test

Sun Java System Access Manager 7 2005Q4 Administration Guide

Failed Role-based Authentication Redirection URLs

The redirection URL for failed role-based authentication is determined by checking the following places in the following order:

  1. A URL set by the authentication module.

  2. A URL set by a goto Login URL parameter.

  3. A URL set in the clientType custom files for the iplanet-am-user-failure-url attribute of the user’s profile ( amUser.xml).

  4. A URL set in the clientType custom files for the iplanet-am-auth-login-failure-url attribute of the role to which the user has authenticated.

  5. A URL set in the clientType custom files for the iplanet-am-auth-login-failure-url attribute of another role entry of the authenticated user. (This option is a fallback if the previous redirection URL fails.)

  6. A URL set in the clientType custom files for the iplanet-am-auth-login-failure-url attribute of the user’s realm entry.

  7. A URL set in the clientType custom files for the iplanet-am-auth-login-failure-url attribute as a global default.

  8. A URL set in the iplanet-am-user-failure-url attribute of the user’s profile (amUser.xml).

  9. A URL set in the iplanet-am-auth-login-failure-url attribute of the role to which the user has authenticated.

  10. A URL set in the iplanet-am-auth-login-failure-url attribute of another role entry of the authenticated user. (This option is a fallback if the previous redirection URL fails.)

  11. A URL set in the iplanet-am-auth-login-failure-url attribute of the user’s realm entry.

  12. A URL set in the iplanet-am-auth-login-failure-url attribute as a global default.