(Optional) Select the Allow Protection Override check box in Scheme Common Setup. This option specifies that the protection level in the library takes precedence over the protection level specified in the Administrative UI.
SiteMinder documentation mentions the 'Allow Protection Override' checkbox that applies to Custom Authentication schemes.
This is part of com.netegrity.policyserver.smapi SmAuthScheme Interface.
Public SmAuthenticationResult authenticate(String parameter, String secret, int challengeReason, SmAuthenticationContext context)
Performs the custom authentication and returns the authentication result.SiteMinder calls this method at least twice -- during user disambiguation and during user authentication. For information about these two phases of the authentication process, see the Programming Guide for Java.
parameter- The optional parameter string specified in the Policy Server User Interface, to be used in any way that the authentication scheme requires.
secret- The shared secret specified for the authentication scheme in the Policy Server User Interface. The shared secret is used for any purpose that the authentication scheme requires, such as enryption or credentials operations. Your authentication scheme may or may not require a shared secret.
challengeReason- The reason code from a previous authentication that failed or was challenged, or 0 if unknown. The reason code that SiteMinder passes is the
REASON_constant that the authentication scheme returned in
SmAuthenticationResultafter the failed or challenged authentication.
context- Contains request context objects, and also methods for passing error and user messages directly to SiteMinder.
SmAuthenticationResultobject containing status and reason codes. How the returned status code is interpreted depends upon the phase during which SiteMinder called the authentication scheme.
Release : 12.8.03
Component : SITEMINDER -SDK
The code sample is provided as it is, no additional support is available. This is custom code development, generally out of support scope.
Any further custom coding questions should be directed to HCL service group, a Broadcom partner.