mike weng Posted June 5, 2019 Share Posted June 5, 2019 I have a custom login page and spotfire authentication is external authentication. When the user did not login from custom login page, and then want to enter the Administration Console directly, the web page will show "HTTP Status 403 - Access is denied You are not authorized to access this URL." How to redirect to custom login page when user enter the Administration Console directly Thanks & Regards Mike Link to comment Share on other sites More sharing options...
Varma Nadimpalli Posted June 5, 2019 Share Posted June 5, 2019 Hello Mike, Here are the wiki articles related to custom authentication and custom login page.You may review the following to find additional information. https://community.spotfire.com/wiki/tibco-spotfirer-server-api-custom-authentication https://community.spotfire.com/wiki/create-custom-login-page-tibco-spotfirer What is the Spotfire version Link to comment Share on other sites More sharing options...
mike weng Posted June 10, 2019 Author Share Posted June 10, 2019 Hi Varma, Thanks for your reply, the Spotfire version is 10.0.0. I had seen the reference links you provided, but I still have some questions. Actually, the custom login page is another web application, not in Spotfire, and also has authentication itself base on username/password, so we use external authentication method in Spotfire to satisfy single-sign-on authentication. When the external authentication method was selected , the custom login page would not be shown. Therefore, I don't understand how can I redirect to the custom login page from another web application when user doesn't login Thanks & Regards Mike Link to comment Share on other sites More sharing options...
Jens Borgland Posted June 12, 2019 Share Posted June 12, 2019 Hi, If you want to have an external application that performs authentication this way you essentially have two options: Use OpenID Connect, or some custom similar scheme with a CustomWebAuthenticator to perform the redirects (and deal with the response when the application redirects back) Set up some kind of autenticating proxythat only intercepts requests to /sf_security_check_external_auth (to which the server will redirect the user whenever authentication is needed) - all other requests much be passed through directly to the server. The proxy would then pass the identity in an HTTP header or similar and the Spotfire Server would be configured for External Authentication (with "Web" as "declared authentication method"). Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now