Novell ACCESS MANAGER 3.1 SP2 - IDENTITY SERVER GUIDE 2010 Manual page 128
Identity server guide
Hide thumbs
Also See for ACCESS MANAGER 3.1 SP2 - IDENTITY SERVER GUIDE 2010:
- Manual (264 pages) ,
- User manual (58 pages) ,
- Manual (110 pages)
Table of Contents
Advertisement
Parameter
<USERID>
<STOREID>
<RETURN_URL>
action=expire
For example:
https://someservice.com/path/password?user=<USERID>&store=<STOREID>
&returl=<RETURN_URL>&action=expire
NOTE: If you copy and paste this text, make sure you remove the white space between
and
&returl
The Identity Server fills in these values, which results in the following URL:
https://someservice.com/path/password?user=joe.novell&store=userstore1&
returl=https://myidp.com/nidp/idff/sso&action=expire
Forcing Authentication after the Password Has Changed
The password service can also include parameters on the return URL sent to the Identity Server. The
Identity Server understands the following parameter:
Parameter
forceAuth=TRUE
The following example sends this parameter with
base URL of the Identity Server.
<form id="externalForm" action='https://testnidp.novell.com:8443/nidp/idff/
sso?sid=0&id=117&forceAuth=TRUE' method="post">
When the user is redirected to the password management service URL because of an expired
password, the POST data in that redirect contains the
used for the Identity Server return URL.
Grace Logins
If you specify a password service and do not specify a value for the number of grace logins in
eDirectory, the contract redirects to the password management service only when the grace login
count has reached 0 and the password has expired.
128 Novell Access Manager 3.1 SP2 Identity Server Guide
Description
Provides the DN of the user with a password that is expired or expiring.
Provides the name of the user store that authenticated the user before
redirecting the user to the password expiration service.
Provides the URL at the Identity Server to which the user can be redirected
after the password service completes.
Causes the password expiration service to behave as though the user's
password policy is set to allow the user to reset the password even though the
user's policy might be set to show the user a hint. The user sees the page to
create a new password rather than seeing a hint for an existing password.
.
Description
When the user is returned to the Identity Server, this parameter forces the
user to authenticate with the new password. This eliminates the possibility of
an old password being used in an Identity Injection policy.
https://testnidp.novell.com:8443
and
values as part of the value
sid=<>
id=<>
<STOREID>
as the
Advertisement
Table of Contents
Troubleshooting
Related Manuals for Novell ACCESS MANAGER 3.1 SP2 - IDENTITY SERVER GUIDE 2010
Related Products for Novell ACCESS MANAGER 3.1 SP2 - IDENTITY SERVER GUIDE 2010
- NOVELL ACCESS MANAGER 3.1 SP2 BETA 1 - SCENARIOS 2009
- NOVELL ACCESS MANAGER 3.1 SP1 - AGENT GUIDE
- NOVELL ACCESS MANAGER 3.1 SP1 - IDENTITY SERVER
- NOVELL ACCESS MANAGER 3.1 SP2 - SSL VPN USER GUIDE 2010
- Novell Access Manager 3.1 SP 1
- Novell Access Manager 3.1 SP2 Beta 1
- Novell Access Manager 3.1 SP 2
- NOVELL CLIENT LOGIN EXTENSION 3.7 - ADMINISTRATION
- NOVELL IDENTITY ASSURANCE SOLUTION 3.0.2 - ADMINISTRATION
- NOVELL IDENTITY MANAGER 3.6.1 - STAGING BEST PRACTICES GUIDE 2010
- NOVELL IDENTITY MANAGER 3.6.1 - NULL SERVICE AND LOOPBACK SERVICE DRIVERS
- NOVELL IDENTITY MANAGER 3.6.1 - JOBS GUIDE
- NOVELL IDENTITY MANAGER 3.6.1 - TASK SERVICE DRIVER
- NOVELL IFOLDER 3 - ADMINISTRATION
- NOVELL POLICIES IN IMANAGER 3.6.1 - 06-05-2009
- NOVELL POLICY IN DESIGNER 3.5 - 09-18-2009