Redirecting with the Access Gateway Authorization Policy
Novell Cool Solutions: Tip
By Jason Sabin
|
Digg This -
Slashdot This
Posted: 25 Apr 2007 |
Problem
A Forum reader recently asked:
"I saw a demo of a rather nice idea and I'd like to know how it was done. It showed an application being protected by Access Manager 3. When a user got an 'access denied' due to not having been given access to the application, the user would be redirected over to the UserApp workflow request page to fill in a form requesting access to the application. Then the workflow would be kicked off to the approvers.
I think I know how to set up the workflow part of this. And I'm guessing that to make this work that the UserApp also has to be a protected application behind Access Manager, so as to get the user logged in to it via single-sign-on. But how do I redirect the Access Manager 3 'access denied' error to a UserApp workflow page?"
And here's the response from Jason Sabin ...
Solution
This is typically performed by the new Access Gateway Authorization Policy.
For example, let's say a user has requested a web resource that he currently does not have access to. This is checked for in the Authorization Policy. Instead of just issuing a Deny message to the user, you can specify a URL to redirect to. This URL can point to anywhere, a custom page, a request for workflow, etc.
Here is a really simple example of an authorization policy that demonstrates this. I am using Roles as an example, but you can use anything within the policy to do this.
Example AG Authorization Policy
Rule 1
If URL Path [current]
String equals
Data Entry Field [/newWebResource]
AND
If Current Role of User
String equals
Role [yourRoleThatHasPermission]
Permit
Rule 2
Deny Redirect
URL [Your workflow request URL]
Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com