Technical notes for local response redirection in IBM Security Verify Access for Web

Technical notes for local response redirection

If a client makes a bad or erroneous request to WebSEAL as a result of a redirected error page, WebSEAL returns a static error message page rather than initiating another redirection operation.
To avoid a possible redirection loop condition, the custom message handling application must be a resource that is available to unauthenticated users. Security Verify Access ACLs must be configured to ensure this availability to unauthenticated users.
When implementing external authentication interface and local response redirection together, ensure the configured location URI is not the same as any external authentication interface trigger URLs.
All requests that are redirected by local response redirection are cached in the same manner as for default response handling.

Parent topic: Local response redirection