OpenIG : Execute Password Replay Filter When User Redirected to Login page.

This topic contains 1 reply, has 2 voices, and was last updated by  violette 2 weeks, 3 days ago.

  • Author
    Posts
  • #25967
     Avneesh991 
    Participant

    Hello All,

    We have a scenario when user is redirected to the Login Page directly upon idle session timeout occurs. In this case, user is redirected with the resourceURL as query parameter which is the URL of the page when idle session timeout triggered.
    In this case, our PasswordReplyFilter is not triggering as the user is directly coming from the login URL. To handle this scenario, we have added a StaticResponseHandler which does the 302 to the resourceUrl parameter which is a protected resource and application returns the login page as well which triggers our PasswordReplayFilter as well.

    But there is case, when there is a popup appears in the browser which has the resourceURL Param which is pointing to a refresh.jsp. This refresh.jsp is nothing but reloads the parent window. In this, case when we directly hit refresh.jsp URL, application doesn’t returns the login page. It directly load the page. Since, application is not returning the login page when hitting refresh.jsp – PasswordReplayFilter doesn’t get executed and unable to renew the session.

    How can we directly execute the PasswordReplayFilter if user is directly visiting the login page and login page is not coming in response.

    Any pointers will be highly appreciated.

    Thanks,
    Avnish

    #26072
     violette 
    Participant

    Hi Avnish,
    Sorry for the delay.
    I am not sure to understand your need, but for your question:

    How can we directly execute the PasswordReplayFilter if user is directly visiting the login page and login page is not coming in response.

    Note that the replay credentials in a single composite filter for the following cases:
    – When the request is for a login page
    – When the response contains a login page

    maybe you can try to use the ‘loginPage’ and ‘loginPageContentMarker’ attributes.
    There is some example of the PasswordReplayFilter there: https://backstage.forgerock.com/docs/ig/6.5/gateway-guide/#template-login-replay-cookie-filters
    but also in the reference: https://backstage.forgerock.com/docs/ig/6.5/reference/index.html#PasswordReplayFilter

    Feel free to share your (commented) route(s) to see if we can help.

Viewing 2 posts - 1 through 2 (of 2 total)

You must be logged in to reply to this topic.

©2019 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?