Appian Community
Site
Search
Sign In/Register
Site
Search
User
DISCUSS
LEARN
SUCCESS
SUPPORT
Documentation
AppMarket
More
Cancel
I'm looking for ...
State
Not Answered
Replies
5 replies
Subscribers
9 subscribers
Views
2889 views
Users
0 members are here
Share
More
Cancel
Related Discussions
Home
»
Discussions
»
Administration
I've created a custom authentication filter and gotten it working with our O
tmalaher
over 10 years ago
I've created a custom authentication filter and gotten it working with our OpenSSO environment.
The only problem seems to be what to do when the user is a known SSO user, but does not have a corresponding Appian account. We are NOT auto-creating accounts, they have to be pre-provisioned by a separate process, which means that someone with a valid SSO token can end up hitting the class that extends AbstractAuthenticationProcessingFilter.
In the attemptAuthentication(req,res) method, I do a lookup to see if the SSO user has an account in Appian, and if not I throw a PreAuthenticatedCredentialsNotFoundException.
This then causes a "500 Server Error" page to display. Not very friendly.
What's the right way to do this? I want to be able to display a page with a useful message. Something like:
"Hello John Smith. I see you are trying to use Appain, but you have not requested access yet. Please visit [insert url here] in order to sign up."
Sin...
OriginalPostID-99647
OriginalPostID-99647
Discussion posts and replies are publicly visible
0
tmalaher
over 10 years ago
...ce I'm being passed the request and response objects in the attemptAuthentication method, am I allowed to use the response to force a redirect? In that case what should the attemptAuthentication method return?
Or should I be throwing a different subclass of AuthenticationException? But how do I control the content of (or the url of) the resulting page? Do I install a custom authentication failure handler, kind of like the way that I install a custom success handler?
Thanks!
Cancel
Vote Up
0
Vote Down
Sign in to reply
Verify Answer
Cancel
0
darbyk
Certified Lead Developer
over 10 years ago
I haven't done this in a while...but in your attemptAuthentication(request, response) method, on a failed login attempt, maybe you can try to set your response via a response.sendRedirect("yourFailedPageURL") to point to another page, (this could be a jsp page you insert in some Appian directory, and have that page whitelisted and/or added to your unsecured spring-security file, or it could be an external webpage).
Maybe another way to do it is to throw a "AuthenticationServiceException"? That exception might not throw a 500 error. Those are just two ideas...hope they help
Cancel
Vote Up
0
Vote Down
Sign in to reply
Verify Answer
Cancel
0
darbyk
Certified Lead Developer
over 10 years ago
...And if you force a redirect, I would think the method should return null
Cancel
Vote Up
0
Vote Down
Sign in to reply
Verify Answer
Cancel
0
hrishikeshd
over 9 years ago
Hi tmalaher, i want to configure SSO using openSSO for Appian 7.5 running on jboss eap 6.2.0, could you please let me know the detailed steps , pointers or any documentation for the same?
Cancel
Vote Up
0
Vote Down
Sign in to reply
Verify Answer
Cancel
0
hrishikeshd
over 9 years ago
Hi tmalaher, could you please let me know which sso agent you used, and the authentication filters used for it?
Cancel
Vote Up
0
Vote Down
Sign in to reply
Verify Answer
Cancel