Our Products:   CompleteFTP  edtFTPnet/Free  edtFTPnet/PRO  edtFTPj/Free  edtFTPj/PRO
0 votes
in CompleteFTP by (51.4k points)

A CompleteFTP user asked:

We have set up SAML authenication and disabled the local user login, allowing users only to see and use a "Login via Single Sign-On" button on the login screen. After clicking this button, users are redirected to the IDP to sign in, and then to the CompleteFTP Web File Manager.

Users accessing the CompleteFTP Web File Manager, who are already logged into Azure in their browser, have to click the "Login via Single Sign-On" button to access the manager. They are then automatically redirected since they are already signed into the IDP.

They are asking whether it is possible to bypass the "Login via Single Sign-On" button and directly access the URL: https://completeftpurl/FileManager/2/

1 Answer

0 votes
by (51.4k points)
Best answer

Please follow the instructions below to make the login page redirect to the SAML IDP.

Find the IDP identifier

1. Open CompleteFTP Manager

2. Select the Users panel

3. Click on Configure... in the Single sign-on/SAML row

4. Press Ctrl+C

5. Open a text editor, such as Notepad

6. Paste the clipboard into the editor. 

It should look something like this:

Name ID User attribute User prefix User matching
OneLogin https://my.idp.com/url Unchecked

The IDP identifier is the URL in the middle of line 2, i.e. https://my.idp.com/url, which we’ll use below.

Create the login redirection script

1. Open a text editor, such as Notepad

2. Paste the following into the text editor:

if (request.uriParts.path.toLowerCase().indexOf("/login/") === 0 && system.user.isAnonymous) {
 const idpIdentifier = "https://my.idp.com/url";
 const uri = request.uriParts;
 response.redirectUrl = `${uri.protocol}://${uri.host}/Saml/Authenticate?idp=${idpIdentifier}`;

3. Substitute your IDP identifier into line 2 in place of https://my.idp.com/url

4. Save the file to the following path: C:\ProgramData\Enterprise Distributed Technologies\Complete FTP\Include\Custom\customizations.jss

Test it

Open your browser and navigate to the usual login page. You should find that it now does exactly what it would do if the user had loaded the login page and clicked the IDP’s button.