Reentry Target: GET|POST /http/reentry

Redirect target used when returning from external services.

Continues the authentication process by stepping the AuthProcessor forwards, executing AuthActions until an HTTP response is returned by one of them. The HTTP request made to the reentry endpoint is made available to these AuthActions, eg header values, fields, query parameters, etc. In this way the response from certain providers can be captured and processed by AuthActions.

Parameters

This method requires the AuthSessionId (as) and AuthSessionNonce (asn) to continue. A provider must be able to return these values back to us as either a field value, as a query parameter, or as a value of a query parameter or form field in a certain format. Typically these can simply be supplied as parameters on the returnUrl provided to the service. Exceptions are OAuth where the returnUrl is required to be the same on each call, but as the nonce changes each time the OAuth2 'state' parameter must be used. SAML is another exception - it has a fixed returnUrl and can only echo back state information via the 'RelayState' form field.

See the two Worker Configuration Properties sessionIdWrapperQueryParams and sessionIdWrapperFormFields for the names of query parameters/fields that may contain both the authSessionId (as) and authSessionNonce (asn) as values in the format:  'AS:UUIDVALUE_ASN:UUIDVALUE'.

If the 'siteuser' iCM maintenance area is offline this method will throw a validation error, returning the user to the login form (via renderLoginForm) which will display a suitable user friendly message explaining that site logins are currently disabled.