Jump to content

How to redirect to custom login page with external authentication


mike weng

Recommended Posts

I have a custom login page and spotfire authentication is external authentication.

When the user did not login from custom login page, and then want to enter the Administration Console directly, the web page will show

"HTTP Status 403 - Access is denied

You are not authorized to access this URL."

How to redirect to custom login page when user enter the Administration Console directly

 

Thanks & Regards

Mike

Link to comment
Share on other sites

Hello Mike,

 

Here are the wiki articles related to custom authentication and custom login page.You may review the following to find additional information.

 

https://community.spotfire.com/wiki/tibco-spotfirer-server-api-custom-authentication

 

https://community.spotfire.com/wiki/create-custom-login-page-tibco-spotfirer

 

What is the Spotfire version

Link to comment
Share on other sites

Hi Varma,

 

Thanks for your reply, the Spotfire version is 10.0.0.

 

I had seen the reference links you provided, but I still have some questions.

 

Actually, the custom login page is another web application, not in Spotfire, and also has authentication itself base on username/password,

 

so we use external authentication method in Spotfire to satisfy single-sign-on authentication. 

 

When the external authentication method was selected , the custom login page would not be shown. Therefore, I don't understand how can I redirect to the custom login page from another web application when user doesn't login

 

Thanks & Regards

 

Mike

Link to comment
Share on other sites

Hi,

If you want to have an external application that performs authentication this way you essentially have two options:

 

Use OpenID Connect, or some custom similar scheme with a CustomWebAuthenticator to perform the redirects (and deal with the response when the application redirects back)

Set up some kind of autenticating proxythat only intercepts requests to /sf_security_check_external_auth (to which the server will redirect the user whenever authentication is needed) - all other requests much be passed through directly to the server. The proxy would then pass the identity in an HTTP header or similar and the Spotfire Server would be configured for External Authentication (with "Web" as "declared authentication method").

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...