test

Sun Java System Access Manager Policy Agent 2.2 Guide for JBoss Application Server 4.0

Customizing Agent Response for Form Login

The J2EE agent AMAgent.properties configuration file allows you to completely control the content that is sent out to the user when the deployment container requires a form login from the user.

Note –

The ability to customize the agent response form login is not a feature whose purpose is to change the form login page nor is the purpose of this feature to bypass the default Access Manager login page.

Using the J2EE agent AMAgent.properties configuration file, you can customize the agent response in the following ways:

ProcedureTo Customize the Agent Response to Form Login

  1. Modify the content of the FormLoginContent.txt file to suit your UI requirements as necessary.

    Ensure that regardless of the modifications you make, the final file submits the j_username and j_password to the action j_security_check via HTTP POST method.

  2. (Conditional) You can specify the name of a different file using the property com.sun.identity.agents.config.login.content.file in the J2EE agent AMAgent.properties configuration file.

    If you specify the file name, you must ensure that it exists within the locale directory of the agent installation.

    If you wish that this file be used from another directory, you can simply specify the full path to this new file.

    Ensure that regardless of the modifications you make, the final file submits the j_username and j_password to the action j_security_check via HTTP POST method.

  3. (Conditional) If you have more than one application and would like to have an application-specific response to the form login requests, instruct the agent to allow the form login request to proceed to the actual form login page.

    This can be done by setting the value of the configuration property as follows:com.sun.identity.agents.config.login.use.internal as false.

    In this situation, you must ensure that the resource that receives this request extracts the am.filter.j_username and am.filter.j_password from the HttpServletRequest as attributes and uses that to ensure that eventually a submit of these values as j_username and j_password is done to the action j_security_check via HTTP POST method.

    The following JSP fragment demonstrates how this can be done:


    <form action="j_security_check" method="POST">
<%
   String user = (String) request.getAttribute("am.filter.j_username");
   String password = (String) request.getAttribute("am.filter.j_password");
%>
   <ul>
      <li>Your username for login is: <b><%=user%></b></li>
      <li>Your password for login is: <b><%=password%></b></li>
   </ul>
   <input type=hidden name="j_username" value="<%=user%>">
   <input type=hidden name="j_password" value="<%=password%>">
   <input type="submit" name="submit" value="CONTINUE">
</form>

    This mechanism would therefore allow you to have an application-specific form-login handling mechanism.