Local response redirection configuration example

The following example steps summarize the configuration required to implement local response redirection. This example illustrates the combined implementation of local response redirection with an external authentication interface service.

The following variables are used in this example:

• jct is the name of the WebSEAL junction
• eai-redirect-app is the name of the custom application that provides combined external authentication interface and local response redirection services
• authn-handler is the name of the custom authentication service (such as a servlet, JSP, or CGI)
• response-handler is the name of the custom response handling service (such as a servlet, JSP, or CGI)

Example:

• A custom external authentication interface service is implemented on the junctioned server to handle the WebSEAL authentication process:
  webseal/jct/eai-redirect-app/authn-handler

• Enable local response redirection to handle responses to requests:
  [acnt-mgt]
  enable-local-response-redirect = yes

• Set the location of the custom response handling application (Location URI):
  [local-response-redirect]
  local-response-redirect-uri = /jct/eai-redirect-app/response-handler

• Specify the URL requested by the client (supplied by the URL macro) be returned in the Location URI query string of the local response redirection:
  [local-response-macros]
  macro = URL

• Client requests a resource requiring authentication:
  https://webseal/jctB/resource.html

• WebSEAL returns an HTTP 302 response containing the following Location URI header. The login operation required is specified in the query string as: TAM_OP=login:
  Location: https://webseal/jct/eai-redirect-app/response-handler?TAM_OP=login& URL=http%3A//webseal/jctB/resource.html

• The custom response handling application provides a response to the client (consistent with a login operation) and makes use of the resource URL information provided.

• The client completes one or more interactions with the custom response handler and is eventually routed to the external authentication interface where the actual authentication is performed.

Parent topic: Local response redirection