I just implemented SSO authentication.
Now when my itil users (agents) open the welcome page, they are presented wtih this screen:
Local Login URL: https://xxxxxx.service-now.com/login_locate_sso.do#
I want them to use the "External Login" method of authenticaion as the default.
External Login URL: https://xxxxxxx.service-now.com/login_locate_sso.do
How do I swap these around so the external login screen is the default?
Thanks for this Vivi.
None of links provided explain exactlyt what I want to do.
Here's what the top of OOB login_locate_sso UI page looks like.
I don't know how to edit this to include what I want.
I want to include a section called "Forgot your loing credentials?"
How do i do this?
UI Page login_locate_sso
<?xml version="1.0" encoding="utf-8" ?>
<j:jelly trim="false" xmlns:j="jelly:core" xmlns:g="glide" xmlns:j2="null" xmlns:g2="null">
<FORM name="loginPage" id="loginPage" action="login.do" method="post">
<j:if test="${!sn_ui.PolarisUI.canUsePolarisTemplates()}">
<g:inline template="output_messages2.xml" />
</j:if>
<g:evaluate jelly="true">
var title = gs.getMessage('Login with SSO');
var transaction = GlideTransaction.get();
if (transaction.isVirtual()) {
// we are in CMS
var glideSession = GlideSession.get();
if (GlideStringUtil.nil(glideSession.getProperty("starting_page"))) {
glideSession.putProperty("starting_page", "/" + transaction.getSiteName() + "/");
}
}
var ssoSelectorField = gs.getProperty('glide.authenticate.multisso.login_locate.user_field', 'user_name');
var td = new GlideTableDescriptor('sys_user');
var ed = td.getElementDescriptor(ssoSelectorField);
if (ed)
var ssoSelectorFieldLabel = ed.getLabel();
else
gs.log("No matching field in the 'sys_user' table for the given SSO selector field : " + ssoSelectorField);
</g:evaluate>
<div data-form-title="$[title]" ></div>
<g:evaluate var="jvar_local_login_url" jelly="true">
var login_url = 'login.do';
if (GlideStringUtil.notNil(gs.getSession().getProperty('login_locate_sso.login_url')))
login_url = gs.getSession().getProperty('login_locate_sso.login_url');
login_url;
</g:evaluate>
Hello Joe, you are more than welcome.
I am good at dealing with SSO and IDP, but I am not the right person to help you with the Jelly script code used in the UI Page (I would have to try to implement it in my PDI, but I won't have enought time for it now).
I would suggest if you could ask in a separate question in the Developer Community forum (as your question now is more related to the script, someone with more expertise in Jelly language could help you in a better way).
And there is also another page (I am not sure what page is being used when you click in the "Forgot Login Credentials"), the other page is: $pwd_reset.
PS: the "$" character in the prefix of that page, means that is a protected UI Page.
So, I suggest you to check what is the page that opens for you (pwd_reset.do or reset_password.do), and ask in another post, something like:
- How to embed the "Forgot Login Credentials / Forgot Password" (pwd_reset or reset_password) from the Welcome Page, in the login_locate_sso.do page
It is essential to say: changes in an existing UI Page (Base instance) need to be carefully evaluated, as when some SSO plugin updates it, or if some patch or familiy upgrade releases something new or some fix, as you have changed it, you could face a conflict. So, be aware of the risks about changing it versus the benefits to the users.
PS: if you think my answer with the suggestion to apply the KB0758382: How to redirect users to /login_locate_sso.do page from instance URL, helped you, could you please mark that as the correct here? So, when other members from the community search about redirect users to login_locate_sso, they could see the correct answer in the context (as you were able to set it as your default screen, according to your screenshots).
----
Just in case you could consider it:
There is a screenshot below, which illustrate some cautions when modifying something in the Base instance
----
