Some details about J2EE Agent property com.sun.identity.agents.config.login.form
By Hua Cui on Nov 10, 2008
The J2EE Agent property com.sun.identity.agents.config.login.form is used in the case of the
application is protected by certain form based J2EE policies defined in
The following is a snippet of the web.xml for an application "agentsample" using form based login:
When a user request comes for this application, the container first checks if this user has been authenticated.
If not, the container sends the user the application login page /agentsample/authentication/login.html. The user enters the credentials, and upon successful authentication (and/or authorization), the user is granted the access.
Now a j2ee agent is installed to protect the application, and we want to achieve Single Sign-On. Meaning a user needs to authenticate only once, only to the opensso server. However since the above form based login is defined in the web.xml, the user would have to login to the application login page as well.
To avoid a user having to login twice, the agent needs to prevent the user being sent the application login page, i.e. in the above example /agentsample/authentication/login.html. For this, the agent needs to know the URIs for the form based login of the applications.
The J2EE Agent property
com.sun.identity.agents.config.login.form is used for this purpose. This is a list property so you can specify more than one URI by using the numeric index.
If the j2ee agent receives a request whose URI matches with one of the URIs listed in the property com.sun.identity.agents.config.login.form, it knows that the request is for a form based login page. It will suppress it so the end user will not see the login page.