Focal Point Banner


As of December 1, 2020, Focal Point is retired and repurposed as a reference repository. We value the wealth of knowledge that's been shared here over the years. You'll continue to have access to this treasure trove of knowledge, for search purposes only.

Join the TIBCO Community
TIBCO Community is a collaborative space for users to share knowledge and support one another in making the best use of TIBCO products and services. There are several TIBCO WebFOCUS resources in the community.

  • From the Home page, select Predict: WebFOCUS to view articles, questions, and trending articles.
  • Select Products from the top navigation bar, scroll, and then select the TIBCO WebFOCUS product page to view product overview, articles, and discussions.
  • Request access to the private WebFOCUS User Group (login required) to network with fellow members.

Former myibi community members should have received an email on 8/3/22 to activate their user accounts to join the community. Check your Spam folder for the email. Please get in touch with us at community@tibco.com for further assistance. Reference the community FAQ to learn more about the community.


Focal Point    Focal Point Forums  Hop To Forum Categories  WebFOCUS/FOCUS Forum on Focal Point     [CLOSED] WF_Signon - Custom Invalid Credentials Page?

Read-Only Read-Only Topic
Go
Search
Notify
Tools
[CLOSED] WF_Signon - Custom Invalid Credentials Page?
 Login/Join
 
Member
posted
Has anyone ever overridden their site's default "failed credentials" message when using WF_Signon for authentication?

This is a self-service reporting application. I have coded an HTML logon page similar to the example in Ch 4 of WebFOCUS Security and Administration V7 Rel 1.3. The form posts to WFServlet with parameters for IBIWF_action (set to WF_SIGNON through a hidden input field), IBIC_user, and IBIC_pass (both valued from input fields to which they are bound). WF_SIGNON_MESSAGE is used to submit a FEX on successful authentication to do further checks for authorization.

The logon technique works fine. Unfortunately, if the user enters invalid credentials, a default web page is returned with a plain white background, title set to "WebFOCUS Message: Security Violation", and the text "Invalid Credentials" surrounded by H2 tags. I presume this is coming from a JSP out of the box.

My customer would like something a little more use-friendly, at least with a link to take them back to the logon page. I am deploying this to a distributed environment shared by multiple departments, so server-level configuration changes are out.

I know this can be done for MR signon by setting "SIGNON_INCORRECT" to a custom link. Is there an equivelent method for a web application?

Any suggestions?

This message has been edited. Last edited by: Kerry,


Anonymous
 
Posts: 7 | Registered: June 06, 2008Report This Post
Platinum Member
posted Hide Post
You will find the standard message in enib00e.html.

You can replace it with whatever HTML code you want.

I have done it successfully in the past.
 
Posts: 140 | Location: Adelaide South Australia | Registered: October 27, 2006Report This Post
Member
posted Hide Post
Thank you, OPALTOSH. Unfortunately, I will not have much luck requesting changes to the file. Other departments, both in our business unit and other business units, are using this installation. Some Java interfaces parse error messages returned from WebFOCUS to drive error handling (a fine example of the dangers of tight integration). I am also concerned about losing the changes when a patch is applied.

Ideally, I'd like to limit scope of custom handling of this error to my application.

Is this an instance where one would code a WebFOCUS servlet WFEXT plug-in?


Anonymous
 
Posts: 7 | Registered: June 06, 2008Report This Post
Expert
posted Hide Post
Sean, I suggest you send dhagen a private message - he's an expert at this kind of thing.

Regards,


Francis


Give me code, or give me retirement. In FOCUS since 1991

Production: WF 7.7.05M, Dev Studio, BID, MRE, WebSphere, DB2 / Test: WF 8.1.05M, App Studio, BI Portal, Report Caster, jQuery, HighCharts, Apache Tomcat, MS SQL Server
 
Posts: 10577 | Location: Toronto, Ontario, Canada | Registered: April 27, 2005Report This Post
Platinum Member
posted Hide Post
If you have access to modify the logon page just for your application you can use something like this:

http://techsupport.information...om/sps/42882556.html

In reading that document though, I thought I remembered it as:
SIGNON_INCORRECT not SIGNOFF, so there could be a typo in that technique.

In any case if you run a WFServlet trace of a logon and search for "incorrect", near the end of the file you should find the proper variable.

I'm pretty sure this all existed in 71x, I know its in 76x.


WF 71.x, 76.x, 7701, 8.0 Beta OS: Linux, Win2k3, Win2k, Win2k8, WinXP


 
Posts: 203 | Registered: November 19, 2007Report This Post
Platinum Member
posted Hide Post
Oh, and you can also set those variables via WFS Scripting and site.wfs.

As a result if you have any other way to identify your application, you can set logic in there to do it.


WF 71.x, 76.x, 7701, 8.0 Beta OS: Linux, Win2k3, Win2k, Win2k8, WinXP


 
Posts: 203 | Registered: November 19, 2007Report This Post
Member
posted Hide Post
All,

First, I apologize for not posting to this thread since March. I did read everyone's responses and suggestions - thank you all. I was under the gun and had to develop something fast. What I came up with is ugly, but effective. Although this topic is closed, I'm posting how I handled my scenario in case someone else needs it.

At my installation, enib00e.html contains HTML for invalid credentials with the TITLE text:

WebFOCUS Message: Security Violation

I already handle basic edits (no user ID, no password, invalid characters, etc) through screen edits, before the form is submitted. I only need to deal with invalid credentials, which will always return the above.

From the above thread, you see my constraints were as follows:
1) cannot modify enib00e.html without impacting other applications,
2) cannot change which HTML file is sent back for failed credentials without impacting other applications. (Messing with this is dangerous anyway, as the enib00e file contains HTML for many error messages.)

Constrained to getting back the generic invalid credentials entry from enib00e.html, exactly as it was installed, my last option was a REDIRECT.

Ok, I said it was ugly.

Here's how it works:
1) Create a static HTML container (either a framset or HTML page with an iFrame to contain the application content)
2) Set an onload event on the "body" frame (or iFrame)
3) Script event to look for a title tag element containing the WebFOCUS security violation error message, and redirect if found.

function app_onload() {
/* Check for bad login screen returned from WebFOCUS API and redirect to user friendly
page with link back to logon page.
*/
var bodyFrame = document.getElementById("myBodyFrame");
var titleTag = bodyFrame.contentWindow.document.getElementsByTagName("Title")[0]; // Only one Title tag, always index 0

if (titleTag.text == "WebFOCUS Message: Security Violation") {
parent.myBodyFrame.location.href = '/approot/myapp/invalid.htm';
clearCookie();
return;
}

/* Custom error page has a span with a unique ID myappErr1234. If found, the body now contains our custom error page.
A separate script can now wipe out any cookie you may have dropped and clean up. */

var deniedPage = bodyFrame.contentWindow.document.getElementById("myappErr1234");
if (deniedPage != null) {
clearCookie();
}
/* Insert code to check for valid cookie. Good place to handle other events, such as user having clicked a "logoff" link. */
}

This message has been edited. Last edited by: Sean P Murphy,


Anonymous
 
Posts: 7 | Registered: June 06, 2008Report This Post
  Powered by Social Strata  

Read-Only Read-Only Topic

Focal Point    Focal Point Forums  Hop To Forum Categories  WebFOCUS/FOCUS Forum on Focal Point     [CLOSED] WF_Signon - Custom Invalid Credentials Page?

Copyright © 1996-2020 Information Builders