webPass loops if user has invalid credentials.

webPass loops if user has invalid credentials.

webPass is programmed to only trigger once per tab. You hit the login page -webPass gets notified by the browser that a page loads. It injects creds. You fail - end up back at the same url. At that point, webPass does NOT receive a notification that anything happened because it came from the cache. However the browser decides to pull the version from the cache with the creds injected (meaning it tries over and over again and webPass only got to play on the first request).

We have been seeing this happen in Chrome more than other browsers lately. It has to do with their cache.
You can usually get around this with a fake parameter. This is a parameter that you add that the website normally does not use. Sometimes, depending on how the developer of the site did their code you may have to go a little further.

An example url is https://someapp.example-cloud.com/Login_Student_PXP.aspx

Have the login page on the form be this : https://someapp.example-cloud.com/Login_Student_PXP.aspx?wn=y

The trigger will then be: https://someapp.example-cloud.com/Login_Student_PXP.aspx\?wn=y

That typically will fix the problem unless the developer of the site grabs the parameters and puts them in the submit form. If that is the case - after it fails a login, you'll see it goes right back to the wn=y version (and triggers over and over).

That is because they have a form element in the page like this: <form name="Form1" method="post" action="Login_Student_PXP.aspx?wn=y" id="Form1">

Using the script in the form, put something like this to change that action to the page without the parameter.

document.getElementById( "Form1" ).action = "Login_Student_PXP.aspx"";

That way the creds are submitted to the non wn=y page. If you fail you are on a page that shouldn't pull from the cache with credentials already in it and you should be good to go.

    • Related Articles

    • Disable webPass from prompting for credentials for a link

      We have run into a handful of instances, where a customer has a Standard Link that points to the same address as one of the webStore definitions. For example, we have customers using the SAML integration with Google, and have a Standard Link created ...
    • New Features of webPass

      With the release of Unified Workspace (formerly webNetwork) 6.4, there are some new features for webPass. New webPass SSO deploy and update system for installing the webPass browser add-on The webPass add-on is not detected in the browser: webPass is ...
    • Troubleshoot webPass SSO

      Issue Applications setup for webPass are no longer submitting credentials.  How do I go about troubleshooting? Solution Verify the Extension is installed in the browser and active. You should see the webPass "key" button on the browser's toolbar. ...
    • Management Console non-directory credentials

      Question How can I access Unified Workspace if my directory credentials are not working? For example: We are having directory issues and need to configure Unified Workspace to connect to a different Directory Controller. Solution The Management ...
    • iOS webAgent requires webPass SSO forms to use Lockboxes

      Issue When a webPass SSO form is configured with hard-coded credentials or UW variable, for form input values the iOS webAgent will not trigger SSO.  It behaves as a Standard Link, bringing up the login page to be manually authenticated to. ...
    • Popular Articles

    • Old Browser Versions

      Question: I am using an older browser version and am having problems. What can be done ? We are not able to upgrade the browser at this time.   This is a challenge for any company that makes software that utilizes a browser. Since Stoneware does not ...
    • LCS Redirection

      Problem: How to redirect the LCS in an environment with multiple LCSs and students connecting to them. Solution(s): Create an allow.cfg on all LCS(s) (including the Master) in the network, however, even if no allow.cfg is present on an LCS, machines ...
    • Time windows allows for Service Shutdown

      Issue: Can the time windows gives a service to shut down before it kills the service be increased? Solution: Yes, the following information comes from the Microsoft URL : http://support.microsoft.com/kb/146092 To specify the wait time, do the ...
    • How to disable password saving - Internet Explorer

      Having multiple methods for saving a password in the browser can cause confusion for the user.   To disable password saving in Internet Explorer, launch Internet Explorer and perform the following steps. Click the blue Settings menu icon in the upper ...
    • How to disable password saving - Chrome

      Having multiple methods for saving a password in the browser can cause confusion for the user.  To disable password saving in Chrome, launch Chrome and perform the following steps. Click the Chrome menu button in the upper right corner of the Chrome ...
    • Recent Articles

    • Lenovo Unified Workspace 7.0.0.63 Released

      Highlights of Unified Workspace 7.0.0.63 If you need assistance with your update, please e-mail support at support@lenovosoftware.com or visit https://unifiedworkspace.com/support/ for more information. Below is a list of enhancements and fixes for ...
    • How to fix customized login and profile after upgrading to v7.0

      With the release of 7.0 the default login page has been modified to simplify the customization process.  If you are having an issue with the login page not displaying, after upgrading to v7.0, you will need to delete the custom CSS code and start ...
    • SAML SP - Sync Directory Password

      Login script to prompt for directory password Since the user does not login into Unified Workspace with a password, we cannot capture the password to use in the @@password@@ variable.  If you would like to use the Active Directory password for other ...
    • MySQL 8 SSL

      Issue Admin is making a database connection to a MySQL 8 database.  When clicking the Ping button on the DB Connection object, the following error is presented: WARN: Establishing SSL connection without server's identity verification is not ...
    • 7.0 excludeProtocols - includeProtocols - allowCiphers - denyCiphers config file

      excludeProtocols - includeProtocols - allowCiphers - denyCiphers config file The following configuration is recommended for systems running 7.0.0.63, and higher. (For older 6.5 releases of UW, please see this article.) ...