Types of JSP Files

System JSP files: Identity Server refers to the system JSPs, which are static names. If you rename a system JSP, Identity Server stops working because it expects to find the JSP with a specific name. System JSPs are mostly used for page layout and end user messages.

Authentication JSP files: The authentication JSP files are associated with an authentication method and provide the user interface for a specific authentication protocol. An authentication method may define a static default JSP name, but that name can be overridden using the authentication method JSP property. For example, the default Secure Form – Name Password authentication method defines login.jsp as its default JSP.

System JSP Files for Different Parts of the User Portal Page

The following diagram highlights JSP files corresponding to the different parts of user portal:

You can customize any of the following JSP files depending on the part of the page that requires modification:

  • nidp_latest.jsp: This is the main user interface (UI) layout workhorse JSP. It allows formatting of all components that create the Identity Server UI. The HTML div tags with CSS are used for formatting different areas of the UI. These tags can make an AJAX call to Identity Server to display the content <div>. You can customize the majority of your layout in this file.

    The following content is a skeletal extraction of the UI components defined in nidp_latest.jsp:

    <div id="masthead-namclient">
      <div id="branding-namclient"></div>
      <!-- If current user is authenticated -->
        <div id="username-namclient"></div>
        <div id="username-dialog-namclient">
          <div id="logoutButton"></div>
        </div>
      <!-- End if current user is authenticated -->
    </div>
    <!-- If showing card selection hamburger menu -->
      <div id="nam-ham-menu"></div>
    <!-- End if showing card selection hamburger menu -->
    <div id="globalMessage"></div>
    <!-- If showing an authentication method -->
      <div id="currentCardDisplay">
        <div class="signin-div"></div>
      </div>
    <!-- End if showing a card (authentication method) -->
    <div id="theNidpContent">
    <!--  If showing an authentication method -->
      javaScript.getToContent([Content URL], "theNidpContent");
    <!--  else if showing a pending message -->
      <%@ include file="message_latest.jsp" %>
    <!-- endif -->
    </div>

    The customizations are primarily done in nidp_latest.jsp. The following are the other jsp files, which rarely require customization:

  • top_latest.jsp: This file automatically instructs the web browser to load the top level window using a URL obtained from the existing HTTP request parameter, url.

    <!-- Loads the Web browser's "top" window to the supplied URL -->
    window.location.href='<%=(String) request.getAttribute("url")%>';
  • main.jsp: If an authentication contract is in the process of executing, then the specified JSP is displayed at the web browser’s top window. Otherwise, it forwards to nidp.jsp.

    <!-- Does a POST to the handler.getContentUrl() -->
  • content_latest.jsp: nidp.jsp uses this file to display the bottom section of the UI. This JSP makes an AJAX call to Identity Server to display the current authentication method or it loads an end user message.

    <!-- If user provisioning OR showing an authentication method -->
    <div id="theContentContent">
        javaScript.getToContent([Content URL],"theContentContent");
      </div>
    <!-- else -->
      <%@ include file="message_latest.jsp" %>
    <!-- endif -->
  • message_latest.jsp: This JSP file displays an end user message in the global message area of nidp_latest.jsp.

Authentication JSP Files for Customizing Login and Password Components

It is not possible to create a comprehensive list of authentication JSP files because new authentication methods can be added to Identity Server. However, the following list provides the details for some of the most common default authentication JSP files that are included with Identity Server.

Authentication JSP files are loaded into content_latest.jsp's <div id="theContentContent"> by using a JQuery AJAX call to Identity Server.

  • login_latest.jsp: This is the default JSP file for Name / Password – Form and the Secure Name / Password – Form authentication methods. It provides simple form based name / password authentication. This can be customized to query for other user attributes such as, email.

  • radius_latest.jsp: This is the default JSP file for the Radius Server authentication method. It provides simple form based name / password / token authentication to a Radius server.

  • totp_latest.jsp: This is the default JSP file for the Timed One Time Password authentication method. It provides user registration of mobile TOTP applications and form based TOTP token entry with validation.