Jan 31

NetScaler Access Gateway 10: Modify secondary authentication prompt with rewrite action

As alot of you will have seen in the article CTX123121 the NetScaler Rewrite feature can be used to modify the look and feel of the Access Gateway logon page, commonly this involves changing the default password prompts created in the login.js file.

As the article states these rules may vary from version to version – and they do so I thought I’d add the correct policy for NetScaler version 10 as it differs slightly form that given for version 9.2 due to a slight change in the version 10 login.js file

Note: So far I’ve only gotten round to testing this on version 10 73.5 

The only thing that needs changing here is the RSA rewrite action 

—-

add rewrite action RSA_replace_rewrite_action replace_all “http.RES.BODY(120000).SET_TEXT_MODE(ignorecase)” “”Secure token:‘”” -pattern “”Password2″” -bypassSafetyCheck YES -refineSearch q/extend(50,50).REGEX_SELECT(re![ ]*'[ ]*+[ ]*_(“Password2”)[ ]*!)/  

—-

As you’ll see this is due to a change in the ‘ns_showpwd’ function 

version 9.3 build 71.6 –  login.js 

—-

function ns_showpwd()
{
var pwc = ns_getcookie(“pwcount”);
document.write(‘<TR><TD width=”104px” align=left style=”padding-top:5px;white-space:nowrap;vertical-align:top;”><SPAN>’ + _(“Password”));
if ( pwc == 2 ) { document.write(‘&nbsp;1’); }
document.write(‘:</SPAN></TD>’);
document.write(‘<TD style=”padding-right:8px;padding-left:1px;”><input type=”Password” title=”‘ + _(“Enter password”) + ‘” name=”passwd” size=”30″ maxlength=”32″></TD></TR>’);
if ( pwc == 2 ) {
document.write(‘<TR><TD align=right style=”padding-top:5px;white-space:nowrap;vertical-align:top;” width=”104px”><SPAN>‘ + _(“Password2”) + ‘</SPAN></TD> <TD colspan=2 style=”padding-right:8px;padding-left:1px;”><input type=”Password” title=”‘ + _(“Enter password”) + ‘” name=”passwd1″ size=”30″ maxlength=”32″ ></TD></TR>’);
}
UnsetCookie(“pwcount”);
}

—-

version 10.0 build 73.5 –  login.js 

—-

function ns_showpwd()
{
    var pwdfocus=”javascript:FocusBar(‘password’)”;
    var pwdblur=”javascript:BlurBar(‘password’)”;
    
    var pwdfocus1=”javascript:FocusBar(‘password2’)”;
    var pwdblur1=”javascript:BlurBar(‘password2’)”;
    
 var pwc = ns_getcookie(“pwcount”);
 document.write(‘<TR><TD align=”left” style=”white-space:nowrap;height:15px;padding:0 0 0 10px;”><SPAN>’ + _(“Password”));
 if ( pwc == 2 ) { document.write(‘&nbsp;1’); }
 document.write(‘:</SPAN></TD></TR>’);
 document.write(‘<TR><TD align=”left” valign=”top” width=”193px”><table><tr><td><div id=”hlpass1″></div></td><td><input  type=”Password” title=”‘ + _(“Enter password”) + ‘” name=”passwd” id=”passwd” size=”30″ maxlength=”127″ onFocus=”‘ + pwdfocus + ‘” onblur=”‘ + pwdblur + ‘”></td></tr></table></TD></TR>’);
 
 if ( pwc == 2 ) {
   document.write(‘<TR><TD align=”left” style=”white-space:nowrap;height:15px;padding:0 0 0 10px;”><SPAN>‘ + _(“Password2”));
   document.write(‘</SPAN></TD></TR>’);
   document.write(‘<TR><TD align=”left” valign=”top” width=”193px”><table><tr><td><div id=”hlpass2″></div></td><td><input  type=”Password” title=”‘ + _(“Enter password”) + ‘” name=”passwd1″ id=”passwd1″ size=”30″ maxlength=”127″ onFocus=”‘ + pwdfocus1 + ‘” onblur=”‘ + pwdblur1 + ‘”></td></tr></table></TD></TR>’);
 //document.write(‘<TR><TD align=”left” style=”white-space:nowrap;height:15px;padding:0 0 0 10px;”><SPAN>’ + _(“Password2″) + ‘</SPAN></TD></TR><TR><TD align=”left” valign=”top” width=”193px”><input type=”Password” title=”‘ + _(“Enter password”) + ‘” name=”passwd1″ size=”30″ maxlength=”127″></TD></TR>’);
 }
 UnsetCookie(“pwcount”);
}

—-

1 comment

    • HSchillemat on 10/03/2014 at 17:52
    • Reply

    Hi thank for your blog, i tried it with copy paste in the Shell (before i changed the ” and ‘)
    But in the Shell stand every time -bash: ![: event not found
    Have you any idea what i can do??
    VPX Version is 124.13.nc and could you make an walktrough?

Leave a Reply

Your email address will not be published.

AlphaOmega Captcha Classica  –  Enter Security Code