test

Sun OpenSSO Enterprise 8.0 Administration Guide

Redirecting Users After Service Authentication

Upon a successful or failed service authentication, OpenSSO Enterprise looks for information on where to redirect the user. Following is the order of precedence in which the application will look for this information.

Successful Service Authentication Redirection URL Precedence

The redirection URL for successful service authentication is determined by checking the following places in the following order:

  1. A URL set by the authentication module.

  2. A URL set by a goto login URL parameter.

  3. The value of the Success URL attribute in the user's profile specific to the client type from which the request was received.

  4. The value of the Success URL attribute in the service to which the user is authenticated specific to the client type from which the request was received.

  5. The value of the Success URL attribute in the role entry of the user's profile specific to the client type from which the request was received.

  6. The value of the Default Success Login URL attribute in the realm entry of the user's profile specific to the client type from which the request was received.

  7. The value of the Default Success Login URL attribute of the top level realm specific to the client type from which the request was received.

  8. The value of the Success URL attribute in the user's profile.

  9. The value of the Success URL attribute in the service to which the user is authenticated.

  10. The value of the Success URL attribute in the role entry of the user's profile.

  11. The value of the Default Success Login URL attribute in the realm entry of the user's profile.

  12. The value of the Default Success Login URL attribute of the top level realm.

Failed Service Authentication Redirection URL Precedence

The redirection URL for failed service authentication is determined by checking the following places in the following order:

  1. A URL set by the authentication module.

  2. A URL set by a goto login URL parameter.

  3. The value of the Failure URL attribute in the user's profile specific to the client type from which the request was received.

  4. The value of the Failure URL attribute of the service to which the user has authenticated specific to the client type from which the request was received.

  5. The value of the Failure URL attribute in the role entry of the user's profile specific to the client type from which the request was received.

  6. The value of the Default Failure Login URL attribute in the realm entry of the user's profile specific to the client type from which the request was received.

  7. The value of the Default Failure Login URL attribute in the top level realm specific to the client type from which the request was received.

  8. The value of the Failure URL attribute in the user's profile.

  9. The value of the Failure URL attribute of the service to which the user has authenticated.

  10. The value of the Failure URL attribute in the role entry of the user's profile.

  11. The value of the Default Failure Login URL attribute in the realm entry of the user's profile

  12. The value of the Default Failure Login URL attribute in the top level realm.