To stop people from doing login.do if they are not admin.

Chandler2
Tera Guru

‎08-03-2023 11:30 PM

So we have OKTA login configured but people are able to do login.do. I want to stop that for non admins and redirect them to the normal OKTA login. Only admins should be able to do login.do.

 

Please suggest!

0 Helpfuls
  • 377 Views
3 REPLIES 3

Ahmmed Ali
Mega Sage

‎08-04-2023 12:12 AM

Hello @Chandler2 

 

You will need to update the login script in installation exit configuration. Go to Application navigator, search for Installation Exit and open the table. In the table, search for records with name containing login

 

Since you have SSO enabled, you can inactivate OOTB SSO login record and duplicate same record and update the script. In script, update process function. You will have user_name, you can query sys_user_has_role table for that user to check for role and the based on that, set the either proceed to authentication or call loginFailed() function and return login.failed string, same as in OOTB script.

 

Thank you,

Ali

 

If I could help you with your Query then, please hit the Thumb Icon and mark my answer as Correct!!

Thank you,
Ali

Chandler2
Tera Guru
In response to Ahmmed Ali

‎08-12-2023 10:26 PM

Hi Ali,

 

I tried your suggestion and it works as you suggested and I am able to call the login failed and stop the user from login. But the problem is that instead of stopping from login, I wanted them to redirect to normal OKTA if they are not admin.

Any idea how to do that?

 

Thanks

0 Helpfuls

Ahmmed Ali
Mega Sage
In response to Chandler2

‎08-14-2023 12:10 AM

Hello @Chandler2 

 

Not sure if we can write redirect in the script, but I would tackle this with a message which says to use SSO (with hyperlink to the instance URL). This would make user also know that they are suppose to use SSO link instead of login.do

 

Thank you,

Ali

If I could help you with your Query then, please hit the Thumb Icon and mark my answer as Correct!!

Thank you,
Ali
0 Helpfuls