This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthor

Only authorized users are allowed to rename pages.

Only authorized users are allowed to delete pages.

Page revision history

Version Date Modified Size Author Changes ... Change note

Page References

Incoming links Outgoing links
Posting Credentials to NAM
Posting Credentials to NAM

Version management

Difference between version and

At line 1 added 58 lines
!!!The Challenge
Our client wanted to be able to authenticate a user to [NAM|Novell Access Manager] from a application.
We advised that the "right(?)" method would be to use SAML, but that was a little far out for them to accomplish.
!!! A Solution
What we did was create a JSP Page that posted credentials to the NAM login page. A sample of what we used is shown below.
We got a lot of information on this from the NAM documentation on [NAM Customized JSP Pages]. Novell's documentation provides:
* Post Action: [https://idpclstr.yourdomain.com:8443/nidp/app/login]
* User name input type = "text": name="Ecom_User_ID"
* User password input type = "password: name="Ecom_Password"
* Optional input type = "hidden": name="target" with a value of a destination URL.
!!!What we Learned
It appeared that if we just posted the page to the idp server, the user was authenticated, but no SSO was working. That is when the browser went to another page, the browser prompted for credentials again.
What we noticed was that if we first went to one of the protected resources and then posted to the idp server, that SSO did work. We then created a page with an [iFrame] (set so small no one would see it) that contained the login page to a "protected resource" and then posted to the page to the idp cluster with a hidden value for the target in the post. This appears to work fine.
This allowed us to obtain credentials from a source that is not available to NAM and be able to authenticate to NAM. Keep in mind that the credentials must match those in NAM's userstore to work.
!!Sample test Page
%%warning
[Use Entirely at Your Own Risk|Standard Disclaimer]
[CISUS.COM] nor anyone else is responsible if you use a tool or any information on this site and causes damages to anyone or anything! This is only [Example code]
%%
{{{
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>NAM Posted Login</title>
</head>
<body bgcolor="white">
<form name="login" id="login" method="post" action='https://idp.yourdomain.com:8443/nidp/app/login' >
<table border="0" cellspacing="5">
<tr>
<th align="right">Username:</th>
<td align="left"><input type="text" name="Ecom_User_ID"></td>
</tr>
<tr>
<th align="right">Password:</th>
<td align="left"><input type="password" name="Ecom_Password"></td>
</tr>
<tr>
<td align="right"><input type="submit" value="Log In"></td>
<td align="left"><input type="reset"></td>
</tr>
</table>
</form>
</html>
}}}
!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]
This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthorTop