I've built a security manager, and it's working as expected.
However, in a SSO scenario I'd like to redirect to 'not-authorised.htm' rather than the default 'login' page.
Is that possible?
I tried some tests, but seem to get a blank page.
Redirect to the login page if the SSO fails is a valid use case. This allows a local user to access the system. Lets say the Manager admin portal is protected by SSO, it is unlikely that Avoka staff are in the your directory. Avoka Cloud hosting team uses local users accounts to login to manager. Further more it gives the team access when the SSO is failing.
There is no easy way that to get it to redirect to the existing "not-authorised.htm' what you want to do without modifying source.There is spring.xml configuration that is done in the TM and Space war file that is under source control. The loginFailureHandler that redirects to the login page is configured in this xml file. This could potentially be changed for a Form Space only after the war file is produced by the installer.
We do not recommend this approach as every time a new version of Transact Manager is installed and hence all your form spaces are recreated, you have to remember to update the xml file.
The other option that you have is to change the html existing login.htm page in the Form Space (See below) to look like the not-authorised.htm page.
Note: Make sure you do not touch the Manager modules login page.
The web plugin is normally used for anonymous access to forms. It doesn't have all the same pages as a standard work space. The styling is minimal to be framed within another 3rd party portal.
I take it your web-plugin uses SSO. In most cases it is only the internal Work Space that uses SSO.
Be careful when adding logos to a border page in the web plugin as it might break the look of other pages. For minimal disruption to existing pages I would consider putting the image border in the login.htm.
thanks for the feedback, and prompt reply.
I understand there are many cases for the built in logic, as you mention above.
Our case is probably an edge case, so a bit of a challenge.
I went with the second, simpler option, and it works OK. I'll need to test further as we develop the solution, but that seems to work fine.
However, I notice that the error page in our corporate space is different to the error page in the web plugin space. The html is the same in the 'not-authorized.htm' file, but the rendered page is different.
I can't seem to find the 'template' or 'border' page that has been customized to include our logo at the top of the page. Do you know which page I need to edit?