The CommandServlet allows you to redirect a user to SSPR and have it perform some specific command. The CommandServlet functions are used during a user's login sequence to a portal or other landing point.
The CommandServlet functions work best when used with a proxy, access gateway, or some other device that will auto-authenticate the user. Otherwise, the user will have to authenticate to SSPR during every login.
The CommandServlet calls can be combined with any of the request parameters described earlier, such as the forwardURL parameter.
For Example, the user login redirect sequence will be as mentioned in the following table:
URL Example |
Description |
---|---|
http://portal.example.com |
Initial request from browser. |
http://portal.example.com/Login |
Access gateway redirects to login page. |
http://portal.example.com/ |
Access gateway redirects back to portal root. |
http://portal.example.com/index.html |
Web server redirects to index.html. |
http://password.example.com/sspr/private/CommandServlet?processAction=checkAll&forwardURL=http%3A%2F%2Fportal.example.com%2Fportalpage.html |
index.html has meta redirect to the SSPR checkAll CommandServlet with a URLEncoded forwardURL value. |
http://portal.example.com/portal/main.html |
SSPR redirects back to the actual portal URL. |
The index.html described above would have the following content:
<html> <head> <meta http-equiv="REFRESH" content="0; URL=http://password.example.com/sspr/private/CommandServlet? processAction=checkAll&forwardURL=http%3A%2F%2Fportal.example.com%2Fportalpage.html"/> </head> <body> <p>If your browser doesn't automatically load, click <a href="http://password.example.com/sspr/private/CommandServlet? processAction=checkAll&forwardURL=http%3A%2F%2Fportal.example.com%2Fportalpage.html">here</a>. </p> </body> </html>
Command: checkExpire
URL: http://password.example.com/sspr/private/CommandServlet?processAction=checkExpire
Description: Checks the user's password expiration. If the expiration date is within the configured threshold, the user will be required to change password.
Command: checkResponses
URL: http://password.example.com/sspr/private/CommandServlet?processAction=checkResponses
Description: Checks the user's challenge responses. If no responses are configured, the user will be required to set them up.
Command: checkProfile
URL: http://password.example.com/sspr/private/CommandServlet?processAction=checkProfile
Description: Checks the user's profile. If the user's attributes do not meet the configured requirements, the user will be required to set their profile attributes..
Command: checkAll
URL: http://password.example.com/sspr/private/CommandServlet?processAction=checkAll
Description: Calls checkExpire, checkResponses and checkProfile consecutively.