I had to modify default login, logout and error pages for root realm. Although official documentation suggests not to modify default pages, but that was the solution that worked for me. I modified following pages in config/auth/default/ folder under OpenAM web context:
- login_failed_template.jsp - displayed after unsuccessful login - usually because of invalid username/password
- Login.jsp - login form
- Logout.jsp - showed after user hits "logout" and terminates his SSO session
- session_timeout.jsp - showed if user's session timed out due to inacitivty
In order to add additional localization (e.g. 'lv'):
- Create new directory:
mkdir /config/auth/default_lv
- Copy the file that JATO uses for form i18n:
cp /config/auth/default_en/DataStore.xml /config/auth/default_en/
- Copy the file that contains all messages used int authentication views:
cp WEB-INF/classes/amAuthUI.properties WEB-INF/classes/amAuthUI_lv.properties
- ... translate copied files
One more thing - you can change selected locale. If you want to provide users with an ability to switch between locales (override locale detected by browser request), you must specify a 'locale' request parameter (this one I had to dig out from source code). And in order to pass it to latter pages (not to lose it after unsuccessful login attempts), in the form at the end of Login.jsp add:
<input type="hidden" name="locale" value="<%=request.getParameter("locale")%>" />