Login methodologies
Some of the common types of login that are supported by the application are as follows:
Web login
You can Log in to the application by using the application URL. In a browser window, enter the
https://<hostname>:<port>/isf/store-frontend/index.html
. The login page
opens. Enter your username and password. If the authentication is successful, the
Home page is presented. If the authentication fails, you remain in the login
page, and an appropriate error message is displayed.
Federated authentication with OpenID Connect (OIDC) integration
Federated authentication allows you to access multiple applications within the IBM Sterling ecosystem without having to sign in separately in to each application. For more information about configuring OIDC on cloud, see OpenID Connect (OIDC) configuration.
Log on from any external application
You can Log in to the application by posting the HTML form with a valid username and password to
the application URL. If the authentication is successful, the Home page is
presented. Otherwise, you remain in the login page, and an appropriate error message is displayed.
The HTML POST
method sends data to a server URL,
https://<hostname>:<port>/isf/store-frontend/processLogin.do?scExternalLogin=Y
to initiate the login process by using DisplayUserID
and Password
as provided in the login form.
In case there is no active user session, you can redirect the user to an external URL by
configuring the isf.external.redirect.url
property. The application reads this
property and redirects the user to the configured URL. In scenarios, where user requests for a
particular page say,
http://localhost:9080/isf/store-frontend/shell/move-inventory/requests-list?status=IN_PROGRESS,NOT_STARTED
,
and there is no active user session, the application appends the redirectURL
query
parameter with the configured external URL. The external system must read the
redirectURL
query parameter from the request and pass it back when the
processLogin.do
request is submitted. For example,
https://<hostname>:<port>/isf/store-frontend/processLogin.do?scExternalLogin=Y&redirectURL=/store-frontend/shell/move-inventory/requests-list?status=IN_PROGRESS,NOT_STARTED
.
- Do not modify the
DisplayUserID
andPassword
attribute names, and thescExternalLogin=Y
URL query parameter. - It is not recommended to Log in to Sterling Store Engagement (Next-generation) by using the
HTML POST
method as the login credentials can be easily intercepted and compromised.
Configuring redirection URLs
In case of SSO or when using an external application to log in to Sterling Store Engagement,
configure the isf.external.redirect.url
property. This ensures that when you are
logged out of the application, you are redirected to the configured URL.