Update 05-04-2021: Changed the loginschema to show the link above login button and changed script.js to match css.
Update 23-12-2021:Β Removed typo in the login schema, thanks Sander Bierman π
You are probably reading this as you found out the hard way that rewriting the logon page (AAA virtual server / authentication profiles) is not working/supported. But you do want that extra line in there π Here’s a little tutorial explaining how to do this.
First you need to know that this only works when using custom login schema’s. So when this is needed on a gateway you need to use the authentication profiles features of the Citrix ADC. When you have this is place and working as expected you can continue.
Open the script.js file from your custom theme (located at /var/netscaler/logon/themes/<custom theme name>/script.js)
Add the following part: (Change the link and text to your own convenience)
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 |
// Custom Label Handler for Self Service Links CTXS.ExtensionAPI.addCustomAuthLabelHandler({ getLabelTypeName: function () { return "nsg-custom-label"; }, getLabelTypeMarkup: function (requirements) { return $("<label class=\"label plain\">Click <a style=\"text-decoration: underline;color: #0c559a;\" href=\"https://passwordreset.microsoftonline.com\">here</a> to change password.</label>"); }, // Instruction to parse the label as if it was a standard type parseAsType: function () { return "plain"; } }); //Custom Credential Handler for Self Service Links CTXS.ExtensionAPI.addCustomCredentialHandler({ getCredentialTypeName: function () { return "nsg-custom-cred"; }, getCredentialTypeMarkup: function (requirements) { return $("<div/>"); }, }); |
Here a screenshot how it should look:
Now open your custom logon schema you are using within your authentication profile to edit it. It can by found in /flash/nsconfig/loginschema
Add the following line as last requirement: <Requirement><Credential><Type>nsg-custom-cred</Type><ID>passwd</ID></Credential><Label><Type>nsg-custom-label</Type></Label>
Here is an example of the created loginschema:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 |
<?xml version="1.0" encoding="UTF-8"?> <AuthenticateResponse xmlns="http://citrix.com/authentication/response/1"> <Status>success</Status> <Result>more-info</Result> <StateContext/> <AuthenticationRequirements> <PostBack>/nf/auth/doAuthentication.do</PostBack> <CancelPostBack>/nf/auth/doLogoff.do</CancelPostBack> <CancelButtonText>Cancel</CancelButtonText> <Requirements> <Requirement><Credential><ID>login</ID><SaveID>ExplicitForms-Username</SaveID><Type>username</Type></Credential><Label><Text>singleauth_user_name</Text><Type>nsg-login-label</Type></Label><Input><AssistiveText></AssistiveText><Text><Secret>false</Secret><ReadOnly>false</ReadOnly><InitialValue/><Constraint>.+</Constraint></Text></Input></Requirement> <Requirement><Credential><ID>passwd</ID><SaveID>ExplicitForms-Password</SaveID><Type>password</Type></Credential><Label><Text>singleauth_password</Text><Type>nsg-login-label</Type></Label><Input><Text><Secret>true</Secret><ReadOnly>false</ReadOnly><InitialValue/><Constraint>.+</Constraint></Text></Input></Requirement> <Requirement><Credential><Type>nsg-custom-cred</Type><ID>passwd</ID></Credential><Label><Type>nsg-custom-label</Type></Label></Requirement> <Requirement><Credential><ID>loginBtn</ID><Type>none</Type></Credential><Label><Type>none</Type></Label><Input><Button>singleauth_log_on</Button></Input></Requirement> </Requirements> </AuthenticationRequirements> </AuthenticateResponse> |
Now open your authentication page and you should see the link inserted:
Tested on versions 12.1 and 13
11 Comments
Tobias Hoffmann · July 21, 2021 at 13:05
Hi, i used your Blog to get a Link in our Login Page. But when i Use this string in the loginschema (nsg-custom-credpasswdnsg-custom-label) I got this error in my Netscler config GUI: Cannot read property ‘type’ of undefined
Here is my complete schema:
success
more-info
/nf/auth/doAuthentication.do
/nf/auth/doLogoff.do
Cancel
loginExplicitForms-Usernameusernameprefiluserfromexpr_user_namensg-login-labelprefiluserfromexpr_please_supply_either_domain\username_or_user@fully.qualified.domainfalsetrue${http.req.user.name}.+
passwdExplicitForms-Passwordpasswordprefiluserfromexpr_passwordnsg-login-labeltruefalse.+
noneprefiluserfromexpr_second_factornsg_confirmation
saveCredentialssavecredentialsprefiluserfromexpr_remember_my_passwordnsg-login-labelfalse
loginBtnnonenoneprefiluserfromexpr_log_on
Do you Have any Ideas for me?
Jeroen Tielen · July 23, 2021 at 09:21
Hi Tobias,
Use the CLI/WINSCP.
Best regards, Jeroen.
Alex Eckersley · August 25, 2021 at 11:37
Hi Jeroen,
We are curently on NetScaler NS12.1: Build 62.27.nc and I tried to add the password reset link just as you stated but nothing shows up.
The script.js was empty and I pasted your code there ans changed the URL.
The I added the line in the login schema as second-last requirement. I noticed that it missed a “” at the end but it is in your coding.
Also I noticed that the “” in your code is before the loginBtn requirement. In the original code it was at the end. I played around with that but to no avail.
Could it be a problem with CSS?
Jeroen Tielen · August 25, 2021 at 11:48
Which portal theme are you using? Try the rfwebui.
Alex Eckersley · August 25, 2021 at 11:50
We use a custom rfwebui
Jeroen Tielen · August 31, 2021 at 09:32
Hi Alex, the best you can do is create a new theme (based in rfwebui) and start from scratch.
Alex Eckersley · August 31, 2021 at 10:19
We’ll do that, thanks anyway.
Mike Geubel · November 17, 2021 at 09:27
I created a custom theme based upon the RfWebUI theme. I entered the part in the first step in /var/netscaler/logon/themes//script.js, but I don’t have a custom logon theme file in /flash/nsconfig/loginschema.
I tried adding the line into /var/netscaler/logon/LogonPoint/LogonUI.html and /flash/nsconfig/loginschema/LoginSchema/SingleAuth.xml, but both didn’t work.
Do you know what I need to do?
Jeroen Tielen · November 17, 2021 at 13:03
Hi Mike, mandatory step is to use authentication profiles.
Tony S · January 7, 2022 at 12:24
Thank you for this guide, it was really helpful, without this I would’ve used way more time to figure this out.
Is there a way to center the text under Login button? Not necessary, but would be a nice touch.
Jeroen Tielen · January 7, 2022 at 12:25
Yes that is possible. Just add the center tags ;).