-
Basic components of authentication, authorization, and auditing configuration
-
-
Multi-Factor (nFactor) authentication
-
nFactor visualizer for simplified configuration (Planned for deprecation)
-
Set a cookie using nFactor
-
-
Web Application Firewall protection for VPN virtual servers and authentication virtual servers
-
On-premises NetScaler Gateway as an identity provider to Citrix Cloud
-
Authentication, authorization, and auditing with commonly used protocols
-
Troubleshoot authentication and authorization related issues
This content has been machine translated dynamically.
Dieser Inhalt ist eine maschinelle Übersetzung, die dynamisch erstellt wurde. (Haftungsausschluss)
Cet article a été traduit automatiquement de manière dynamique. (Clause de non responsabilité)
Este artículo lo ha traducido una máquina de forma dinámica. (Aviso legal)
此内容已经过机器动态翻译。 放弃
このコンテンツは動的に機械翻訳されています。免責事項
이 콘텐츠는 동적으로 기계 번역되었습니다. 책임 부인
Este texto foi traduzido automaticamente. (Aviso legal)
Questo contenuto è stato tradotto dinamicamente con traduzione automatica.(Esclusione di responsabilità))
This article has been machine translated.
Dieser Artikel wurde maschinell übersetzt. (Haftungsausschluss)
Ce article a été traduit automatiquement. (Clause de non responsabilité)
Este artículo ha sido traducido automáticamente. (Aviso legal)
この記事は機械翻訳されています.免責事項
이 기사는 기계 번역되었습니다.책임 부인
Este artigo foi traduzido automaticamente.(Aviso legal)
这篇文章已经过机器翻译.放弃
Questo articolo è stato tradotto automaticamente.(Esclusione di responsabilità))
Translation failed!
Set a cookie using nFactor
You can apply the nFactor custom labels and set a cookie as a factor of the authentication flow. Through custom labels, you can use JavaScript to manipulate the login schema.
To set a cookie as a factor, you do not need to display any information to the user, which is performed with a no schema login. Instead, you must interact with the user’s browser to instruct the login schema to store the desired data. A login schema is required to set the cookie when the page is loaded. The cookie is set with a custom label and JavaScript code.
To implement a factor that sets a cookie, create an XML file called cookie.xml to store the schema in the /nsconfig/loginschema/ directory with the following content:
<?xml version="1.0" encoding="UTF-8"?>
<AuthenticateResponse xmlns="http://citrix.com/authentication/response/1">
<Status>success</Status>
<Result>more-info</Result>
<StateContext></StateContext>
<AuthenticationRequirements>
<PostBack>/nf/auth/doAuthentication.do</PostBack>
<CancelPostBack>/nf/auth/doLogoff.do</CancelPostBack>
<CancelButtonText>Cancel</CancelButtonText>
<Requirements>
<Requirement>
<Credential><ID>nsg_cookie</ID><Type>nsg_cookie</Type></Credential>
<Label><Text>Logon Type:</Text><Type>Plain</Type></Label>
</Requirement>
<Requirement>
<Credential><ID>loginBtn</ID><Type>none</Type></Credential>
<Label><Type>none</Type></Label><Input><Button>Log On</Button></Input>
</Requirement>
</Requirements>
</AuthenticationRequirements>
</AuthenticateResponse>
<!--NeedCopy-->
In this XML;
- The custom label nsg_cookie is used to create the cookie and submit the form, and the form button.
- The RfWebUI_custom is the new Portal theme based on the RfWebUI theme.
Steps to set a cookie using nFactor
-
Create a portal theme based on the RfWebUI theme.
add vpn portaltheme RfWebUI_custom -basetheme RfWebUI <!--NeedCopy-->This command creates a folder for this theme at /var/netscaler/logon/themes/RfWebUI_custom
-
Edit the file /var/netscaler/logon/themes/RfWebUI_custom/script.js and add the following script:
CTXS.ExtensionAPI.addCustomCredentialHandler({ // The name of the credential, must match the type returned by the server getCredentialTypeName: function () { return "nsg_cookie"; }, // Generate HTML for the custom credential getCredentialTypeMarkup: function (requirements) { var div = $("<div></div>"); $(document).ready(function() { //Set cookie valid for 1000 days var exdays = 1000; var d = new Date(); d.setTime(d.getTime() + (exdays*24*60*60*1000)); var expires = "expires="+ d.toUTCString(); document.cookie = "NSC_COOKIE_NAME=CookieValue;" + expires + ";path=/"; //Submit form document.getElementById('loginBtn').click(); }); return div; } }); <!--NeedCopy-->This code performs the following:
- Waits for the browser to finish loading the page
- Sets a cookie called NSC_COOKIE_NAME with the value CookieValue, valid for 1000 days
- Auto-submits the form.
The cookie is created and the user does not need to interact with the page.
-
Create a login schema to bind to the policy label that represents the set cookie factor.
add authentication loginSchema Cookie_LS -authenticationSchema "/nsconfig/loginschema/cookie.xml" <!--NeedCopy--> -
Create a NO_AUTHN authentication policy to bind to the policy label that represents the set cookie factor.
add authentication Policy NO_AUTHN_POL -rule TRUE -action NO_AUTHN <!--NeedCopy-->This policy always evaluates as true, moving the user to the next factor or completing the authentication flow.
-
Bind the portal theme RfWebUI_custom to the NetScaler Gateway virtual server or NetScaler AAA virtual server.
Share
Share
In this article
This Preview product documentation is Cloud Software Group Confidential.
You agree to hold this documentation confidential pursuant to the terms of your Cloud Software Group Beta/Tech Preview Agreement.
The development, release and timing of any features or functionality described in the Preview documentation remains at our sole discretion and are subject to change without notice or consultation.
The documentation is for informational purposes only and is not a commitment, promise or legal obligation to deliver any material, code or functionality and should not be relied upon in making Cloud Software Group product purchase decisions.
If you do not agree, select I DO NOT AGREE to exit.