Technical guide to determine the correct AFM controller for custom use-case development
Article ID: 41763
Updated On: 02-14-2018
Products
Issue/Introduction
Introduction:
Description of each Controller available in AFM for implementing custom use-cases in Web Application.
Instructions:
Below are the AFM controllers provided by AuthMinder product:-
1. controller1.jsp
This is a "2-page initial login" controller with the AFM doing ArcotID auth and risk evaluation. Additional auth mechanism supported are configuration driven and could be combination of QnA, OTP by sms, OTP by email, or Arcot OTP. These additional auth mechanisms are useful in Mitigate risk, FYP, Roaming and AID expiry flows.
2. controller2.jsp
This is a "2-page initial login" controller with AFM doing ArcotID auth, but not risk evaluation. Additional auth mechanism supported is configuration driven and could be combination of QnA, OTP by sms, OTP by email, or Arcot OTP.
These additional auth mechanisms are useful in FYP, Roaming and AID expiry flows.
3. controller3.jsp
This is a "2-page initial login" controller with AFM doing risk evaluation, primary auth done by caller after getting results from here.
Secondary auth mechanisms supported is configuration driven and could be combination of QnA, OTP by sms, OTP by email, or Arcot OTP.
4. controller4.jsp
This is a "1-page initial login" controller with AFM doing risk evaluation, primary auth done by caller before redirecting here.
Secondary auth mechanisms supported is configuration driven and could be combination of QnA, OTP by sms, OTP by email, or Arcot OTP.
5. controller6.jsp
This is a "2-page initial login" controller with the ArcotAuthUI doing OATH auth, but not risk evaluation.
6. controller10.jsp
This is a "2-page initial login" controller with the AFM doing ArcotOTP auth, but not risk evaluation.
Additional auth mechanism supported is configuration driven and could be combination of QnA, OTP by sms or OTP by email. These additional auth mechanisms are useful in FYP, Roaming and AOTP expiry flows.
7. controller_aotp.jsp
This is a no UI enrollment controller to provision an AOTP credential on user's device.It follows the below steps:
a. Verify user.
b. Verify Activation code.
c. Create Arcot OTP credential.
d. Send email notification, if configured
8.controller_updatewfpwd.jsp
This is a "1 page" update controller to update ArcotID PIN.It follows the below steps:
a. Collect user's new ArcotID PIN.
b. Reset ArcotID credential with the new PIN.
c. Download new ArcotID on the client system.
9. controller_updateuser.jsp
This is a "1 page" update controller to update user details. It follows the below steps:
a. Present user's current details.
b. Update User details.
10. controller_updateqna.jsp
This is a "1 page" update controller to update Security Questions & Answers. It follows the below steps:
a. Present user's current security questions & answers.
b. Reset QnA credential with new questions & answers.
11. controller_updateaidpin.jsp
This is a "1 page" update controller to update ArcotID PIN.It follows the below steps:
a. Collect user's new ArcotID PIN.
b. Reset ArcotID credential with the new PIN.
c. Download new ArcotID on the client system.
Environment
Component:
Feedback
