Assertion to Display LDAP Authentication Failed Message
search cancel

Assertion to Display LDAP Authentication Failed Message

book

Article ID: 185453

calendar_today

Updated On:

Products

CA API Gateway

Issue/Introduction

Is there a way to display both messages at one time in step 2?

  1. Yes (U/P exists in LDAP and authentication is success)
  2. No (U/P exists in LDAP but authentication failed or id doesn’t exist in LDAP)
  3. Retry (connection issue).

 

Environment

All supported versions of the API Gateway

Resolution

For Step #2, split them up into 2 sections so you can get back two different responses (based upon the conditions being met).



Additional Information

If you want to send the retry message, then you'll need to add a 'Continue Processing' assertion as the last assertion in the 'All assertions must evaluate to true' folders so the policy continues to process. 

If you do this, you can't display the messages you want to see in Step #2 (because you are continuing to process the policy). If you want to see the messages but you still want to retry, set a message to a context variable called retry.repsonse.

Include the ${retry.response} context variable in the Return Template for the retry option so you know the reason why you are retrying to authenticate.