-fly login page can be set to a customized page. You can find it in the Authentication tab of the properties of the trunk. You could take login.asp (the one used by default) as a basis for developing a new one including only the repository in question

    Hope it helps

    // Raúl - I love this game
    Thursday, September 1, 2011 6:25 PM
  • Hi Bingdude,

    glad to see your sideminder repository up and running...

    As Raul mentioned the login.asp or on-the-fly-login.asp page needs some customizations to assist your users in such way. Here are some thoughts on how the build in pages can be changed to meet your requirements. 

    1.) If you're going to use just two different repositories (not including your dummy AD repository). Then you could use a dedicated on-the-fly logon page with hardcoded values (dont use the same page as used for trunk login!). I bet a simple full text replacement from "dont_show_repository = false" to "dont_show_repository = true" and from "<%=login_repositories(0)%>" to "RSARepositoryNAME" (all strings without "" quotes) should do the trick. But i've to admit, that i didn't test this approach before. If the site is not working please enable IIS error messages (if its crashing) or post the HTML code of the page you got (remove the headers and footers^^).

    2.) You can simply add the following string to your login.asp to set the default repository. Fell free to insert this string directly to the top (e.g after global dim's) of the login.asp or create a CustomUpdate login.asp or even a customupdate on-the-fly-login.asp... (personaly i would use the login.asp directly since its just a cosmetic thing^^ :)

    repository = "RSARepositoryNAME"   ' with "" quotes

    Edit: "RSARepositoryNAME" is the name of your repository^^


    • Proposed as answer by Kai Wilke Saturday, September 3, 2011 7:21 AM
    Thursday, September 1, 2011 7:04 PM
  • Thanks for the responses.  I sifted through our custom Login.asp file and was able to use the same code on the UAG.
    Wednesday, September 7, 2011 2:35 PM