09-11-2017 11:58 AM - edited 02-21-2020 10:33 AM
Hi,
I'm doing CWA on ISE with an AD back end.
Is it possible to send successfully authenticated Users off to a different login-success page based on some aspect of their identity, whether that be a domain element in the username and/or by evaluating AD group membership? You used to be able to do this with some jiggery pokery on old versions of ISE, but I think it was more of an exploit than a feature.
For example, if "HR Person", send browser to HR.mycompany.com but if "IT Person", send browser to "IT.mycompany.com?
Configuring the client device is not an option; this all needs doing by the infrastructure.
Any ideas much appreciated!
Thanks,
Richard
09-17-2017 07:17 PM
Hi
You can't do that In a standard way.
I've never done that before. But quite sure that you can add a JavaScript into the success page and redirect the url based on some criteria.
What I'm not sure is if with JavaScript you can get the ad group membership.
I had in the past a pdf with all JavaScript capabilities but having hard time to found it back.
If I get it I'll post it here.
Sorry to not being so helpful.
09-18-2017 02:30 AM
Hi Francesco,
I suspect you're thinking of this?
Unfortunately I've been through this already and I don't think it gives enough access to do what I need.
Cheers,
Richard
09-18-2017 04:28 AM
09-18-2017 04:39 AM
09-18-2017 04:50 AM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide