cancel
Showing results for 
Search instead for 
Did you mean: 

Error messages in Custom Sign In pages

dcvers_
Regular Contributor

Error messages in Custom Sign In pages

Version 6.1R2-1

I have set up some custom sign-in pages based on the sample.zip pages. We are using primary and secondary authentication (on one page) and with the custom sign in pages if the users enters the wrong credentials the error message is the same regardless of whether it is the primary or secondary authentication that fails. With the standard login pages the error messages indicates which authentication failed.

Is there a parameter I can check on the custom page to see which is failing (I've tried the LoginPageErrorCode but this is always 1002)?

5 REPLIES 5
drf_
Contributor

Re: Error messages in Custom Sign In pages

Can you change SecondaryLoginPage.thtml and implement a custom error code for 1002? Since it is in the SecondaryLoginPage.thtml then you know it came from the secondary authentication server.

<% IF LoginPageErrorMessage %> <% IF LoginPageErrorCode == 1002 %> ERROR MESSAGE GOES HERE <% END %> <% END %>

dcvers_
Regular Contributor

Re: Error messages in Custom Sign In pages

Thanks for the suggestion. The problem is we're doing the primary and secondary authentication on a single page so unless the box gives us some feedback there's no way to know which authentication fails.
Jens_
Not applicable

Re: Error messages in Custom Sign In pages

Hi!

Did you find any solution to this?

I have the same problem and we also use a single login page with both primary and secondary login.

The IVE certainly knows the difference. If you leave it on the default message and make it show the error code, the messages are different but the error code is the same...

Jens

dcvers_
Regular Contributor

Re: Error messages in Custom Sign In pages

Hi Jens,

No never found a solution.

Paul

kenlars_
Super Contributor

Re: Error messages in Custom Sign In pages

Maybe the following would work -

On the secondary authentication server definition in the realm, uncheck the "End session if authentication against this server fails" option so that it doesn't kick you out for failing the 2nd authentication. Then, if you receive an authentication failure, it is because the 1st authentication failed.

Run a policy trace to see what variables are set for the second authentication when it succeeds and when it fails. I'm guessing you'll find some variable which is populated if the authentication succeeds, and not if it fails. You can use this difference in role mapping, and map the failing case to no roles. Then you can modify the "No roles" message to be that the user failed the 2nd authentication.

Ken