Avoid displaying the Authentication screen in Portal.
There are a few ways to do this:
1) Customize the login form for all CRS applications
(httproot/framework/secured/crs/ex/ex_crs_form_auth.jsp). This has the
main negative side effect of preventing anyone from creating an SSO for any managed application from the CRS web form authorisation method. This works for scenarios that require a centralized control of
managed passwords - i.e. from the administration GUI.
2) Add the attribute formJsp="some custom jsp relative to the application root"
to the appropriate AuthException tag in the resolver file. This will run that JSP when that action is hit.
3) Remove the AuthException tag and replace it with something similar to the below:
<!--Throws an exception to discontinue processing -->
<!-- sets the mime type for the final response -->
<HandleMime order="a" findValue=".*"
<!-- Removes all cookies from the response -->
<HandleCookie order="a2" name=".*" findValue=".*" replaceValue=""/>
<!-- Sets the response code -->
<HandleResponseCode order="a2" findValue=".*" replaceValue="200"/>
<!-- Removes the location header if any to prevent redirection -->
<HandleHttpResponse order="a2" name="location" matchCase="false"
<!-- Output all the HTTP headers to the response -->
<!-- Output a custom message -->
Some custom message.
Webtop actually uses this method within its resolver file for expired
sessions. Alternatively HandleFile or HandleJSP can be substituted for
HandleText if you want to output from a physical file or JSP respectively.
For version 2.1.2+ of Netcool Portal, a feature has been added to prevent the user from entering in any
login information if the authentication is scoped to either the domain or the role. In this case, if a login fails, the user gets a message simply saying that they are not authorized edit that information. The action presents /httproot/framework/secured/crs/ex/ex_crs_secauth.jsp). This method is recommended as probably the best means to solve the problem - assign the username/password to either the domain or role and all users will display that page when/if the authentication fails.
Rate this page:
Copyright and trademark information
IBM, the IBM logo and ibm.com are trademarks of International Business Machines Corp., registered in many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other companies. A current list of IBM trademarks is available on the Web at "Copyright and trademark information" at www.ibm.com/legal/copytrade.shtml.