You can modify the main.jsp file and use the contract URI to specify the login page to display.
Consider the following points:
You cannot rename the main.jsp file. Therefore, any modifications you make to this file can be lost whenever you upgrade Identity Server. During the upgrade, you must select to restore custom files or you must restore your modified file after the upgrade. If this is the only JSP file that you modified that uses an Identity Server name, it is recommended to manually restore this file after an upgrade.
Modifying the main.jsp file requires knowledge of JSP programming and if/else statements.
Modifying the main.jsp file enables you to perform the following actions:
You can create multiple customized nidp_legacy.jsp pages. For example: custom1.jsp, custom2.jsp, and custom3.jsp.
You can create multiple customized login.jsp pages that request different login credentials. For example:
login1.jsp: Configured to request username and password.
login2.jsp: Configured to request username, email, and password.
login3.jsp: Configured to request email and password.
With this type of configuration, you must create three different authentication contracts with an authentication method with a JSP property defined for each of them. These contracts require the types of values listed in the following table. The URI is defined so that it reflects the custom login.jsp and the custom nidp_legacy.jps that are used by the contract.
|
Contract |
Configuration Details |
|
|---|---|---|
|
Contract1 |
URI |
login1/custom1 |
|
Method1 |
Configured with the following JSP property: Property Name: JSP Property Value: login1 This method does not need a query property unless you are using an attribute other than the cn attribute for the username. |
|
Contract2 |
URI |
login2/custom2 |
|
Method2 |
Configured with the following two properties: Property Name: JSP Property Value: login2 Property Name: Query Property Value: (&(objectclass=person)(mail=%Ecom_User_ID%))) |
|
Contract3 |
URI |
login3/custom3 |
|
Method3 |
Configured with the following two properties: Property Name: JSP Property Value: login3 Property Name: Query Property Value: (&(objectclass=person)(mail=%Ecom_User_ID%)) |
Perform the following steps to configure Access Manager to display these custom login pages with custom credentials:
Create a unique method for each custom login.jps file:
Click Devices > Identity Servers > Edit > Local > Methods > New.
Specify the following details:
Display name: Specify a name for the method. Use a name that indicates which login page is assigned to this method.
Class: Select a name/password class.
Configure the other fields to match your requirements.
In the Properties section, add a Query property if the page uses custom credentials.
For example, to add an email address to the login prompts, add the following property:
Property Name: Query
Property Value: (&(objectclass=person)(mail=%Ecom_User_ID%))
If you are creating a method for Contract 1 in the previous example (which prompts for a username and password), you do not need to add a query property unless you are using an attribute other than the cn attribute for the username.
In the Properties section, add a JSP property to specify which login.jsp file to use with this method.
For example:
Property Name: JSP
Property Value: login2
Click Finish.
If you have created more than one custom login.jsp files, repeat Step 1.b through Step 1.e for each page.
To configure the scenario described in this section, repeat these steps for three login pages.
Create a unique contract URI.
Click Contracts > New.
Specify the following details:
Display name: Specify a name for the contract. Use a name that indicates which login page is assigned to this contract.
URI: Specify a value that uniquely identifies the contract from all other contracts. Spaces are not allowed. Use a name that indicates the custom login page and custom credential page, such as login1/custom1.
Methods and Available Methods: Select the authentication method you configured in Step 1.
Configure the other fields to meet your network requirements, and then click Next.
Configure the authentication card, and then click Finish.
(Conditional) If you have created multiple custom login pages, repeat Step 2.b to Step 2.d for each page.
To configure the scenario described in this section, repeat these steps for /login2/custom2 and /login3/custom3.
Click OK, and then update Identity Server.
Modify main.jsp to add the following line near the top of the file:
For information about how to modify a file, see Modifying Configurations.
String strContractURI = hand.getContractURI();
This sets the strContractURI variable to the value of the contract URI that is being used for authentication. These lines must look similar to the following:
<%
ContentHandler hand = new ContentHandler(request,response);
String strContractURI = hand.getContractURI();
// Is there a JSP defined on a class definition or a method
// definition that must be displayed as the main jsp here?
if (handler.contractDefinesMainJSP())
{
%>
After the if statement, add an else if statement for each contract URI you have created. For example:
<% }
else if(strContractURI != null && strContractURI.equals("login1/custom1"))
{
%>
<%@ include file="custom1.jsp" %>
<% }
else if(strContractURI != null && strContractURI.equals("login2/custom2"))
{
%>
<%@ include file="custom2.jsp" %>
<% }
else if(strContractURI != null && strContractURI.equals("login3/custom3"))
{
%>
<%@ include file="custom3.jsp" %>
These else if statements set up three contracts for customized login pages:
The first else if statement specifies the URI of the login1 contract and configures it to display the custom1.jsp page for authentication.
The second else if statement specifies the URI of the login2 contract and configures it to display the custom2.jsp page for authentication.
The third else if statement specifies the URI of the login3 contract and configures it to display the custom3.jsp page for authentication.
Your file must look similar to the following:
<%@ page language="java" %>
<%@ page pageEncoding="UTF-8" contentType="text/html; charset=UTF-8"%>
<%@ page import="com.novell.nidp.*" %>
<%@ page import="com.novell.nidp.resource.jsp.*" %>
<%@ page import="com.novell.nidp.ui.*" %>
<%@ page import="com.novell.nidp.common.util.*" %>
<%@ page import="com.novell.nidp.liberty.wsf.idsis.apservice.schema.*" %>
<%
ContentHandler hand = new ContentHandler(request,response);
String strContractURI = hand.getContractURI();
// Is there a JSP defined on a class definition
// or a method definition that must be displayed
// as the main jsp here?
if (hand.contractDefinesMainJSP())
{
%>
<%@ include file="mainRedirect.jsp" %>
<% }
else if(strContractURI != null && strContractURI.equals("login1/custom1"))
{
%>
<%@ include file="custom1.jsp" %>
<% }
else if(strContractURI != null && strContractURI.equals("login2/custom2"))
{
%>
<%@ include file="custom2.jsp" %>
else if(strContractURI != null && strContractURI.equals("login3/custom3"))
{
%>
<%@ include file="custom3.jsp" %>
<% } // This is the jsp used by default
else
{
%>
<%@ include file="nidp.jsp" %>
<% } %>Back up your customized files.
For each resource for which you created a custom login page, assign that resource to use the contract that is configured to display the appropriate login page.
Click Devices > Access Gateways > Edit > [Reverse Proxy Name] > [Proxy Service Name] > Protected Resources.
For each protected resource that you have created a custom contract for, select the protected resource, then configure it to use the custom contract.
Update Access Gateway.
(Conditional) If the custom page is not displayed correctly, see Troubleshooting Tips for Custom Login Pages.