Command Servlet allows you to redirect a user to SSPR and have it perform some specific command. You can use Command Servlet functions during a user's login sequence to a portal or other landing point.
Use Command Servlet functions with a proxy service, Access Gateway, or devices that auto-authenticate users. Otherwise, the user requires to authenticate to SSPR during each login.
You can combine Command Servlet calls with request parameters such as forwardURL.
The following table lists an example of the user login redirect sequence:
|
URL Example |
Description |
|---|---|
|
http://portal.example.com |
Initial request from browser. |
|
http://portal.example.com/Login |
Access Gateway redirects the user to the login page. |
|
http://portal.example.com/ |
Access Gateway redirects the user to the portal root. |
|
http://portal.example.com/index.html |
Web server redirects the user to index.html. |
|
http://password.example.com/sspr/private/CommandServlet?processAction=checkAll&forwardURL=http%3A%2F%2Fportal.example.com%2Fportalpage.html |
index.html has meta redirect to the SSPR checkAll CommandServlet with an URLEncoded forwardURL value. |
|
http://portal.example.com/portal/main.html |
SSPR redirects the user to the actual portal URL. |
The index.html file contains the following content:
<html> <head> <meta http-equiv="REFRESH" content="0; URL=http://password.example.com/sspr/private/CommandServlet? processAction=checkAll&forwardURL=http%3A%2F%2Fportal.example.com%2Fportalpage.html"/> </head> <body> <p>If your browser doesn't automatically load, click <a href="http://password.example.com/sspr/private/CommandServlet? processAction=checkAll&forwardURL=http%3A%2F%2Fportal.example.com%2Fportalpage.html">here</a>. </p> </body> </html>
The following table lists various useful commands:
|
Command |
URL |
Description |
|---|---|---|
|
checkExpire |
http://password.example.com/sspr/private/CommandServlet?processAction=checkExpire |
Checks the user's password expiration date. If the expiration date is within the configured threshold, the user requires to change password. |
|
checkResponses |
http://password.example.com/sspr/private/CommandServlet?processAction=checkResponses |
Checks the user's challenge-responses. If no responses are configured, the user requires to set them up. |
|
checkProfile |
http://password.example.com/sspr/private/CommandServlet?processAction=checkProfile |
Checks the user's profile. If the user's attributes do not meet the configured requirements, the user requires to set profile attributes. |
|
checkAll |
http://password.example.com/sspr/private/CommandServlet?processAction=checkAll |
Calls checkExpire, checkResponses, and checkProfile consecutively. |