on 08-21-2018 4:14 PM
I have implemented a captcha functionality to log in into SAP PORTAL. It's all working fine except that I cannot send a message from the login module to the login page (telling that the captcha failed). I would like to have help in getting this done. Further details are given below:
I modified the login page (tc~sec~ume~logon~ui.war) to show the captcha based on the document:
https://blogs.sap.com/2015/10/14/making-changes-to-the-portal-logon-page-nw-74/
I also created a new login module following this document:
https://help.sap.com/viewer/7ece2b41e5234afb98052b6ad1ab3e2f/7.4.16/en-US/4899a2e07f020e27e10000000a...
The login module and the login page are working fine, the validation of the captcha works and when the user give the wrong captcha, it is sent back to the login page to try again. The issue is that I cannot, from my new login module, send a message to the login page, prompting for example, for the user to try to log in again.
What I've tried was to generate a new default Java exception (throw new Exception()) and also the throwNewLoginException and FailedLoginException methods available in the login module as the documentation suggests. The exceptions work and appear in the logs, but what I would like is to show the message on the page to the user.
What can I do to display an error message, that was originated in the login module, on the the login page so that the user can realize what went wrong?
Best regards,
Thiago Nascimento.
Hi,
This is little bit tricky. There is no proper documentation on how to handle custom error message from custom login module.
Few years back I had similar requirement and after doing research and spending quite bit of hours I found the following steps helped in showing a proper error message to user.
From custom login module you can throw only predefined errors like below, please check the number next to the message which is mapped to the properties file in the jar file.
ACTIVE_USERS_LIMIT_RECHED 14
CERTIFICATE_IS_NOT_TRUSTED 4
CHANGE_PASSWORD_ALPHA_NOT_ALLOWED 35
CHANGE_PASSWORD_ALPHANUM_REQUIRED 32
CHANGE_PASSWORD_CHANGE_PASSWORD_NOT_ALLOWED 38
CHANGE_PASSWORD_FAILED 26
CHANGE_PASSWORD_LOWER_CASE_NOT_ALLOWED 34
CHANGE_PASSWORD_LOWERCASE_REQUIRED 30
CHANGE_PASSWORD_MIXED_CASE_REQUIRED 33
CHANGE_PASSWORD_NEW_PASSWORD_INVALID 41
CHANGE_PASSWORD_NO_CONFIRM_PASSWORD 24
CHANGE_PASSWORD_NO_IDENTICAL_PASSWORDS 25
CHANGE_PASSWORD_NO_NEW_PASSWORD 23
CHANGE_PASSWORD_NO_PASSWORD 22
CHANGE_PASSWORD_NO_PASSWORD_LOGON 43
CHANGE_PASSWORD_NUMERIC_NOT_ALLOWED 36
CHANGE_PASSWORD_NUMERIC_REQUIRED 27
CHANGE_PASSWORD_OLDPASSWORD_IN_NEWPASSWORD 42
CHANGE_PASSWORD_PASSWORD_CONTAINED_IN_HISTORY 40
CHANGE_PASSWORD_PASSWORD_MAX_IDLE_TIME_EXCEEDED 44
CHANGE_PASSWORD_SPEC_CHARS_REQUIRED 31
CHANGE_PASSWORD_SPECIAL_CHARS_NOT_ALLOWED 37
CHANGE_PASSWORD_TOO_LONG 29
CHANGE_PASSWORD_TOO_MANY_INVALID_LOGON_ATTEMPTS 45
CHANGE_PASSWORD_TOO_SHORT 28
CHANGE_PASSWORD_USERID_CONTAINED_IN_PASSWORD 39
CHANGE_PASSWORD_WHITESPACES_NOT_ALLOWED 26
DIGEST_CREDENTIALS_NOT_VALID 12
EMERGENCY_USER_IS_ACTIVE 9
HEADER_VARIABLE_AUTHENTICATION_FAILED 48
IO_EXCEPTION 18
NO_LOGIN_MODULE_SUCCEEDED 17
NO_PASSWORD 19
NO_USER_MAPPED_TO_THIS_CERTIFICATE 5
P4_TICKET_NOT_VALID 13
PASSWORD_EXPIRED 1
PASSWORD_LOCKED 21
PASSWORD_NOT_USED_FOR_LONG_TIME 20
SAP_LOGON_TICKET_HAS_EXPIRED 6
SAP_LOGON_TICKET_IS_NOT_TRUSTED 7
SPNEGO_AUTHENTICATION_FAILED 47
UNABLE_TO_CREATE_SAP_LOGON_TICKET 8
UNABLE_TO_GET_SAP_LOGON_TICKET 11
UNABLE_TO_PASS_SAP_LOGON_TICKET 10
UNKNOWN_CHANGE_PASSWORD_ERROR 46
USER_ALREADY_LOGGED_IN 15
USER_IS_ANONYMOUS 50
USER_IS_CURRENTLY_NOT_VALID 2
USER_IS_LOCKED 3 USER_NOT_LOGGED_IN 16
USERNAME_IS_NOT_VALID 49
WRONG_USERNAME_PASSWORD_COMBINATION 0
All of above are part of LoginExceptionDetails class, they are static values.
Throw exception like below
throwNewLoginException("PASSWORD_NOT_USED_FOR_LONG_TIME", LoginExceptionDetails.USER_ALREADY_LOGGED_IN)
And you need to update the corresponding key in sap.com~tc~je~security~impl.jar which is located at location \usr\sap\<SID>\<InstID>\j2ee\cluster\bin\services\security\lib\private\
In sap.com~tc~je~security~impl.jar you need to open the jar and go to the folder com/sap/engine/services/execptions. Here you see properties files for each language. You need to update property file based on language.
The file has following entries and based on the number which you throw from login module, update corresponding message:
authentication_019=Authentication failed. Logon with password is not allowed
authentication_049=User authentication failed
authentication_015=TEST
authentication_014=Logon limit reached. Try again later
authentication_012=Authentication failed. Logon mechanism not supported
authentication_026=Password change failed
authentication_025=New password and password confirmation are not identical
authentication_024=Password confirmation missing
authentication_023=New password missing
authentication_053=Access denied by the configured logon policy
authentication_022=Password missing
authentication_052=Your password will expire in {0} day(s)
authentication_021=Authentication failed. Password locked
authentication_051=There have been {0} failed logon attempt(s) for your account since your last successful logon authentication_020=Authentication failed. Password expired
authentication_050=Logon with anonymous user is not allowed
authentication_009=User SAP* is active. No other users can log on
authentication_005=No user mapped to the client certificate
authentication_004=Certificate is not trusted
authentication_003=User account locked
authentication_002=User is not currently valid
authentication_001=Password expired
authentication_000=User authentication failed
If you need to find more on this then try to get the code of any standard login modules. Hope this might help you.
Thanks,
Dheeram
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
101 | |
13 | |
13 | |
11 | |
11 | |
7 | |
6 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.