Novell Home

Redirecting with the Access Gateway Authorization Policy

Novell Cool Solutions: Tip
By Jason Sabin

Digg This - Slashdot This

Posted: 25 Apr 2007
 

Problem

A Forum reader recently asked:

"I saw a demo of a rather nice idea and I'd like to know how it was done. It showed an application being protected by Access Manager 3. When a user got an 'access denied' due to not having been given access to the application, the user would be redirected over to the UserApp workflow request page to fill in a form requesting access to the application. Then the workflow would be kicked off to the approvers.

I think I know how to set up the workflow part of this. And I'm guessing that to make this work that the UserApp also has to be a protected application behind Access Manager, so as to get the user logged in to it via single-sign-on. But how do I redirect the Access Manager 3 'access denied' error to a UserApp workflow page?"

And here's the response from Jason Sabin ...

Solution

This is typically performed by the new Access Gateway Authorization Policy.

For example, let's say a user has requested a web resource that he currently does not have access to. This is checked for in the Authorization Policy. Instead of just issuing a Deny message to the user, you can specify a URL to redirect to. This URL can point to anywhere, a custom page, a request for workflow, etc.

Here is a really simple example of an authorization policy that demonstrates this. I am using Roles as an example, but you can use anything within the policy to do this.

Example AG Authorization Policy

  Rule 1
    If URL Path [current]
       String equals
       Data Entry Field [/newWebResource]
    AND
    If Current Role of User
       String equals
       Role [yourRoleThatHasPermission]
    Permit
  Rule 2
    Deny Redirect 
       URL [Your workflow request URL]


Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com

© 2014 Novell