000021703 - How to integrate a web application login with RSA SecurID challenge page

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000021703
Applies ToRSA ACE/Agent for Web
Added a custom input field to the useridandpasscode.htm agent template in an attempt to pass additional authentication credentials to the server
IssueHow to integrate a web application login with RSA SecurID challenge page
Custom field is presented to user as part of SecurID challenge page and can be edited
SecurID Authentication succeeds but custom field is not available to custom Web application
CauseRSA ACE/Agent for Web is not aware of the custom field, and therefore ignores it. Additionally, following successful SecurID authentication the user is redirected to the originally requested (protected) target. The posted custom field is no longer available at this point in the HTTP transaction.
ResolutionThese alternatives are possible:

1. Provide a separate login page for your application to capture any additional credentials needed by your application

2. Use the RSA Agent for Web Cookie API to store user defined values in the encrypted cookie to be retrieved by other applications

3. If users are within your enterprise environment, utilize RSA's Sign-On Manager product to automatically log in to the custom Web application

4. Contact RSA Security's Professional Services Organization to provide a customized RSA ACE/Agent for Web
Legacy Article IDa24432