Versions Compared

Old Version 9

changes.mady.by.user Josefin Klang

Saved on

compared with

New Version 10

changes.mady.by.user Josefin Klang

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. In Digital Access Admin, click Browse.

  2. Upload the provided files (without changing the file names) to access-point/custom-files/scripts

.

Expand
titleUpload script files
Excerpt


Expand
titleAdd filters
  1. In Digital Access Admin, go to Manage Resource Access.
  2. Click Global Resource Settings.
  3. Go to the Filters tab and click Add Filter...
  4. Add these three filters and configure them as follows:

    • sso_set_username

      Panel
      titleConfigure sso_set_username

      Display Name: sso_set_username
      Script name: sso_set_username
      Type of Filter: Request
      Resource host: Difficult SSO Resource
      Path: login_form.aspx
      Apply Filter To: Content
      Content Type: *


    • sso_set_password

      Panel
      titleConfigure sso_set_password

      Display Name: sso_set_password
      Script name: sso_set_password
      Type of Filter: Request
      Resource host: Difficult SSO Resource
      Path: login_form.aspx
      Apply Filter To: Content
      Content Type: *


    • Inject_script

      Panel
      titleConfigure inject_script

      Display Name: inject_script
      Script name: inject_script
      Type of Filter: Response
      Resource host: Difficult SSO Resource
      Path: login_form.aspx
      Apply Filter To: Content
      Content Type: *

      Script variable: setTimeout(function() {document.getElementById("Password").value="secret_password";
      document.getElementById("Username").value = "secret_username";document.getElementById("LoginButton").click();}, 100);

      For help, click the ?-sign.

Information about the filters

This table gives information about the filters:

sso_set_usernameThis filter picks up a dummy-string, in this case: secret_username, and replaces it with the correct sso username in the request from the user to the internal server. This is a server side operation only so the username will never reach the end user or traverse to the client.
sso_set_passwordThis filter picks up a dummy-string, in this case: secret_password, and replaces it with the correct sso password in the request from the user to the internal server. This is a server side operation only so the password will never reach the end user or traverse to the client.
Inject_scriptThis filter injects a script in the login form web page that will prefill the values of the login form controls with the dummy strings secret_username and secret_password and auto-submit the form.


...