Debug Client Side SSO

Debug Client Side SSO

The default action is : document.forms[0].submit();

A way to debug is to add an Alert : alert( ’form triggered’ ); document.forms[0].submit();

----------------------------

If inputs are in script we don’t see them when the page comes through the relay. webNetwork takes the page and parses it out into html tags, since they are script writing the input fields on the fly, they are not "officially" there.
Thus we would have to add them ourselves.

Force the values:
document.forms[0].account.value=’myusername’;
document.forms[0].pw.value=’mypassword’;
document.forms[0].submit();

----------------------------


If the form is submitting to a script instead of just submitting to a url.

form name="LoginForm" action="/guardian/home.html" method="POST" target="_top" ="doStudentLogin(this);" is what the page would do.

The script would then be : doStudentLogin(document.forms[0]);

----------------------------

Sometimes a form wants to see the x and y from the submit button. Because we are not really clicking on the submit button, we have to add those.

var xfield = document.createElement( ’input’ );
xfield.type = ’hidden’;
xfield.name = ’x’;
xfield.value = ’20’;
document.forms[0].appendChild( xfield );
var yfield = document.createElement( ’input’ );
yfield.type = ’hidden’;
yfield.name = ’y’;
yfield.value = ’20’;
document.forms[0].appendChild( yfield );


So then the full script would be to add the username,pass,x,y and the submit.

document.forms[0].account.value=’myusername’;
document.forms[0].pw.value=’mypassword’;
var xfield = document.createElement( ’input’ );
xfield.type = ’hidden’;
xfield.name = ’x’;
xfield.value = ’20’;
document.forms[0].appendChild( xfield );
var yfield = document.createElement( ’input’ );
yfield.type = ’hidden’;
yfield.name = ’x’;
yfield.value = ’20’;
document.forms[0].appendChild( yfield );
doStudentLogin(document.forms[0]);

----------------------------

In the case of something that submits to script and then the script submits it, the following would be used.

document.forms[0].account.value=’myusername’;
document.forms[0].pw.value=’mypassword’;
doStudentLogin(document.forms[0]);
document.forms[0].submit();

----------------------------

Another example of a button used to submit the login form. It uses a ONCLICK.

<A class="toolbarbutton" id="Button1" ="__doPostBack(’Button1’,’’);
__EPHWC_tbbOff(this,false)" ="__EPHWC_tbbDown(this,false)"
onmouseout="__EPHWC_tbbOff(this,false)" ="__EPHWC_tbbOver(this,false)"
="__EPHWC_tbbOver(this,false)" style="" title="">
<IMG src="/eduphoria_webcontrols/images/clear.gif" style="filter:progid:DXImageTransform.Microsoft.AlphaImageLoader
(src=’/eduphoria_icon_images/nav_right_green.png’)"> Login</A>

The script would then be : __doPostBack('Button1',");document.forms[0].submit();

----------------------------

If the submit button is named submit, this may cause issues. We have to take the value of the submit, assign that to a new variable, then make a new function to submit the form.

The script would look like :
var b = document.forms[0].submit;
b.parentElement.removeChild(b);
var submitFnc=document.forms[0].submit;
var x=document.createElement( "input" );
x.type="text";
x.name="submit";
x.value="Sign In";document.forms[0].appendChild(x);
submitFnc();

----------------------------

If there is a button for submit, and the back end server wants to see the value of the button being pushed (this may not work with ff):

input id="LoginButton" name="LoginButton" type="submit" value="Log In"
var submitFnc=document.forms[0].submit;
var x=document.createElement( "input" );
x.type="text";
x.name="LoginButton";
x.value="Log In";
document.forms[0].appendChild(x);
submitFnc()

An easier way is to try using server side SSO for forms like this.

----------------------------

An example of a form that the wizard will not pick up correctly.

< action="login.aspx" id="Form1" language="script" method="post" name="Form1" ="ValidatorOnSubmit();">

<INPUT name="__VIEWSTATE" type="hidden" value="dDwxNTQ1DLNHmkw=">
<INPUT id="ucStart__ctl0_txtLoginId" maxlength="25" name="ucStart:_ctl0:txtLoginId" style="width:125px;" type="text" value="130467">
<INPUT id="ucStart__ctl0_txtPassword" maxlength="25" name="ucStart:_ctl0:txtPassword" style="width:125px;" type="password" value="04671519">
<INPUT id="ucStart__ctl0_cmdLogin" language="script" name="ucStart:_ctl0:cmdLogin" ="if (typeof(Page_ClientValidate) == ’function’) Page_ClientValidate(); " type="submit" value="Login">

<SCRIPT language="script">
<!--
var Page_Validators = new Array(document.all["ucStart__ctl0_RequiredFieldValidator1"], document.all["ucStart__ctl0_RequiredFieldValidator2"]);
// -->
</SCRIPT>


<SCRIPT language="script">
<!--
var Page_ValidationActive = false;
if (typeof(clientInformation) != "undefined" && clientInformation.appName.indexOf("Explorer") != -1) {
if ((typeof(Page_ValidationVer) != "undefined") && (Page_ValidationVer == "125"))
ValidatorOnLoad();
}

function ValidatorOnSubmit() {
if (Page_ValidationActive) {
ValidatorCommonOnSubmit();
}
}
// -->
</SCRIPT>

</>


The script would need to call the script function, then because the server WANTS to see the information from the LOGIN button click, we have to create an input element.
Set it to a hidden type.

Set the name to ucStart:_ct10:cmdLogin
Set the value to "Login"
We then append that variable to the form and then submit the form.

if (typeof(Page_ClientValidate) == ’function’) Page_ClientValidate(document.forms[0]);
document.forms[0].();
currentElement = document.createElement("input");
currentElement.setAttribute("type", "hidden");
currentElement.setAttribute("name", "ucStart:_ctl0:cmdLogin");
currentElement.setAttribute("value", "Login");
document.forms[0].appendChild(currentElement);
document.forms[0].submit();

----------------------------

If the form just has a login button like:

<tr id="LoginButtonRow" class="LoginFormRow">
<td id="LoginButtonCell" colspan="2">
<input type="submit" name="ctlLogin" value="Log In" id="ctlLogin" style="width:65px;" />
</td>
</tr>


Then add this to the script:
currentElement = document.createElement("input");
currentElement.setAttribute("type", "hidden");
currentElement.setAttribute("name", "ctlLogin");
currentElement.setAttribute("value", "Log In");
document.forms[0].appendChild(currentElement);

Finish the script with document.forms[0].submit();

----------------------------

If you just need to set a value using script you can do the following :

document.getElementById( "L_lbsc_txtUserName" ).value = "username";
L_lbsc_txtUserName is the ID value in the input tag.
You must use this if the NAME attribute has $ in the name.

----------------------------

To set a checkbox you can do the following :
document.forms[0].login_type[1].checked = true;

----------------------------

Sometimes the form gets filled out but the publisher really wants you to putsh their button to login.
In the case of something like this :

<input value="" ="aspxBGotFocus(’mainCDARoundPanel_loginButton’)" name="mainCDARoundPanel$loginButton" type="submit" style="background-color:Transparent;border-width:0px;height:0px;width:0px;padding:0px;" /></td>

<script id="dxss_1630895435" type="text/script">
<!--
aspxAddHoverItems(’mainCDARoundPanel_loginButton’,[[[’dxbButtonHover’],[’’],[’B’],[’’,’TC’],[[’’]],[’Img’]]]);
aspxAddPressedItems(’mainCDARoundPanel_loginButton’,[[[’dxbButtonPressed’],[’’],[’B’],[’’,’TC’],[[’’]],[’Img’]]]);

var dxo = new ASPxClientButton(’mainCDARoundPanel_loginButton’);
window[’mainCDARoundPanel_loginButton’] = dxo;
dxo.autoPostBack = true;
dxo.uniqueID = ’mainCDARoundPanel$loginButton’;
dxo.RegisterServerEventAssigned([’Click’]);
aspxAddSelectedItems(’mainCDARoundPanel_loginButton’,[[[’dxbf’],[’’],[’CD’]]]);
dxo.InlineInitialize();

//-->
</script>

The script box would send : document.forms[0].mainCDARoundPanel$loginButton.click();
This triggers the script to perform a "Click" event.

----------------------------

Sometimes you need to pause before faking the submit button.
You can add a setTimeout with the name of the submit_button in "" and it will pause and then issues a Click

setTimeout( "document.getElementById(’login_submit’).click();", 5000 );

Another way is to use :
function sleep(milliseconds) {
var start = new Date().getTime();
for (var i = 0; i < 1e7; i++) {
if ((new Date().getTime() - start) > milliseconds){
break;
}
}
}
sleep(0);


An example of just using the script box to define the variable, set the variable and then "click" the login button :

var userNameEdit = igedit_getById('ctl00$CPH1$LoginPanel$UserNameTextBox');
userNameEdit.setValue("@@enc:myuserid@@");
var passwordEdit = igedit_getById('ctl00$CPH1$LoginPanel$PasswordTextBox');
passwordEdit.setValue("@@enc:mypass@@");
document.getElementById( "ctl00_CPH1_LoginPanel_LoginButton" ).click();


Another way to do the click is to use the following : document.loginForm.loginButton.click();


Some Flash sites use part html for the login page. One such site was able to use a sso form like this to do the sso.

//var form = new FormData();
//form.append("userName", "@@enc:myuname@@");
//form.append("password", "@@enc:mypass@@");
//var xhrForm = new XMLHttpRequest();

if (window.XMLHttpRequest) // Standard object
{
xhrForm = new XMLHttpRequest(); // Firefox, Safari, ...
}
else if (window.ActiveXObject) // Internet Explorer
{
xhrForm = new ActiveXObject("Microsoft.XMLHTTP");
}

xhrForm.open("POST", "/company/login-auth.flex");
xhrForm.setRequestHeader("Content-Type","application/x-www-form-urlencoded");
xhrForm.send("userName=" + encodeURI("@@enc:myuname@@") + "&password=" + //encodeURI("@@enc:mypass@@"));


xhrForm.onreadystatechange = function () {
if (xhrForm.readyState === 4) {
//console.log(xhrForm.response);
window.location = "/company/fx/home.flex";

}
}; 

******************webPass Only Tricks*******************
If you have a rolling variable like xyz-password where xyz is different every time you load the page you can add a script to the webPass form to set the variable like the following:
var inputs = document.getElementsByTagName( "input" );
for( i=0; i < inputs.length; i++ ) {
      if( inputs[i].type ) {
            if( inputs[i].type == "password" ) {
                  inputs[i].value = "@@password@@";
            }
      }
}

You can also use a similar script for clicking a submit button that does not have an input id or input name with the following script if it has an input type of submit:
var inputs = document.getElementsByTagName( "input" );
for( i=0; i < inputs.length; i++ ) {
      if( inputs[i].type ) {
            if( inputs[i].type == "submit" ) {
                  inputs[i].click();
            }
      }
}




    Can't find the KB

    Unable to find the KB to address your issue ?  

      • Recent Articles

      • Lenovo Unified Workspace End-of-Life Questions and Answers

        Will the shutdown of LUW servers and access to downloads affect my server licensing? No, the shutdown of the customer servers and access to the product and licensing downloads will not affect your server licensing. This license is downloaded and ...

      • How do I determine my Unified Workspace license expiration date?

        The best method for determining the licensing information including the expiration date of your Unified Workspace license: Login to your 8090 management console on each server This may take remoting into each LUW server and relay, opening a browser, ...

      • Lenovo Unified Workspace 7.0.2.13 Released

        Highlights of Unified Workspace 7.0.2.13 Before you install: Please view the installation notes here. 7.0.2.13 requires a 7.0 license file. Below is a list of enhancements and fixes released in Unified Workspace 7.0.2.13 Fixed external storage ...

      • LanSchool Documentation Guides

        LanSchool Classic Teacher Console The LanSchool Teacher Console is the interface teachers will use to manage their classroom and students. It contains all the tools necessary for a teacher to effectively interact with students and create a ...

      • Lenovo Unified Workspace 7.0.1.41 Released

        Highlights of Unified Workspace 7.0.1.41 Before you install: Please view the installation notes here. 7.0.1.41 requires a 7.0 license file. Below is a list of enhancements and fixes for Unified Workspace 7.0.1.41 Updated Log4j Updated Java Updated ...

      • Related Articles

      • Client side SSO errors

        The customer is getting the following errors when trying to use the client side SSO features in webNetwork for RDP / Citrix.  The first error:  The relay path of 192.168.9.29/axis/services/WebNetworkPortalService is not a valid format.  The second ...

      • SSO methods explained

        Rundown of SSO Methods: Server Side webPass SSO - This is only available for Virtual web Applications. Uses webPass SSO engine / wizard to build an SSO form which is passed by modifying the form information as it passes through the webNetwork ...

      • How to SSO into Microsoft MSTSC Native Client

        A few years ago Microsoft changed the RDP client to not allow that native client ( mstsc.exe ) to accept command line parameters for authentication along with removing the same feature from the saved .RDP file. This means that when you use the native ...

      • Debug relay startup problems.

        1) If you have your loaders clustered, make sure the cluster status is in sync by using the 8090 management console and checking the cluster status. 2) Use the 8090 console on the relay to turn on com.stoneware.client.stonewareclient debug.  When the ...

      • webPass SSO Browser and Device Support

        webPass SSO webAgents and Extensions download page. webPass Server Side SSO webPass Server Side SSO is handed by the UW server, and thus requires no installed Agents or Browser Extensions to function.