«

Jun 02

NetScaler 11.0 Swivel integration using NetScaler Rewrite

Update to my previous blog post NetScaler 11.0 Swivel integration here’s anupdate of how to do exactly the same thing only using NetScaler rewrites rather then editing any code on the NetScaler itself.

The reason this is useful is that any updates we make to javascript that comes within the NetScaler firmware may (will probably) need to be redone every time you upgrade your firmware as Citrix may (always) tweak the code between builds. Using rewrite means we only have a very small dependency on certain bits of code remaining the same.

If you’ve already made the changes from my previous blog post I would recommend reverting these before making this change using the following steps:

  1. Remove ‘cp -r /var/vpn/vpn/ /netscaler/ns_gui/vpn/’ command from /nsconfig/rc.netscaler
  2. Delete the following files
    1.  /vpn/vpn/js/gateway_login_form_view_pinsafe.js
    2. /netscaler/ns_gui/vpn/js/gateway_login_form_view_pinsafe.js
  3. Unbind and delete RePol_custom_form_view and It’s associated action

If not you can crack on and create some rewrite policies!

Create the following Rewrite actions: 

add rewrite action ReAct_Pinsafe_AppendEULA replace_all “HTTP.RES.BODY(1000000)” “\”form.append(eula_section,field_login,pinsafe_button,pinsafe_image)\”” -search “text(\”form.append(eula_section,field_login)\”)”

add rewrite action ReAct_Pinsafe_Append replace_all “HTTP.RES.BODY(1000000)” “\”form.append(field_login,pinsafe_button,pinsafe_image)\”” -search “text(\”form.append(field_login)\”)”

add rewrite action ReAct_pinsafe.js insert_after_all “HTTP.RES.BODY(12000)” q{“<script type=\”text/javascript\” src=\”/vpn/pinsafe.js\”></script>”} -search q{text(“<script type=\”text/javascript\” src=\”/vpn/login.js\”></script>”)}

add rewrite action ReAct_Pinsafe_LeftRightVar replace_all “HTTP.RES.BODY(1000000)” q{“var right_loginbutton=$(\”<div></div>\”).addClass(‘right’).appendTo(field_login); \r\n//pinsafe: create pinsafe div  \r\n var left_pinsafebutton =$(\”<div></div>\”).addClass(‘left’).appendTo(pinsafe_button);  \r\n “+ ” var right_pinsafebutton=$(\”<div></div>\”).addClass(‘right’).appendTo(pinsafe_button);  \r\n var left_pinsafeimage =$(\”<div></div>\”).addClass(‘left’).appendTo(pinsafe_image);   \r\n”+” var right_pinsafeimage=$(\”<div></div>\”).addClass(‘right’).appendTo(pinsafe_image); \r\n”} -search q{text(“var right_loginbutton=$(\”<div></div>\”).addClass(‘right’).appendTo(field_login);”)}

add rewrite action ReAct_Pinsafe_ButtonInput replace_all “HTTP.RES.BODY(1000000)” q|”var Login = $(\”<input type=’submit’></input>\”).attr({‘id’:’Log_On’,’value’:’Log On’,’class’:’custombutton login_page’,’disabled’:’disabled’}).appendTo(right_loginbutton); \r\n”+” //pinsafe: create button input \r\n var Pinsafe = $(\”<input type=’button’ onclick=’showTuring()’ value=’Get Code’></input>\”).attr({‘id’:’Get_Code’,’value’:’Get Code’,’class’:’custombutton login_page’}).appendTo(right_pinsafebutton); \r\n “+” //pinsafe: create turing image /r/n var PinsafeImg = $(\”<br><img id=imgTuring name=imgTuring style=’padding-right:10px; padding-top:10px’ height=’97’ width=’360px’ align=’right’ />\”).appendTo(right_pinsafeimage);\r\n “| -search q|text(“var Login = $(\”<input type=’submit’></input>\”).attr({‘id’:’Log_On’,’value’:’Log On’,’class’:’custombutton login_page’,’disabled’:’disabled’}).appendTo(right_loginbutton);”)|

add rewrite action ReAct_Pinsafe_ButtonVar replace_all “HTTP.RES.BODY(1000000)” q{“var field_login=$(\”<div></div>\”).addClass(‘field’).addClass(‘buttons’);\r\n”+”var pinsafe_button=$(\”<div></div>\”).addClass(‘field’).addClass(‘buttons’);var pinsafe_image=$(\”<div></div>\”);\r\n”} -search q{text(“var field_login=$(\”<div></div>\”).addClass(‘field’).addClass(‘buttons’);”)}

add rewrite action ReAct_Insert_Pinsafe_ButtonVar insert_after_all “HTTP.RES.BODY(1000000)” q{“\r\n var pinsafe_button=$(\”<div></div>\”).addClass(‘field’).addClass(‘buttons’);\r\nvar pinsafe_image=$(\”<div></div>\”);\r\n”} -search q{text(“var field_login=$(\”<div></div>\”).addClass(‘field’).addClass(‘buttons’);”)}

add rewrite action ReAct_Insert_Pinsafe_ButtonInput insert_after_all “HTTP.RES.BODY(1000000)” q|”//pinsafe: create button input\r\nvar Pinsafe = $(\”<input type=’button’ onclick=’showTuring()’ value=’Get Code’></input>\”).attr({‘id’:’Get_Code’,’value’:’Get Code’,’class’:’custombutton login_page’}).appendTo(right_pinsafebutton); \r\n”+”//pinsafe: create turing image \r\nvar PinsafeImg = $(\”<br><img id=imgTuring name=imgTuring style=’padding-right:10px; padding-top:10px’ height=’97’ width=’360px’ align=’right’ />\”).appendTo(right_pinsafeimage);\r\n”| -search q|text(“var Login = $(\”<input type=’submit’></input>\”).attr({‘id’:’Log_On’,’value’:’Log On’,’class’:’custombutton login_page’,’disabled’:’disabled’}).appendTo(right_loginbutton);”)|

add rewrite action ReAct_Insert_Pinsafe_LeftRightVar insert_after_all “HTTP.RES.BODY(1000000)” q{“\r\n//pinsafe: create pinsafe div\r\nvar left_pinsafebutton =$(\”<div></div>\”).addClass(‘left’).appendTo(pinsafe_button);\r\n”+”var right_pinsafebutton=$(\”<div></div>\”).addClass(‘right’).appendTo(pinsafe_button);\r\nvar left_pinsafeimage =$(\”<div></div>\”).addClass(‘left’).appendTo(pinsafe_image);\r\n”+”var right_pinsafeimage=$(\”<div></div>\”).addClass(‘right’).appendTo(pinsafe_image);\r\n”} -search q{text(“var right_loginbutton=$(\”<div></div>\”).addClass(‘right’).appendTo(field_login);”)}

Create the following Rewrite policies:

add rewrite policy RePol_Pinsafe_ButtonVar “HTTP.REQ.URL.EQ(\”/vpn/js/gateway_login_form_view.js\”)” ReAct_Insert_Pinsafe_ButtonVar

add rewrite policy RePol_Pinsafe_LeftRightVar “HTTP.REQ.URL.EQ(\”/vpn/js/gateway_login_form_view.js\”)” ReAct_Insert_Pinsafe_LeftRightVar

add rewrite policy RePol_Pinsafe_ButtonInput “HTTP.REQ.URL.EQ(\”/vpn/js/gateway_login_form_view.js\”)” ReAct_Insert_Pinsafe_ButtonInput

add rewrite policy RePol_Pinsafe_AppendEULA “HTTP.REQ.URL.EQ(\”/vpn/js/gateway_login_form_view.js\”)” ReAct_Pinsafe_AppendEULA

add rewrite policy RePol_Pinsafe_Append “HTTP.REQ.URL.EQ(\”/vpn/js/gateway_login_form_view.js\”)” ReAct_Pinsafe_Append

add rewrite policy RePol_pinsafe.js “HTTP.REQ.URL.EQ(\”/vpn/index.html\”)” ReAct_pinsafe.js

Create the following Responder Action (this hasn’t changes since the last blog) remembering to insert your Swivel Pinsafe external FQDN where it says <insert swivel SQDN>

add responder action ResAct_pinsafe.js respondwith “\”var pinsafeUrl = \\\”https://<insert swivel FQDN>:8443/proxy/\\\”;\n\”+\”\nfunction showImage(sUrl) {\n\tsUser = document.getElementsByName(\\\”login\\\”)[0].value;\n\tif (sUser==\\\”\\\”) {\n\t\tdocument.getElementsByName(\\\”login\\\”)[0].focus();\n\t} else {\n \”+\”\n\t\t// Find the image using Mozilla compatible approach…\n\t\tvarImg = document.getElementById(\\\”imgTuring\\\”);\n \”+\”\n\t\t//Set the image SRC and make it visible\n\t\tvarImg.src = sUrl + \\\”username=\\\” + sUser + \\\”&random=\\\” + Math.round(Math.random()*100000);\n \”+\”\n\t\tvar imgDiv = document.getElementById(\\\”turingDiv\\\”);\n\t\timgDiv.style.display = \\\”\\\”;\n\t}\n}\n\”+\”\nfunction showTuring() {\n\tshowImage(pinsafeUrl + \\\”SCImage?\\\”);\n}\n\”+\”\nfunction sendMessage() {\n\tshowImage(pinsafeUrl + \\\”DCMessage\\\”);\n}\”\n”

Create the following Responder policy

add responder policy ResPol_pinsafe.js “HTTP.REQ.URL.EQ(\”/vpn/pinsafe.js\”)” ResAct_pinsafe.js

Now you will need to bind these policies to NetScaler Gateway virtual server (or you can bind globally if all NetScaler Gateway virtual servers require Swivel Pinsafe however I would recommend that you bind per virtual server)

My example uses the NetScaler Gateway virtual server name of ‘Vsrv_Gateway’ so you can find and rep;ace with your own NetScaler Gateway virtual server name

bind vpn vserver Vsrv_Gateway -policy RePol_Pinsafe_ButtonVar -priority 10 -gotoPriorityExpression NEXT -type RESPONSE

bind vpn vserver Vsrv_Gateway -policy RePol_Pinsafe_LeftRightVar -priority 15 -gotoPriorityExpression NEXT -type RESPONSE

bind vpn vserver Vsrv_Gateway -policy RePol_Pinsafe_ButtonInput -priority 20 -gotoPriorityExpression NEXT -type RESPONSE

bind vpn vserver Vsrv_Gateway -policy RePol_Pinsafe_AppendEULA -priority 25 -gotoPriorityExpression NEXT -type RESPONSE

bind vpn vserver Vsrv_Gateway -policy RePol_pinsafe.js -priority 30 -gotoPriorityExpression NEXT -type RESPONSE

bind vpn vserver Vsrv_Gateway -policy RePol_Pinsafe_Append -priority 35 -gotoPriorityExpression NEXT -type RESPONSE

bind vpn vserver Vsrv_Gateway -policy ResPol_pinsafe.js -priority 100 -gotoPriorityExpression END -type REQUEST

 

1 comment

  1. Justin

    Hi Swivel themselves has advised I use your scripts, however I getting syntax errors. List there a list of prior steps I need to complete before running the above

Leave a Reply

Your email address will not be published. Required fields are marked *

AlphaOmega Captcha Classica  –  Enter Security Code
     
 

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>