This content has been marked as final. Show 4 replies
sorry, but your question is not very clear what you are actually after. The default user repository for AM is LDAP and by default the groups and roles in LDAP are automatically picked up for policy evaluation unless you changed the config to ignore them.
The agent does not do redirection based on roles. You either have access granted or denied.
The default URL that a user is redirected to after authentication is configured either per user or by authentication module. You probably don't want to configure it per user so you will need to configure it per authentication module.
For example, if you are authenticating through the LDAP module, you can configure the default URL for successful and unsuccessful login for the LDAP module, then create a Role and create a service for Authentication Configuration and make sure you select the LDAP module you configured to be the default authentication module for that role. Then add all the users you want for that role and those users will be redirected to either the success or failure URL you specified for that role.
Alternatively, you can write a Post-Auth plugin which is executed directly after the user has logged on and thus you will be able to add any redirect URL you want depending on any logic that you can program.