Post information to the login.fcc file

Title:  Post information to the login.fcc file (Legacy_Onyx KB Id: 190481)

Description:
We're trying to implement a simple functionality on our website. We would like to notify a user, which provides the wrong login credentials for the login with some text: "Invalid username or password was specified." but we don't want that the user gets redirected to a different page than the login.fcc page.

We tried different approaches with the DynamicRetry.fcc/DynamicRetry.unauth or with providing the clients browser with the SM_HTTP_ONJRECTTEXT variable or even the usage of the SMTEXT cookie...

But we failed in all 3 different approaches!

Could you please assist?

Solution:
We are generating our own cookie and grabbing the cookie through the javascript.
Below are the steps to configure:

1) Set a rule depending on what is your requirement.
--> OnAuthAttempt (This would be user not found in user store)
--> OnAuthReject (This would be the user password is incorrect)
--> OnAccessReject (This would be the user not authorized).

2) Set a response with the type "Webagent HTTP Cookie Variable".
--> You can set the cookie name to "NotAuthCookie"
--> The value, you can customize by putting something like "You are not authenticated, please try to login again".

3) Under the policy, bind the rule to the response together.

4) The next step would be to customize your login.fcc page.
--> You would need to add in javascript to grab the cookie called "NotAuthCookie" and its value.
--> Below is the sample javascript to be embedded to your login.fcc:

<SCRIPT LANGUAGE="JavaScript">
function resetCredFields()
{
document.Login.PASSWORD.value = "";
}

function submitForm()
{
document.Login.submit();
}

function getCookie(name)
{
var dc = document.cookie;
var prefix = name + "=";
var begin = dc.indexOf("; " + prefix);
if (begin == -1)
{begin = dc.indexOf(prefix);
if (begin != 0) return null;
}
else
{
begin += 2;
}
var end = document.cookie.indexOf(";", begin);
if (end == -1)
{
end = dc.length;
}
return unescape(dc.substring(begin + prefix.length, end));
}

document.write(getCookie("NotAuthCookie"));

</SCRIPT>

------------------------------
The above script has a function called getCookie which would grab the cookie that you wish to get the value.
Next, the document.write would be to display the output of the value returned from function getCookie.

What is CSN ( Change Sequence Number )

Sun Java[TM] System Directory Server - Change Sequence Numbers [ID 1008938.1]
--------------------------------------------------------------------------------

  Modified 07-JAN-2010     Type HOWTO     Migrated ID 212298     Status PUBLISHED  
Description
This document contains information about Change Sequence Numbers (CSN),
and their format, for customers who have deployed servers running Sun
Java[TM] System Directory Server
Steps to Follow
In Sun Java System Directory Server software, a master server needs to keep track of changes made to an entry, prior to replicating those changes to other masters (in an MMR environment) and/or downstream consumers (in a cascaded environment).
The logical order in which these changes are
applied to entries on the consumer server, may be important, as there could
be logical interdependencies between each change made. These changes are
stored in the changelogs of a Sun Java System Directory Server instance,
and are marked with a Change Sequence Number(CSN), which is used to resolve
replication conflicts should the need arise.
Format of a CSN
===============
A CSN is basically a sequence of numbers, consisting of a time-stamp and
the ID of the master replica, on which the change was originally made.
To be precise, it is a ten-byte structure, where the first four bytes
contain a timestamp expressed as seconds after UTC 1st January 1970.
The next two bytes form a sequence number, used when more than one CSN is
generated within one second. Two bytes then follow, with the ID of the
replica for which the CSN is generated, and the remaining two bytes
contain a sub-sequence number
eg. 3cadb52d000000010000
^       ^   ^   ^
------- --- --- ----
Date    Seq Rep Sub-Seq
No  ID  Number
where:
a. the string ?3cadb52d? translates to 05 Apr 2002 07:30:46. This string
is a hexadecimal value of the number of seconds since 01 Jan 1970 (UTC).
b. the next portion, ?0000?, denotes this is the first CSN generated
this second.
c. the string "0001" denotes the replica ID of the master generating
the CSN and should be unique to each server in the topology.
d. the last portion of the string, "0000? represents the subsequence
number. This is currently reserved and is always set to zero.
The format should ensure that servers operating in a replicated
environment, and replicating changes to one another, will generate unique
CSNs, so that changes are ordered in a computable manner. If a consumer
does not receive the changes from its multiple suppliers in the right
order, it is able to determine what the right order is, via the Update
Resolution Procedure (URP), that is, by comparing the CSN of each change
it receives and replaying them in the correct order.

Scripts for deleting sso profiles and verfiy the records in the LDAP

Delete the uids

echo `date` >> /tmp/log/deleted.log
echo `date` >> /tmp/log/notdeleted.log
echo `date` >> /tmp/log/idnotexit.txt
for i in `cat /tmp/$1`
do
rv=`ldapsearch -h <Hostname> -p 41389 -D "cn=Directory Manager" -w xxxx -b o
u=geworker,o=ge.com  uid=$i | grep gessostatus | cut -f2 -d"="`
if [  -n "$rv" ]
then
   gessouid=`ldapsearch -h <Host Name> -p 41389 -D "cn=Directory Manager" -w xxxx -b ou=geworker,o=ge.com  uid=$i |grep -v  'manager'|grep ou=geworker,o=ge.com`
 ldapdelete -h <Host Name> -p 41389 -D "cn=Directory Manager" -w xxxx $gessou
id
 if [ $? -eq  0 ]
   then
      echo $i "has been deleted">>/tmp/log/deleted.log
   else
      echo $i "has not been deleted" >>/tmp/log/notdeleted.log
  fi
else
echo $i" does not exits in LDAP">>/tmp/log/idnotexit.txt
fi
done


Scripts to search the records through uids

echo `date` >> /tmp/log/NBCU400added.txt
echo `date` >> /tmp/log/NBCU400notadded.txt
echo `date` >> /tmp/log/idnotexit.txt
for i in `cat /tmp/$1`
do
rv=`ldapsearch -h <Host Name> -p 41389 -D "cn=Directory Manager" -w xxxxx -b o
u=geworker,o=ge.com  uid=$i | grep gessostatus | cut -f2 -d"="`
if  [ ! -z "$rv"  ]
then
out=`ldapsearch -h <Host Name> -p 41389 -D "cn=Directory Manager" -w xxxxxx -b
ou=geworker,o=ge.com  uid=$i gessolinkedbu | grep -c NBCUS400`
     if [ $out -ge 1 ]
      then
        echo $i" has added NBCUS400">>/tmp/log/NBCU400added.txt
      else
       echo $i" has not added NBCUS400">>/tmp/log/NBCU400notadded.txt
     fi
else
  echo $i" does not exits in NBCU LDAP">>/tmp/log/idnotexit.txt
fi
done
~

Directory Server 5.2 details

Link for the Directory Server 5.2 Documentation and more details

http://www.oracle.com/technetwork/documentation/legacy-sun-identity-mgmt-193462.html

Find the link for getting services related to train

http://www.indianrail.gov.in/railzone.html

Load Balancing Method

Load Balancing

Most commonly, the term load balancing refers to distributing incoming HTTP requests across Web servers in a server farm, to avoid overloading any one server. Because load balancing distributes the requests based on the actual load at each server, it is excellent for ensuring availability and defending against denial of service attacks.

The F5 BIG-IP^® Local Traffic Manager performs load balancing across servers in a single data center.

The F5 BIG-IP^® Global Traffic Manager uses topology-based load balancing to inspect a user's IP and determine the most efficient data center.

The term load balancing can also refer to file servers, when file protocol requests are distributed across file servers to overcome the capacity, bandwidth, or CPU limitations of any single system. The F5 ARX^®series switch performs capacity balancing for file servers.

F5 products that support Load Balancing:

• BIG-IP Local Traffic Manager (LTM)
• BIG-IP Global Traffic Manager  (GTM)
• F5 ARX Series

 

Siteminder federation doc

Please find below the link for siteminder federation document

https://support.ca.com/cadocs/0/CA%20Federation%20Manager%20r12%201-ENU/Bookshelf.html