Add Link or Comment to Citrix ADC Logon Page
Update 05-04-2021: Changed the loginschema to show the link above login button and changed script.js to match css.
You are probably reading this as you found out the hard way that rewriting the logon page (AAA virtual server / authentication profiles) is not working/supported. But you do want that extra line in there 😉 Here’s a little tutorial explaining how to do this.
First you need to know that this only works when using custom login schema’s. So when this is needed on a gateway you need to use the authentication profiles features of the Citrix ADC. When you have this is place and working as expected you can continue.
Open the script.js file from your custom theme (located at /var/netscaler/logon/themes/<custom theme name>/script.js)
Add the following part: (Change the link and text to your own convenience)
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 |
// Custom Label Handler for Self Service Links CTXS.ExtensionAPI.addCustomAuthLabelHandler({ getLabelTypeName: function () { return "nsg-custom-label"; }, getLabelTypeMarkup: function (requirements) { return $("<label class=\"label plain\">Click <a style=\"text-decoration: underline;color: #0c559a;\" href=\"https://passwordreset.microsoftonline.com\">here</a> to change password.</label>"); }, // Instruction to parse the label as if it was a standard type parseAsType: function () { return "plain"; } }); //Custom Credential Handler for Self Service Links CTXS.ExtensionAPI.addCustomCredentialHandler({ getCredentialTypeName: function () { return "nsg-custom-cred"; }, getCredentialTypeMarkup: function (requirements) { return $("<div/>"); }, }); |
Here a screenshot how it should look:
Now open your custom logon schema you are using within your authentication profile to edit it. It can by found in /flash/nsconfig/loginschema
Add the following line as last requirement: <Requirement><Credential><Type>nsg-custom-cred</Type><ID>passwd</ID></Credential><Label><Type>nsg-custom-label</Type></Label>
Here is an example of the created loginschema:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 |
<?xml version="1.0" encoding="UTF-8"?> <AuthenticateResponse xmlns="http://citrix.com/authentication/response/1"> <Status>success</Status> <Result>more-info</Result> <StateContext/> <AuthenticationRequirements> <PostBack>/nf/auth/doAuthentication.do</PostBack> <CancelPostBack>/nf/auth/doLogoff.do</CancelPostBack> <CancelButtonText>Cancel</CancelButtonText> <Requirements> <Requirement><Credential><ID>login</ID><SaveID>ExplicitForms-Username</SaveID><Type>username</Type></Credential><Label><Text>singleauth_user_name</Text><Type>nsg-login-label</Type></Label><Input><AssistiveText></AssistiveText><Text><Secret>false</Secret><ReadOnly>false</ReadOnly><InitialValue/><Constraint>.+</Constraint></Text></Input></Requirement> <Requirement><Credential><ID>passwd</ID><SaveID>ExplicitForms-Password</SaveID><Type>password</Type></Credential><Label><Text>singleauth_password</Text><Type>nsg-login-label</Type></Label><Input><Text><Secret>true</Secret><ReadOnly>false</ReadOnly><InitialValue/><Constraint>.+</Constraint></Text></Input></Requirement> <Requirement><Credential><Type>nsg-custom-cred</Type><ID>passwd</ID></Credential><Label><Type>nsg-custom-label</Type></Label></Requirement></Requirements> <Requirement><Credential><ID>loginBtn</ID><Type>none</Type></Credential><Label><Type>none</Type></Label><Input><Button>singleauth_log_on</Button></Input></Requirement> </AuthenticationRequirements> </AuthenticateResponse> |
Now open your authentication page and you should see the link inserted:
Tested on versions 12.1 and 13
2 Comments
Tobias Hoffmann · July 21, 2021 at 13:05
Hi, i used your Blog to get a Link in our Login Page. But when i Use this string in the loginschema (nsg-custom-credpasswdnsg-custom-label) I got this error in my Netscler config GUI: Cannot read property ‘type’ of undefined
Here is my complete schema:
success
more-info
/nf/auth/doAuthentication.do
/nf/auth/doLogoff.do
Cancel
loginExplicitForms-Usernameusernameprefiluserfromexpr_user_namensg-login-labelprefiluserfromexpr_please_supply_either_domain\username_or_user@fully.qualified.domainfalsetrue${http.req.user.name}.+
passwdExplicitForms-Passwordpasswordprefiluserfromexpr_passwordnsg-login-labeltruefalse.+
noneprefiluserfromexpr_second_factornsg_confirmation
saveCredentialssavecredentialsprefiluserfromexpr_remember_my_passwordnsg-login-labelfalse
loginBtnnonenoneprefiluserfromexpr_log_on
Do you Have any Ideas for me?
Jeroen Tielen · July 23, 2021 at 09:21
Hi Tobias,
Use the CLI/WINSCP.
Best regards, Jeroen.