I've created a custom authentication filter and gotten it working with our O

tmalaher over 11 years ago

I've created a custom authentication filter and gotten it working with our OpenSSO environment.
The only problem seems to be what to do when the user is a known SSO user, but does not have a corresponding Appian account. We are NOT auto-creating accounts, they have to be pre-provisioned by a separate process, which means that someone with a valid SSO token can end up hitting the class that extends AbstractAuthenticationProcessingFilter.

In the attemptAuthentication(req,res) method, I do a lookup to see if the SSO user has an account in Appian, and if not I throw a PreAuthenticatedCredentialsNotFoundException.

This then causes a "500 Server Error" page to display. Not very friendly.

What's the right way to do this? I want to be able to display a page with a useful message. Something like:
"Hello John Smith. I see you are trying to use Appain, but you have not requested access yet. Please visit [insert url here] in order to sign up."

Sin...

Discussion posts and replies are publicly visible

Parents

0 hrishikeshd over 10 years ago

Hi tmalaher, could you please let me know which sso agent you used, and the authentication filters used for it?
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel

Reply

0 hrishikeshd over 10 years ago

Hi tmalaher, could you please let me know which sso agent you used, and the authentication filters used for it?
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel

Children

No Data