SiteMinder SSO Custom Login page

Question

Has anyone got a bare bones custom login page, that will post to the default login.fcc. I'm unsure where to start with this. Presumably it would have javascript code to take a part the query string and then pass it on to the login.fcc

score 4 · Answer 1 · answered Oct 21 '11 at 23:20

Custom login pages are simple- all you have to do is post with the correct variables to the FCC. This snippet is from login.fcc, so in this case the web agent fills in the $$ variables automatically, and then posts to itself. If you are going submit the variables from another source (non fcc) then you will have to make sure to include the agent name, username, password, and target in your post.

<form action="login.fcc" method="post">
                                       <div class="formRow">
                                       <table>
                                               <tr>
                                                       <td><P><span>Username :</span></P></td>
                                                       <td><P><input name="username" type="text" value=""
style="width:150px" /></P></td>
                                               </tr>
                                               <tr>
                                                       <td><P><span>Password :</span></P></td>
                                                       <td><P><input name="password" type="password" value=""
style="width:150px" /></P></td>
                                               </tr>
                                       </table>
                                       </div>

<INPUT TYPE=HIDDEN NAME="SMENC" VALUE="ISO-8859-1">
<INPUT type=HIDDEN name="SMLOCALE" value="US-EN">
<INPUT type=HIDDEN name="SMRETRIES" value="1">
<input type=hidden name=target value="$$target$$">
<input type=hidden name=smquerydata value="$$smquerydata$$">
<input type=hidden name=smauthreason value="$$smauthreason$$">
<input type=hidden name=smagentname value="$$smagentname$$">
<input type=hidden name=postpreservationdata value="$$postpreservationdata$$">


                                       <div class="formRow">
                                       <P><input name="submit" type="submit" value="Login" />
                                       <input name="Reset" type="reset" /></P>
                                       </div>
                   </form>

score 0 · Answer 2 · edited May 01 '18 at 02:17

Based on whether the secureurls feature is enabled or not the paramater that is required to be passed/posted to login.fcc would change.

Here is the summary of the data that is required to be posted to Login.fcc

When SecureURLs=No

The post form data contains following :

Required:

target
smagentname

Optional:

smenc
smlocale
smquerydata
postpreservationdata
smauthreason

Post URL : /siteminderagent/forms/login.fcc

When SecureURLs=YES

The post form data contains following :

Required:

smquerydata

Optional:

smenc
smlocale
target
smauthreason
postpreservationdata
smagentname

Post URL : /siteminderagent/forms/login.fcc?SMQUERYDATA=******

Please refer : https://iamtechtips.com/custom-login-page/

score -1 · Answer 3 · answered Aug 18 '15 at 01:59

-1

<html>
 <body>
  <form action="/verify.fcc" method="post">
   <div class="formRow">
      <table>
        <tr>
          <td><P><span>Username :</span></P></td>
          <td><P><input name="USER" type="text" value="" style="width:150px" /></P></td>
        </tr>
        <tr>
          <td><P><span>Password :</span></P></td>
          <td><P><input name="PASSWORD" type="password" value="" style="width:150px" /></P></td>
        </tr>
      </table>
      </div>
     <INPUT TYPE=HIDDEN NAME="SMENC" VALUE="ISO-8859-1">
     <INPUT type=HIDDEN name="SMLOCALE" value="US-EN">
     <INPUT type=HIDDEN name="SMRETRIES" value="1">
     <input type=hidden name=target value="/protected.html">
   <div class="formRow">
    <P>
     <input name="submit" type="submit" value="Login" />
     <input name="Reset" type="reset" />
    </P>
   </div>
  </form>
 </body>
</html>

answered Aug 18 '15 at 01:59

Pasha

19
4

2

While this code may answer the question, this answer would be much more useful if you explain how this code is different from the code in the question, what you've changed, why you've changed it and why that solves the problem without introducing others. – Blackwood Aug 18 '15 at 02:06
The question was for a "bare bones custom login page". There is no code in the question. Previous answer was part of an .fcc file with $$variables. My answer is a real html code that actually works by posting to an .fcc. A common misconception is that a custom login page has to be an .fcc itself. – Pasha Aug 18 '15 at 12:19
As I said, the code may answer the question, but your answer would be more useful if you provide some explanation (beyond saying that it works). – Blackwood Aug 18 '15 at 12:28
Explain that an html code posts to an .fcc file? OK, here is the explanation: The code posts to verify.fcc file which can be a copy of the login.fcc with "USER" and "PASSWORD" input parameters. the webagent handles the .fcc and allows access if the username and password are correct and the policy is in place for such access to the hidden target "/protected.html" – Pasha Aug 18 '15 at 13:02

SiteMinder SSO Custom Login page

3 Answers3